Craig Priess Mar 18, 2015

Behavioral analytics for detecting fraud

We live in dangerous times, when it’s not uncommon for criminals to know more about the identity of a bank’s customers than the bank itself. Due to vast amounts of data available to criminals and their clever ability to masquerade as customers, financial institutions (FIs) find it increasingly difficult to trust that their customers truly are who they say they are. At the same time, there is tremendous competitive pressure among FIs, pushing them to introduce new banking services that further increase risk at a time when those risks are already at an unprecedented level.

For example, new malware strains, data breaches, email mining and new fraud tactics are constantly appearing. When augmented by what people willingly share on social networks, criminals can gain an unprecedented amount of personal information. The combination of data-stealing malware and social engineering techniques can help fraudsters build profiles of account holders as well as bank employees.

The ramifications are far-reaching and impact how FIs introduce new services and try to protect customers while controlling operating costs. Declining customer trust and increasing competitive pressure is encouraging banks to look for new security strategies to validate that users are who they say they are and their actions are not being criminally manipulated.

Fortunately, FIs have an asset the criminals don’t have: a rich history of account holder interactions with the institution. Customer behavior is a bank’s greatest asset in its effort to prevent fraud.

Unique Behaviors

Each individual customer has his or her own unique banking behavior, consisting of a detailed, multi-faceted combination of timing, sequence, devices, locations, channels and the financial and non-financial activities performed via those channels. In any fraud attack, the criminal will do something unusual or suspicious relative to this typical or expected client behavior.

Mitigating fraud risk historically has involved either the FI throwing bodies at the problem or placing the burden on account holders. The gates that banks put in place, such as endpoint protection, positive pay, MFA/KBA, out-of-band authentication, tokens, call backs, or dual controls, create friction and negatively impact the customer experience and satisfaction while only marginally improving security. Behavioral analytics, by contrast, automatically monitors all account holders, without requiring them to install any software, change the banking experience, or adopt some new security process. The bank can then take responsibility for their customers’ security and protect their assets.

Behavioral analytics solutions are designed to understand the normal behavior of each individual account holder, calculate the risk of each new activity and then choose intervention methods commensurate with the risk. The key characteristics that make behavioral analytics effective are automatically monitoring all activity for all account holders, not just devices or transactions; no requirement for prior knowledge of the specific fraud that the perpetrator is attempting; and providing detailed historical context for suspicious activity.

The earlier fraudulent activity is detected, the easier and less costly it is to prevent. Behavioral analytics will detect the early stages of a fraud attack, before a transaction is initiated. For example, it will detect account reconnaissance and fraud setup activities such as changing contact information. And because it is based on behavior, it will detect anomalous activity regardless of the type of attack, even newly emerging schemes.

Behavioral analytics also provides context for all anomalous activity, which is extremely helpful for investigations and when contacting the customer when something is suspicious. Knowing prior activity, what is normal and the specific details of what makes the current activity high-risk, makes it possible to determine whether the activity truly is fraudulent or can be explained.

By using behavioral analytics to detect suspicious activity, FIs will once again know when a user is legitimate (and engaged in legitimate activity) and not an imposter. Banks will regain trust that customers are who they say they are because while fraudsters can worm their way past any identity-based authentication control, they can’t fully mimic the behavior of their victims.

Mr. Priess is founder and vice president, products, of Mountain View, Calif.-based Guardian Analytics. He can be reached at cpriess@guardiananalytics.com

BAI Banking Strategies

Thank you for visiting BAI Banking Strategies. To view more, please Subscribe or Login.

Dismiss