September 20, 2018
Financial services fraud has shifted and evolved alongside the rapid adoption of digital technologies; card fraud enhancements, such as the introduction of chip technology, have driven fraud onto online accounts. Fraudsters are becoming adept at leveraging credentials stolen in large-scale data breaches to open fraudulent accounts, launch increasingly sophisticated account takeover attacks and engage genuine customers in social engineering scams. In order to protect both customer and organization from considerable financial loss, as well as protect the customer from compromise and widespread violation of their online relationships and credentials, financial institutions must rethink the way they authenticate customers online.
The Changing Face of Fraud in Financial Services
The increasingly global digital economy is having a transformative effect on financial services. As more customer interactions shift online and to mobile, so too is fraud with cybercriminals looking to exploit the multiple touchpoints along the customer journey – from login and account access, to payments.
Using ThreatMetrix behavioral analytics, called Smart Rules, Lloyds Banking Group was able to distinguish genuine customer behavior from potential fraud. Using just three Smart Rules, Lloyds estimated savings of £500k in the first year alone.1
Motivated by large monetary gain and armed with stolen credentials gained from countless data breaches, fraudsters are using this information to target financial institutions and open new accounts. At a huge cost to financial institutions, in both reputational and monetary losses, cybercriminals are using fraudulent accounts to:
- Apply for credit or loans
- Purchase additional products or services
- Change account details or information, such as password or beneficiaries
- Make unauthorized payments
- Engage in money mule scams
- Defraud legitimate customers
Financial institutions are faced with having to detect and block fraudulent accounts and transactions among the countless login and payment events seen on a daily basis, with the identification of such fraudulent activity further marred by sophisticated social engineering scams. Exploiting the human element, fraudsters are targeting weaknesses in genuine customers, creating sophisticated ruses and phishing techniques to gain complicit remote access takeover and/or money transfer to 3rd parties. With social engineering now the biggest single fraud cost in online banking, financial institutions must be able to identify when a genuine customer is being manipulated into sharing confidential information or access to accounts.
Using ThreatMetrix, a large financial institution was able to make multi-million dollar fraud savings every month by implementing end-to-end behavioral profiling. The financial institution was able to detect anomalies indicative of malware or remote access software across creation of new beneficiaries, payment profiling, account registrations, logins and change of details/preferences.2
Effective protection against fraud in financial services relies on accurately distinguishing between legitimate customers and cybercriminals in near real time. Walking a tightrope between customer experience and security, financial institutions require an enterprise level fraud solution which incorporates the multiple touchpoints along the customer journey and effectively detects high-risk or anomalous behavior, securing logins and protecting against account takeover.
Using Digital Identity Intelligence to Enhance Authentication & Fraud Decisioning in Financial Services
The ThreatMetrix solution brings unparalleled intelligence to the entire customer journey, with Digital Identity Intelligence, smart behavioral analytics and clear-box machine learning revolutionizing the traditional identity challenges in financial services – intrusive step-up, siloed policies, limited visibility and static data. ThreatMetrix enables financial organizations to verify that customers are who they say they are, every time, by building a unique digital identity for each user. What’s more, ThreatMetrix behavioral analytics (Smart Rules) differentiate what may simply be unusual customer behavior from genuinely high-risk events. The multi-layered analytics and intelligence provided by the ThreatMetrix solution is underpinned by the ThreatMetrix Digital Identity Network, which collects and processes global shared intelligence from millions of daily consumer interactions including logins, payments and account applications. ThreatMetrix is able to significantly reduce fraud in financial services by:
- Providing End-to-End Account Protection: In every step of the customer journey, be it new account creation, login, beneficiary modification or payment, ThreatMetrix is able to detect fraudsters in near real time. Leveraging the power of digital identity intelligence, ThreatMetrix analyzes access requests in real time to identify suspicious patterns, compromised devices, unusual locations (including attempts from known botnets or VPNs) and suspicious configurations. Further protecting against account takeover, ThreatMetrix is able to detect malware on a legitimate user’s device, as well as detect activities bots/scripted mechanisms and takeover attempts from the mobile channel.
- Protecting Against Account Takeover: ThreatMetrix can help prevent account takeover by detecting fraudsters attempting to access an existing account using credentials obtained through phishing attacks, keylogging, breaches or brute force techniques.
- Protecting Against Social Engineering: The ThreatMetrix Dynamic Decision Platform protects against social engineering with forensic device profiling and smart behavioral analytics. ThreatMetrix is able to track the behavior of the customer on each stage of the payments journey, identify remote access software installation, and detect unusual or high-risk payments behavior to new beneficiaries.
- Guarding the Beneficiary in Near Real Time: The beneficiary is the escape route for fraudsters, with cybercriminals needing to setup or modify a beneficiary in order to move funds to an account they control. ThreatMetrix reliably detects unusual payee and payment activity by combining device attributes, malware detection and sophisticated analytics with the user’s identity and transaction details. This real-time fraud analysis offers financial institutions an additional layer of protection to reduce fraud costs while providing a frictionless online experience for legitimate customers.
- Protecting Against Mule Activity: ThreatMetrix can help prevent the origination of mule accounts through the use of Device ID and IP linkage by utilizing models to identify mule profiles and behavior. ThreatMetrix Trust Tags provides an additional layer of intelligence for financial institutions. Trust Tags allow financial customers to better know their customers, ensuring that the appropriate customer treatment strategy is commensurate with the risk, history and reputation of the customer.
- Providing Multi Factor Authentication (MFA): ThreatMetrix provides financial institutions with an extra level of assurance for high-risk payments or those that require additional authentication as a result of regulatory requirements (such as PSD2). In addition to mobile app security and device binding, a key feature offered is MFA Secure Notification. This enables push notifications to be sent to the user’s mobile device for low-friction authentication without the associated costs of SMS step-ups.
The ThreatMetrix Advantage
In order to fight fraud, financial services require a solution that can evolve as the fraud and financial crimes landscape evolves. ThreatMetrix will support them through the following key capabilities:
- An Unparalleled Network: The ThreatMetrix Digital Identity Network protects 1.4 billion unique online accounts using intelligence harnessed from over 2 billion monthly transactions.
- A Comprehensive End-to-End Solution: Universal fraud and authentication decisioning across all use cases and throughout the customer journey. Bringing Digital Identities to Life: ThreatMetrix ID combines a unique identifier, a confidence score and a visualization graph to genuinely understand a user’s unique digital identity across all channels and touchpoints.
- An Integrated Approach to Authentication: Flexibly incorporate real-time event and session data, third-party signals and global intelligence into a single Smart Authentication framework, to deliver a consistent and low-friction experience with reduced challenge rates. Advanced Behavioral Analytics and a Clear-box Approach to Machine Learning: ThreatMetrix Smart Analytics analyzes dynamic user behavior to build more accurate, yet simpler, risk models. The result is a competitive edge in customer experience with reduce false positives, while maintaining the lowest possible fraud levels.
- Privacy by Design: ThreatMetrix is unique in its ability to solve the challenge of providing dynamic risk assessment of identities while maintaining data privacy through the use of tokenization and encryption.positives, while maintaining the lowest possible fraud levels.
- Rapid, Lightweight Deployment: The ThreatMetrix solution is cloud-based, providing simple and straightforward integration with existing systems.