Preventing bank fraud: The role of antifraud technology and human behavior
The requirements and standards for information security are continuously being enhanced and revised, driven by various external factors such as the COVID-19 pandemic and the rising expertise of cyber attackers. As a result of this cyber arms race, novel methods and vectors of attacks are emerging. In addition, an increasing number of people in the world are utilizing mobile devices and other remote work means.
This poses additional security challenges. Implementing antifraud systems in financial institutions can considerably mitigate the impact of both traditional and new types of fraudulent schemes.
Challenges faced by banks
Notably, patterns of user behavior have undergone substantial shifts. COVID-19 has caused an increase in the number of transactions over the Internet and a decrease in spending on transport and tourism. Moreover, many individuals have experienced reduced income streams, leading to an overall decline in spending across certain user categories, indicating changes in spending patterns.
As a result of the implementation of restrictive measures and the consequent rise in stress levels, perpetrators have more opportunities to carry out social engineering techniques through simple acts of intimidation. One scam that has seen an upswing is where fraudsters pose as bank security officials.
It is essential to highlight also that there has been an increase in legitimate channels for directing individuals to scam schemes via mainstream advertising mediums like Google and Facebook. Typically, this is done through false advertisements for social aid programs or offers to complete surveys.
There is also an increase in hiring fresh recruits for various unlawful ventures. Facing financial hardship, quite a few people have started searching for new income sources. This has led them to engage in various forms of online criminal activity. This includes participating in schemes that use individuals as money mules or employ people to work in illegal call centers.
In the past, there was often a preexisting sense of caution towards unsolicited online job offers. The pandemic has diminished vigilance (without actually raising computer and financial knowledge.) Consequently, there has been a rise in the frequency of social engineering attacks, computer virus infections, and identity theft.
How to identify and stop bank fraud?
Experts recommend setting up a cross-channel fraud prevention system to instantly identify any illicit transactions. To conduct a thorough analysis, this system should leverage a combination of techniques to detect abnormal activities, using both machine learning technologies (through a risk assessment module) and rule-based methods (via a policy module).
The fraud assessment should be based on user and event profiles and derive a collection of characteristics, which can then be employed by the probabilistic model to determine risk levels. The central model can take the form of a custom-built Bayesian tree, where the nodes serve as a probability score for various combinations of features and events.
By employing the policy module and its original rules, the bank can establish its own unique business scenarios and combine the final risk evaluation produced by the scoring module and a variety of other indicators drawn from user profiles and other objects.
Here are the benefits of implementing this approach:
- By deploying a unified model, it is possible to identify both atypical behavior and instances analogous to known fraudulent activities.
- Dependence on third-party systems for profiling objects is reduced significantly, and banks do not need to constantly obtain data from external databases.
- The models can be retrained seamlessly based on new user data.
Banks have a problem when they verify transactions
Banks cannot be entirely sure that everything is safe. A malicious individual can present a counterfeit identification card to a bank and authorize a transaction denied by the antifraud system earlier. Banks want to know a lot about their clients and look at the transactions carefully, but they only keep data for a relatively short time (several months), and the system must give an answer in a matter of seconds, as per the SLA agreement. This makes it hard for banks to be completely certain about every transaction.
If banks launch more targeted and supplementary checks, it is possible to lower the chances of mistakes. Typically, this approach is sufficient to achieve a balance between the risk of not detecting fraud and the expenses of verifying authentic events, which can be delayed, disputed, or blocked.
Legitimate users vs. attackers and bots
Banks rely on behavioral and technical indicators to differentiate bots and malicious actors from legitimate users. Different markers are employed for detecting fraud here. For instance, temporarily freezing a user's account is relatively easy and often used if the user initiates multiple identical actions. This method is an example of a simple behavior-based evaluation relying on technical signs.
The riskiest attack types involve social engineering, especially when someone close to the target, whom they trust, is used. In such situations, high-level behavioral indicators are the only way to prevent or slow down an illicit operation. If a user's data is leaked (possibly leading to identity theft), behavioral analysis allows banks to prevent risky transactions in a timely manner.
Insider threat
Employees working from home connect to the organization's workplace using VPN or other protected channels. This makes it harder for external cybercrooks to attack them. At the same time, detecting strange activity is challenging when malicious employees remotely request details about a specific bank client, as this represents their routine work tasks. Since there is no one to oversee remote employees, monitoring them with the help of their own computer's webcam is the best solution, just like how security officers supervise the office space via video surveillance cameras.
Naturally, cameras may not be capable of identifying deceitful behavior if an employee remains still and does not make any movements. Nevertheless, modern surveillance systems have become more intelligent. With the help of artificial intelligence and previously accumulated information, banks can perform a combined risk evaluation and swiftly take action when unusual employee behavior is spotted. Additional security elements can be used and function as an agent installed on a device or through a web interface, or incorporated into a banking app.
Secure perimeters and fraud prevention
The current state of affairs shows that traditional secure perimeters of organizations are no longer effective in preventing fraud. The previous approach, where all events and data inside the perimeter were considered legitimate while anything outside was considered risky, is now outdated. It is now essential to verify and protect data at multiple levels of interaction to prevent a single breach from compromising the entire ecosystem. At each payment stage, all critical data should be gathered, potential risks evaluated, and a decision made on how to proceed with the transaction.
Cloud antifraud tools
When banks move to the cloud, certain common risks within the organization can be reduced because some functions are assigned to third-party providers who do not intend to compromise the system. With a cloud setup, antifraud scoring can even get better since data from different sources can be put together, building profiles of more objects and creating a shared pool of information on user behavior.
However, there are some human-related risks too. They include the chance of attacks from cloud provider personnel or data breaches due to bank employees not knowing data can be available to outsiders. To fix this, some sensitive data should be encrypted before it leaves the company's perimeter, and the remaining data is enough to get a good risk evaluation.
Antifraud systems in other fields
Antifraud solutions can be (and are) successfully used in various fields, such as payment services like VISA, PayPal, and Western Union, as well as large online marketplaces and stores like Amazon and other services like Uber.
Trends in fighting bank fraud
Firstly, new technologies are being successfully utilized for monitoring employee activity and automating the roles most susceptible to fraud. This helps a lot in preventing internal threats. Secondly, smaller banks that struggle to secure their systems are moving protection systems to the cloud, with antifraud tools being the first to be implemented. Artificial intelligence is developing rapidly and being widely used for fraud prevention. In the future, third-party information system integration will increase, as already observed with credit scoring. Additionally, novel tools will surface to secure less commonly used services and payment channels.
Image Credit: Gustavo Frazao / Shutterstock
Alex Vakulov is a cybersecurity researcher with over 20 years of experience in malware analysis. Alex has strong malware removal skills. He writes for numerous tech-related publications sharing his security experience.