an increase in the range of banking services, the comfort and capabilities of the client are constantly growing. But at the same time, risks also increase, and, accordingly, the level of requirements for ensuring the security of the client's finances increases.
The annual damage from financial fraud in the field of online payments is ≈200 billion $. 38% of them are the result of theft of personal data of users. How can these risks be avoided? Antifraud systems help in this.
A modern anti-fraud system is a mechanism that allows, first of all, to understand the behavior of each client in all banking channels and track it in real time. She is able to identify both cyber threats and financial fraud.
It should be noted that defense often lags behind the attack, so the goal of a good anti-fraud system is to reduce this lag to zero and ensure timely detection and response to emerging threats.
Today, the banking sector is gradually updating the fleet of outdated anti-fraud systems with newer ones, which are created using new and improved approaches, techniques and technologies, such as:
- work with large amounts of data;
- machine learning;
- Artificial Intelligence;
- long-term behavioral biometrics
- and others.
Thanks to this, new generation anti-fraud systems show a significant increase in
efficiency, while not requiring significant additional resources.
The use of machine learning and artificial intelligence, information from financial
cybersecurity analytical centers reduces the need for a large staff of
highly qualified specialists and makes it possible to significantly increase the speed and
accuracy of event analysis.
Combined with the use of long-term behavioral biometrics - to identify "zero-day attacks" and minimize the number of false positives. The anti-fraud system must provide a multi-level approach to ensuring transaction security (end device - session - channel - multi-channel protection - use of data from external SOCs). Security does not have to end with user authentication and transaction integrity checking.
A high-quality modern anti-fraud system allows you not to disturb the client when there is no need for it, for example, by sending him a one-time password to confirm the entrance to his personal account. This improves his experience in using the bank's services and, accordingly, ensures partial self-sufficiency, while significantly increasing the level of trust. It should be noted that the anti-fraud system is a critical resource, since the stoppage of its operation can lead either to the stoppage of the business process, or, if the system does not work correctly, to an increase in the risks of financial losses. Therefore, when choosing a system, one should pay attention to the reliability of operation, security of data storage, fault tolerance, and scalability of the system.
An important aspect is also the ease of deployment of the anti-fraud system and the ease of its
integration with information systems of the bank. At the same time, you need to understand that
integration should be the minimum necessary, since it can affect the speed and
efficiency of the system.
It is very important for the experts' work that the system has a convenient interface and makes it possible to receive the most detailed information about the event. Setting up scoring rules and actions should be easy and straightforward.
Today, there are a number of well-known solutions on the antifraud systems market:
ThreatMark
The AntiFraudSuite solution from ThreatMark, despite its young age in the antifraud systems market, managed to come to the attention of Gartner. AntiFraudSuite includes the ability to detect cyber threats and financial fraud. The use of machine learning, artificial intelligence and long-term behavioral biometrics makes it possible to identify threats in real time and has a very high accuracy of responses.
NICE
Nice Actimize from NICE belongs to the class of analytical platforms and allows you to detect financial fraud in real time. The system protects all types of payments, including SWIFT / Wire, Faster Payments, BACS SEPA payments, ATM / debit transactions, bulk payments, invoice payments, P2P / postal payments, and various forms of internal transfers.
RSA
RSA Transaction Monitoring and Adaptive Authentication from RSA belongs to the class of
analytical platforms. The system detects fraudulent attempts in real time and monitors transactions after the user logs in to protect against attacks like MITM (Man in the Middle) and MITB (Man in the Browser).
SAS
SAS Fraud and Security Intelligence (SAS FSI) is a unified platform for solving the problems of preventing transactional, credit, internal and other types of financial fraud. The solution combines fine-tuning of business rules with machine learning technologies to prevent fraud while minimizing false positives. The system includes built-in mechanisms for integration with online and offline data sources.
F5
F5 WebSafe is the financial cyber threat protection solution from F5. It detects account theft, signs of malware infection, keylogging, phishing, remote access Trojans, as well as attacks such as MITM (Man in the Middle), MITB (Man in the Browser) and MITP (Man in the Phone). ).
IBM
The IBM Trusteer Rapport from IBM is designed to protect users from credential hijacking, screen capture, malware, and phishing attacks, including attacks such as MITM (Man in the Middle) and MITB (Man in the Browser). To do this, IBM Trusteer Rapport uses machine learning technologies to automatically detect and remove malware from the endpoint device, ensuring a secure online session.
Guardian Analytics
The Digital Banking Fraud Detection system from Guardian Analytics belongs to analytical platforms. At the same time, Digital Banking Fraud Detection protects against attempts to hijack a client's account, fraudulent transfers, phishing, and MITB (Man in the Browser) attacks in real time. A profile is created for each user, on the basis of which anomalous behavior is recognized.
The choice of an anti-fraud system should be primarily based on understanding your needs: it should be an analytical platform for detecting financial fraud, a solution to protect cyber threats, or a comprehensive solution that provides both. A number of solutions can be integrated with each other, but often - a single system that allows us to solve the tasks before us will be most effective.
Author: Artemy Kabantsov, Softprom