Surviving data breaches with robotic process automation
Data breaches have become so common that virtually no business or financial institution is safe. The 2015 Verizon Data Breach Investigation Report confirmed that the top three industries most affected were public, technology/information, and finance. Data breaches cause data integrity to be compromised, including important financial and personal customer information, which puts customers and the organization at risk for fraudulent charges and inaccurate financial records.
Even though large financial institutions may have the manpower capable of recovering data, which includes scraping all systems for last transactions, validating transactions and finances, and validating customer information, they run the risk of a major downtime in their systems and services to their customers. As banks acquire ever more data in today’s high-risk environments, they need effective methods of protecting that data and tactical strategies for accurate data recovery following a data breach.
Even though cybersecurity is increasingly recognized as a critical aspect of any merchant and business, the Verizon report found that 28.5% of all data breaches were attributed to point-of-sale attacks. Vulnerable merchants and nervous customers spurred the implementation of the EMV standard in the U.S., but EMV cards are still vulnerable to theft during card-not-present situations. Furthermore, when organizations are increasingly advancing their digital and mobile consumer platforms, these new “secure” credit cards still put customers and their financial institutions at risk for a Compromised Account Management System (CAMS) alert.
Fortunately, new technologies such as Robotic Process Automation (RPA) can empower banks and businesses to move forward following data breaches, providing them the robust capability to expedite data recovery, validate data integrity, and ensure that customers experience little downtime. RPA allows humans to utilize computerized robots to perform data-related processes that can integrate with various existing applications and data systems through a series of instructions created by the user directing the robot. The software can be scripted to perform any process the user may need.
The 2013 Target credit card data breach is, by far, the largest, and most familiar, data breach of recent times, affecting more than 70 million card holders and their associated financial institutions. Many banks did not even receive CAMS alerts until days later. In addition to the cost of the fraud, banks found that the data recovery process – hot carding, notifying, cancelling and reissuing credit cards and changing user codes – involved numerous employees and days to complete when performed by humans.
When performed by robots, however, this recovery took only hours. StonehamBank, a $462 million-asset bank, in Massachusetts, utilized RPA to notify and reissue all of their customer’s compromised credit cards within a mere 48 hours following the Target breach alert. With RPA, customers experience almost no downtime in accessing their finances while banks are able to recover their systems’ big data quickly and precisely following a data breach.
Beyond disaster recovery, financial institutions are now discovering the power of automation software to leverage the data in their systems to pinpoint unusual activity for the purpose of fraud prevention and protection. By setting up scripts that recognize inconsistent or anomalous transactions, banks can recognize data breaches early, preventing further financial damage to the customer and financial institution. In addition, financial institutions are banding together to contribute their data to large consortiums so that organizations such as FICO can assess the risk and provide rules for fraud detection. Incorporating these strategic rules into RPA software enables banks to enhance their data security.