November 19, 2018
November 13, 2018
A large multinational bank that ranks among the top 20 in the world was receiving negative feedback from customers frustrated by friction they were experiencing at login. Given its global presence and the proliferation of financial services cybercrime, the bank was a prime target for cybercriminals and had tightened its security procedures to try and reduce fraud losses.
The bank approached ThreatMetrix to:
ThreatMetrix added intelligent customer authentication in front of the existing multi-factor authentication (MFA) solution to accurately identify returning customers. After the success of the initial deployment, the bank also leveraged ThreatMetrix to address Office of Foreign Asset Control (OFAC) requirements.
Customer experience is a critical business metric for this multinational bank that provides online and mobile account access in addition to 1,000 branch offices. The bank also provides retail and commercial banking, wealth management, and insurance services to over 22 million customers.
Customer satisfaction metrics declined as a direct result of the bank’s heightened authentication security policy that was implemented to stem growing cybercrime activities. The bank observed that the existing solution was not accurately identifying returning customers. Many trusted customers were labeled as suspicious and were forced to go through extra authentication steps to access their accounts. Furthermore, the tighter security policies also increased call center costs related to password reset.
Customers were becoming frustrated by not being able to access their accounts in a timely manner using new devices. Without a means of easily profiling these devices, customers were required to contact the call center to establish their identity and reset their password. This further increased the bank’s operational costs and added unnecessary friction to trusted customers trying to access their accounts.
This observation was consistent with a ThreatMetrix study* that identifies a 33 percent failure rate when returning customers attempt to complete step-up challenges. This equates to 1 out of 3 customers failing to pass their own security challenges. It turns out that traditional solutions present three major challenges:
By placing the ThreatMetrix solution in front of its existing solution, the bank was able to authenticate returning users at login and dramatically reduce the need for customers to contact the call center.
This was achieved by leveraging the following key intelligence from the ThreatMetrix Digital Identity Network to authenticate a user’s true identity:
The ThreatMetrix Digital Identity Network harnesses global shared intelligence from millions of daily consumer interactions, including logins, payments and new account applications. Using this information, ThreatMetrix stitches together a user’s true digital identity by analyzing the myriad connections between devices, locations and anonymized personal information.
The new combined solution now delivers real-time analysis to quickly identify trusted customers from cybercriminals – protecting millions of online and mobile transactions. With the intelligence gained from ThreatMetrix, the bank extended the solution to better address OFAC requirements.
OFAC administers and enforces economic and trade sanctions against certain foreign countries and organizations to support U.S. national security and foreign policy objectives. U.S. banks, in particular, must abide by OFAC regulations.
Apart from checking all transactions/individuals/enterprises against the Specially Designated National (SDN) list, the bank must know with a high degree of certainty who their customers are and where they are located. In addition, the bank must be certain that transactions do not originate in countries or from organizations that are subject to penalty sanctions.
With ThreatMetrix, access attempts from restricted locations were identified and flagged in real time. These transactions were marked as high risk by detecting the presence of proxies/VPNs to mask true location as well as by identifying previously flagged cybercriminals using global shared intelligence.