The UK’s new Online Safety Act has triggered a boom in VPN usage that could make it harder to spot fraud in mortgage applications.
Swiss-based Proton, the company behind a leading VPN app, saw UK sign-ups surge 1,400% within minutes of the Act’s age restriction rules going live last month.
Now Fraser Mitchell (main picture, inset), chief product officer at compliance specialists SmartSearch, claims the same technology that lets teenagers dodge website blocks could also help fraudsters hide their true location during mortgage onboarding.
CRIMINAL LOOPHOLE
He said: “For just a few pounds a month, anyone can download an app, select a different country, and instantly appear to be logging in from a jurisdiction where age restrictions don’t apply.
“It’s a loophole that undermines the entire intent of online safety legislation, enabling not just underage access to restricted sites, but also creating a blind spot that criminals can exploit for far more serious offences.”
For mortgage brokers and lenders, that “serious” could mean identity theft, fake employment records, or attempts to launder money through property purchases.
RED FLAG
Mitchell warned: “If someone claims to live in the UK, uses a UK mobile number, yet is connecting via a VPN in another region, it should raise a red flag. Modern location-detection tools can spot these discrepancies and stop a fraudulent account before it gets anywhere near an approval.”
While VPN-detection tech is readily available, many online platforms, even in financial services, don’t deploy it due to cost concerns. Mitchell says that’s a dangerous gamble.
“If legislation like the Online Safety Act is to truly protect people, it must be backed by technology that can keep pace with workarounds like VPNs. Without it, the risks to both users and businesses will only continue to escalate.”
