Untitled design (14)

(800) 931-7423

Untitled design (17)

[email protected]

Every Signature Tells a Story

Open Notary Positions
NOTARIZE NOW
GET SOFTWARE & SERVICES
Untitled design (14)

(800) 931-7423

Untitled design (17)

[email protected]

NOTARIZE NOW
GET SOFTWARE & SERVICES

Fraud Doesn’t Enter at One Point. Neither Should Verification.

Fraud

Ask a fraud team where identity verification belongs, and the answer is almost always the same: onboarding. Verify the applicant before you open the account. That’s the conventional playbook.

It’s also often an incomplete one.

Fraud doesn’t follow a single entry point. It splits into two distinct categories that look different, behave differently, and strike at different moments:

  • New account fraud uses fabricated or stolen identities to create accounts that should never exist.
  • Account takeover fraud bypasses the front end entirely, targeting accounts that are already open, already active, and already trusted.

The scale of both is hard to ignore. The Javelin 2026 Identity Fraud Study found that new account fraud hit 5.4 million victims in 2025, up 31% from the prior year, with losses reaching $7 billion. Account takeover remained even more expensive, topping $15 billion and impacting 6 million consumers. TransUnion reported a 141% increase in digital account takeover volume over a four-year span.

An institution that only fortifies one of these stages is leaving the other exposed. And the data suggests both deserve serious attention.

At the Front Door: Replacing Automated Gaps with Live Verification

The onboarding stage has a well-documented vulnerability. TransUnion’s fraud data shows that 8.3% of all digital account creation attempts in the first half of 2025 were flagged as suspected fraud. That rate climbed 26% in a single year. Account creation has become the highest-risk stage in the customer lifecycle, according to TransUnion’s data.

Automated identity checks can filter out some of these attempts. They match names to databases, run credential checks, and flag obvious inconsistencies. But they’re working against a growing category of fraud that’s built specifically to defeat them. Manufactured identities cobbled together from real and fabricated data points are designed to look legitimate on paper. They clear automated gates because those gates weren’t built for this kind of threat.

Remote online notarization adds layers that automation alone may not be able to replicate. Before an account is created, the applicant joins a live video session with a commissioned notary. The notary reviews a government-issued photo ID in real time that has been authenticated by a third-party credential analysis service, completes two-factor identity verification through a one-time code sent to the applicant’s registered device, assesses the person on camera, and oversees the signing of a legal affidavit confirming the applicant’s identity. It’s a human-verified step with legal weight, inserted directly into the origination workflow.

For institutions processing high volumes of new accounts, this kind of front-end review can also streamline what used to be a drawn-out process. Instead of multi-day documentation cycles and manual back-and-forth, the verification can often be completed in a single session. Thorough doesn’t have to mean slow.

At the Side Door: Closing the Reactivation Loophole

The second vulnerability is the one that tends to get less scrutiny. And that may be exactly why it works so well for fraudsters.

When an account is flagged and locked for suspicious activity, the institution needs to verify that the person requesting reactivation is the legitimate cardholder. In many cases, that process happens over the phone. The caller recites some personal details. They answer a security question or two. The account is unlocked.

The assumption behind this workflow is that only the real cardholder would have those answers. But that assumption doesn’t hold up well. If the account was compromised through a breach, a phishing attack, or credential harvesting, the person on the phone may already know everything they need to know. They’re not breaking through the verification. They’re walking through it.

This isn’t a fringe scenario. TransUnion’s call center research found that nearly two-thirds of financial industry respondents indicated that most account takeovers start in the call center. The reactivation process, designed to protect the cardholder, can become the mechanism that hands the account back to the wrong person.

Applying remote online notarization at this stage changes the dynamic. Instead of answering questions over the phone:

  • The person requesting reactivation joins a live video session.
  • The person requesting reactivation goes through two-factor authentication,
  •  A notary reviews their verified ID on camera to perform a visual comparison.
  • They sign a sworn statement confirming they are the account holder.

The bar moves from “do you know the right answers?” to “can you prove who you are?”

That’s a fundamentally different question. And it’s one that someone operating with stolen credentials is unlikely to be able to answer.

Same Standard, Two Trigger Points

What’s worth noting about this approach is that it doesn’t require two separate systems. The same verification infrastructure can serve both stages:

  • At origination, it screens out applicants who shouldn’t be getting through.
  •  At reactivation, it confirms that the person requesting access is the person who belongs there.

Both sessions produce the same output:

  • A recorded video
  • A signed affidavit
  • Metadata including IP and geolocation at the time of the session

Whether the institution needs that record for an onboarding review or a post-lockout investigation, it exists in the same format, captured through the same process.

The institutions running verification at both of these trigger points are operating with coverage that most of their peers don’t yet have. They’re not choosing between protecting against new account fraud or account takeover. They’re doing both, with the same tool.

The Fraud You Aren’t Measuring

Here’s the gap that doesn’t surface in most fraud reports. New account fraud and account takeover fraud are typically tracked by different teams, measured against different benchmarks, and managed with different tools. They show up in different columns on different dashboards.

But from the fraudster’s perspective, they’re just two routes to the same destination. If one is blocked, they try the other. An institution with airtight onboarding verification and a phone-based reactivation process has locked one door and left the other propped open.

The question worth asking isn’t just “how strong is our onboarding verification?” It’s “what happens when an account we already opened gets compromised?” If the answer is a phone call and a few security questions, there’s a gap worth closing.

Verification at onboarding is essential. Verification at the account level is just as essential. The institutions making the most progress on fraud prevention may be the ones that have recognized these aren’t two separate initiatives. They’re one strategy, applied at the two moments that matter most.

This is the final article in a three-part series on identity verification for financial institutions. The first article, Catching Fraud Before the Damage Is Done, examines why moving verification to the front of the customer lifecycle changes the cost equation. The second, The Affidavit as Evidence, explores why the verification record itself has become a compliance and investigation asset.

Frequently Asked Questions

What is the difference between new account fraud and account takeover fraud?

New account fraud involves using stolen or manufactured identity information to open an account that shouldn’t exist. Account takeover fraud involves gaining unauthorized access to an account that’s already open and active, typically through compromised credentials. They target different stages of the customer lifecycle and tend to require different interventions.

Why is phone-based reactivation considered a risk?

Phone-based reactivation typically relies on personal information and security questions. If the account was compromised through a data breach or phishing, the fraudster may already have those answers. TransUnion’s call center research found that nearly two-thirds of financial industry respondents said most account takeovers originate in the call center, suggesting that phone-based verification isn’t a sufficient barrier.

How does remote online notarization work at the account management stage?

When an account is locked for suspected fraud, the person requesting reactivation can be routed through a live video session with a commissioned notary. As part of the notary process, the individual completes two-factor authentication including credential analysis where a third-party vendor authenticates their government issued photo ID and knowledge-based authentication. The notary then reviews their government-issued ID on camera to compare the photo on the ID to the individual in real time, and the individual signs a legal affidavit confirming their identity. This raises the verification bar from a single security layer to documented, video-recorded identity confirmation backed by device, knowledge, and notarial verification. 

Does adding verification at reactivation slow down the customer experience?

It doesn’t have to. A remote online notarization session can typically be completed in minutes. For legitimate cardholders, it may actually be faster than the alternative: hold times, call transfers, and multiple rounds of security questions over the phone. The process adds rigor without necessarily adding friction.

How significant is the account takeover problem?

According to Javelin’s 2026 Identity Fraud Study, account takeover losses exceeded $15 billion in 2025 and the number of victims rose 18% year over year to 6 million. TransUnion’s data shows a 141% increase in digital account takeover volume between 2021 and 2025. It remains the costliest category of identity fraud.

Can the same verification process be used at both onboarding and account reactivation?

Yes. The same remote online notarization infrastructure can serve both stages. At onboarding, it screens applicants before an account is created. At reactivation, it confirms the identity of the person requesting access to a locked account. Both sessions produce the same output: a recorded video, a signed affidavit, and session metadata that can be retained for future reference or investigation.

This post is for informational purposes only and doesn’t represent legal advice.

Sources Referenced

Javelin Strategy & Research, 2026 Identity Fraud Study: The Illusion of Progress (April 2026)

TransUnion, H2 2025 Update: Top Fraud Trends Report (October 2025)

TransUnion, H1 2026 Update: Top Fraud Trends Report (April 2026)

TransUnion, Call Center Fraud Report (2023)

Table of Contents

Related Reading

Get Started

Explore the benefits of our platform or notarizing starts with one click. 

GET STARTED

| CONTACT

(800) 931-7423
General:
[email protected]
Real Estate:
[email protected]
Cancellations: [email protected]

Open Notary Positions

| INDUSTRIES

Real Estate
Auto
Credit Cards
Healthcare
Financial Services
Insurance
Legal
Fintech

| PLATFORM

Independent Notary Software
Software Licensing
Contract Notary Services
Custom Solutions

| SERVICES

eClose Quickstart
eSign
Identity Verification
Remote Online Notarization
Service Status

| TRUST

Privacy Policy
Terms of Service
Cookie Settings
Your Privacy Choices Your Privacy Choices
SOC 2 Type 2 Compliant MISMO Certified Compliant RON NIST Compliant

© Copyright- NotaryCam, Inc. Online Notary Public 2026