Banking went further online…fraudsters as well
May 11, 2020
Recent circumstances all over the world have increased the use of digital banking channels, which expose banks to many types of creative frauds executed online. Even before the Covid19 crisis, according to KPMGs Global Banking Fraud Survey, 60% of institutions reported an increase in fraud volumes during 2018. And fraud costs are not only direct and do not equal only the stolen money (according to the same source, majority of the banks say only 25% of the fraud losses were recovered), but more importantly the reputation, and the costs of damaged reputation threaten to be significantly higher than the initial fraud amount.
On the other hand, digital natives raise their expectations to have super frictionless user experience, which is putting additional strain on bank’s security systems. Ask them for too much – and you lose them forever.
Worldwide, KPMG identified top challenges banks face related to online security/fraud:
- Cyber and data breaches
- Social engineering
- Evolving digital channels & fast payments
- Open banking
Striking a balance between user experience and security is the key, and banks have to act in two ways – to educate their customers, but more importantly, to deploy smart and fenced IT solutions.
Let’s look at recommended IT solutions that can help banks remain safe while improving customer experience:
Start at “the entrance” – ensure strong customer authentication!
Already a mandatory element – strong customer authentication remains the first line of defense against fraud. And, while being secure, we want to make it frictionless.
Choosing the right method that varies from “ancient” SMS authentication or static passwords, all the way to biometry and AI can be challenging, especially with the certain legacy system and methods institutions have already in place.
There are many existing authentication methods, but mostly they are all linked to some unique factor linked to the user.
They can be:
- knowledge-based, i.e. – something the user knows (password/PIN),
- possession-based – something (only) the user has
- and biometric-based – something the user “is” – like for instance the fingerprint, retina scan, etc
All of the methods definitely have their own strengths and weaknesses; however, the environment determines which authentication approach is best suited.
Every institution is different, along with the circumstances in the market, so it pays to consult experienced supplier, like Asseco SEE. Asseco, with its SxS authentication ecosystem, offers the full range of authentication methods, along with the know-how to select the right solution that fits the concrete bank’s needs.
SxS by Asseco uses advanced cryptography algorithms and the highest industry standards to provide security without adding friction and, consequently, sacrificing user experience. To ensure full protection for your users during authentication or when carrying out online transactions, SxS makes sure they are validated using highly available authentication servers.
Once the “gates” are strong, it’s time to look at external fraud prevention solutions, which is the second most important security pillar.
How to ensure efficient external fraud prevention and monitoring?
Fraud is rising in all internet activities, but the finance industry is the most affected by it, both with financial consequences as well as the regulation (such as PSD2). Setting up the appropriate IT solution protects your customers and reduces workload and fraud damages.
Protecting the institutions and customers from financial losses becomes harder as new channels are introduced, enterprises become 7×24, and more complex analysis is needed. To respond to that – it is important for anti-fraud solution to include some “must-have” features:
- Machine learning capabilities to reduce false-positive alerts, which decreases unnecessary actions by the Fraud department,
- Real-time fraud detection and prevention, to stop fraud at the time it happens – saving the institution from losses and reputational risks,
- All channels covered in one solution, so fraud officers don’t have to switch between many applications while monitoring,
- Independent from IT – milliseconds are important for fighting fraud and every fraud team has to enable themselves in order to act proactively and quickly to fraudulent attempts that can happen anytime,
- PSD2 compliant!
All that, and much more is available in Asseco’s InACT® antifraud solution.
InACT® is a modular application that monitors and prevents transactional fraud and internal misuse, operational faults, and transactions that are contrary to the legislation. It is one of the rare solutions that offer complete protection for all external channels, as well as internal employee fraud.
InACT® delivers a flexible user experience and easily adapts to the existing working environment of business users through its customizable menus.