A laptop, a book, and a smartphone on lockdown.
Mortgage applications require a huge amount of personal data.
Zillow’s educational post about mortgage application documents suggests more than 14 pieces of identifying data including an applicant’s social security status, employment history, income, and asset account balances. With a wealth of sensitive data, the potential for lenders as a target for identity thieves is extremely high.
In the post-Equifax regulation increase, it’s more important than ever for lenders to be careful with customer data. It’s the responsibility of financial institutions to keep their customers’ data safe.
Here are some ways that mortgage lenders can do their jobs while safely handling the personal data from mortgage applications.
Take Precautions with Customer Data
Lenders can do their part by informing customers about cyber security precautions they may be unfamiliar with.
First, encourage customers to send personal information via a secure online portal instead of email, which is susceptible to attack. To support transparency, lenders can publish privacy and security policies online where customers can access them easily. Finally, lenders should communicate to customers about what steps they are taking to protect their information.
This kind of open communication establishes trust and reassures customers that your company works hard to eliminate security threats.
Guard Against Phishing Scams
Beyond informing consumers, lenders can employ cyber security tools to guard against email-based attacks.
Hackers often send emails containing dangerous links disguised as normal work messages. The fake email messages can be quite sophisticated; using names and email addresses similar to people the recipient actually interacts with. This is called “phishing” and it is a type of email scam designed to make a person unwittingly provide information to outsiders.
Lenders should employ email safeguards such as EmailGuardian to protect loan officers from these phishing scams. This comprehensive cyber security product from mortgage software developers Access Business Technologies (ABT) uses multi-layered detection to identify suspicious messages and review incoming URLs for threats, spam, and malware.
Encryption Keeps Data Safe
Once email is established as a safe way for lenders to communicate, mortgage companies should amp up their data transfer security.
ABT offers another product called DocumentGuardian to give borrowers an easy way to send encrypted loan documents without having to register for an account. Customers should use this secure document drop portal to send all Non-Public Information (NPI) safely to loan officers.
The encryption feature keeps data from falling into the wrong hands by ensuring that only the correct recipient can decrypt the documents and access the data. By not requiring registration, lenders also avoid storing even more information that can be used to identify customers in the lending system.
Auto-Encryption Feature for Personal Data
With secure email and borrowers having a safe option for submitting personal data online, the final loophole that customers worry about is human error.
Though loan officers are knowledgeable about safety precautions and generally tech-savvy, everybody is human. People make mistakes. In the name of convenience and customer service, over 70% of mortgage lenders may be putting customers at risk by accepting loan application documents via unsecured email. The study cited speed and customer service as reasons for loan officers to bypass more secure channels. If they will take incoming data through secure channels, chances are outgoing messages aren’t completely on the level.
ABT’s EmailGuardian not only guards against phishing as mentioned, it also has an auto-encrypt feature that guards against accidental data breach by staff. If a loan officer inadvertently sends an email with NPI contained in the body of the message, the email will automatically be encrypted on its way out of the system.
This capability protects both the loan officer and the lending company from tripping up and creating unintentional liabilities.
The mortgage application process is fraught with security risks due to the amount and quality of personal data being collected for modern-day mortgage applications over the internet. Though ripe for potential breaches, mortgage lenders and borrowers can ensure the security of their conversations and data sharing by taking precautions and using cyber security tools developed especially for the mortgage industry.
With encrypted data, secure portals, and safety nets in place to handle human error, borrowers can have peace of mind that their data is safe with your company.
Visit Access Business Technologies to learn more about how mortgage lenders can successfully safeguarding their company and their customers’ data.