It’s no secret that fraudsters use weakness and vulnerability to their greatest advantage, and they move fast. Fighting fraud is a reoccurring cat-and-mouse game, and it’s unlikely to change in the future, especially with the use of digital channels continuing to rise. According to a recent study conducted by Forbes and VMWare, the number of consumers that have been targeted of digital fraud related to COVID is now over 30% and in just the first five months of 2020, financial fraud has increased 283%.

This month’s blog consists of a series of posts featuring a fireside chat discussion with Jim Stickley, CEO of Stickley on Security and a well-known cyber security expert. As we shared in part 1 of this blog series member fraud always seems to come down to one thing: identity theft. Account takeover fraud is a type of identity theft where a fraudster gains access to their victim’s accounts, then makes non-monetary changes that may include modifying personal identifiable information (PII), requesting a new card or adding an authorized user. The weakest channel where this type of fraud takes place is in the call center.

“When authentication approaches are tied to human interaction, you are always going to have a higher risk of fraud,” says Jim Stickley. “People want to believe people.” Cyber criminals have adapted their attacks and are mimicking consumer behavior as closely as possible and attacking the institutions themselves. Social engineering continues to play a major role in many attacks.

Most credit union call centers rely on knowledge-based authentication—asking members to prove their identity by supplying personal information such as their account number and mother’s maiden name—to grant access to member accounts and commit fraud. Answers to these questions can be easily found on genealogy web sites or on social media. When conducting authentication that is based on something you know, you have to assume somebody else knows it too.

According to Stickley, the dark web makes social engineering such much easier. Personal information about an individual, like name, address, date of birth, and social security number are being sold on the dark web for only $1 as a “full account” used for account takeover purposes.

With MemberPass, this type of fraud and other phone-based fraud methods can be stopped in 14 seconds or less and takes the friction out of the member experience. “MemberPass is a really simple way to address a problem that otherwise can’t be solved,” says Stickley.

Credit unions have a turnkey, affordable digital identity solution that will safeguard members’ personal information across all channels and eliminate the need for knowledge-based questions. Taking the first step toward creating digital trust between your credit union and your members is easy. To learn more about MemberPass and how to participate in the MemberPass Trust Registry, send us an email requesting a list of FAQs or a demo, register to attend one of our webinars, or visit us at

CULedger, a credit union service organization, offering MemberPass, the simplest, most secure solution to verify your members through leveraging touch-less, privacy-enhancing technology to protect credit unions and their members from identity theft and fraud. Visit or email us at