University of Illinois Red Flags Rule Best Practices for Units that Provide Goods or Services that Are Paid for Later

• Documents provided for identification appear to have been altered or forged.
• The photograph or physical description on the identification is not consistent with the appearance of the applicant or customer presenting the identification.
• Other information on the identification is not consistent with information provided by the person opening a new covered account or customer presenting the identification.
• Other information on the identification is not consistent with readily accessible information that is on file with [the University/unit], such as a signature card or a recent check.
• An application appears to have been altered or forged, or gives the appearance of having been destroyed and reassembled.

Suspicious
personal[ly] 
identifying information

• Personal[ly] identifying information provided is inconsistent when compared against external information sources used by [the University/unit]. For example:
  • The address does not match any address in the consumer report; or
  • The Social Security Number (SSN) has not been issued, or is listed on the Social Security Administration’s Death Master File.
• Personal[ly] identifying information provided by the customer is not consistent with other personal[ly] identifying information provided by the customer. For example, there is a lack of correlation between the SSN range and date of birth.
• Personal[ly] identifying information provided is associated with known fraudulent activity as indicated by internal or third-party sources used by the [University/unit]. For example:
  • The address on an application is the same as the address provided on a fraudulent application; or
  • The phone number on an application is the same as the number provided on a fraudulent application.
• Personal[ly] identifying information provided is of a type commonly associated with fraudulent activity as indicated by internal or third-party sources used by [the University/unit]. For example:
  • The address on an application is fictitious, a mail drop, or prison; or
  • The phone number is invalid, or is associated with a pager or answering service.
• The SSN provided is the same as that submitted by other persons opening an account or other customers.
• The address or telephone number provided is the same as or similar to the account number [sic] or telephone number submitted by an unusually large number of other persons opening accounts or other customers.
• The person opening the covered account or the customer fails to provide all required personal[ly] identifying information on an application or in response to notification that the application is incomplete.
• Personal[ly] identifying information provided is not consistent with personal[ly] identifying information that is on file with [the University/unit].
• For [units] that use challenge questions, the person opening the covered account or the customer cannot provide authenticating information beyond that which generally would be available from a wallet or consumer report.

Notice from customers, victims of identity theft, law enforcement authorities, or other persons regarding possible identity theft in connection with covered accounts held by [the University/unit]

• [The University/unit] is notified by a customer, a victim of identity theft, a law enforcement authority, or any other person that [the University/unit] has opened a fraudulent account for a person engaged in identity theft.