The Financial Services Authority (OJK) reported a 3.56% (YoY) increase in premium income for the insurance industry in Indonesia, reaching 290.21 trillion rupiah from January to November 2023.
The increase in premium income, accompanied by the rising risk of personal data misuse, should be a concern for the insurance industry. One looming threat is deepfake fraud. Although this technology has been widely used to create entertainment content, deepfake has become a new tool for fraud, threatening the security of verification processes.
What types of deepfake fraud can occur in the insurance industry?
1. False Medical Records
Deepfake can be used to create false medical records, including electronic medical records (EMRs), which are crucial in determining the validity of insurance claims. Manipulating medical records leads to inaccurate diagnoses, misdiagnoses, and even fraudulent claims of medical conditions, resulting in financial loss and potentially harming the health of individuals involved.
2. False Health Evidence
In addition to false medical records, deepfake can also be used to create false diagnoses. Fraudsters can impersonate patients and provide fake photos, videos, or audio recordings to support or deny insurance claims. This manipulation then triggers misunderstandings between patients and insurance companies, leading to financial losses.
3. Identity Theft
Similar to manipulating medical records, deepfake can also be abused to gather patients' personal data through unauthorized access to insurance applications. This personal data is then used to breach other accounts such as banks.
What steps can be taken to prevent insurance fraud?
1. Strengthening identity verification and authentication security
Identity verification occurs when new users register for insurance applications. Verification takes place in several stages, including entering personal identity (ID) and facial biometric data. Because it involves personal identity, verification requires a robust system to ensure that only legitimate users can access the account. The same level of security should also be applied to authentication. This process occurs when registered users intend to take actions such as uploading medical records, claiming insurance, or paying premiums.
2. Implementation of digital signatures
The use of digital signatures in health insurance offers a secure and efficient way to sign electronic documents. A valid digital signature for important documents is not one that can be easily forged but must have an Electronic Certificate. This certificate has configurations that can be linked to verified personal data during registration. Digital signatures are required for medical records, patient registration letters, and insurance claim forms.
The increasing use of deepfake in healthcare services and insurance claims significantly affects the integration of these two services. This not only causes financial losses for insurance companies but also damages trust between policyholders and health insurance providers. Therefore, it is crucial for insurers to strengthen the security of their applications to prevent unauthorized access to policyholders' accounts.
Don't let medical records and personal data fall into the hands of deepfake scammers. Read more about Verification and Digital Signatures.