Digital fraud has been around for a while but it has become more widespread/serious and sophisticated as businesses adopt more and more digital technologies to make processes easier for themselves as well as consumers.
So, what is digital fraud?
Digital fraud is a type of cybercrime involving exposure to risk using the internet. It encompasses a wide range of illegal actions committed in the cyberspace realm, with the intent to trick victims out of money or steal information. These acts can be mass compromises of personal details stored in databases using malware, through to targeted attacks directly to the customer using smishing (trying to trick someone into giving out private information via a text or SMS message).
This was explained to CSA by Ian Holmes, Global Lead for Enterprise Fraud Solutions at SAS, who was gracious enough to provide insights into why making sense of data forges business resilience and strengthens their security posture in the fight against fraud in the long run.
With the rise of digital banking, Ian said that the financial industry is among those that are seriously affected by digital fraud. For one, more financial activities, including account opening are taking place through digital devices and the internet, which allows for the convenient access and anonymity fraudsters require. A fraudster, in this remote banking world, can now generate multiple new account applications easily, testing different details until they are approved for the account.
Besides that, he mentioned that fraudsters are taking fraud activity to a new level as the trend of automation rises. Those online portals offered by websites and apps have allowed automated bots to accelerate the volume and rate of attempts to access genuine customers’ accounts. “These automated attacks, such as those seen with credential stuffing, have caused the compromising of more accounts and the stealing of more data in less time. This, in turn, leads to more exposure to digital fraud for financial channels, services and companies,” added Ian.
Overcoming Digital Fraud Through Intelligence
When speaking about the threats faced by banking customers, Ian pointed out that digital fraud has become increasingly complex amidst the ongoing pandemic crisis. He explained that fraudsters are becoming smarter at using other people to commit a crime on their behalf – making humans the weakest link in the overall security chain. “Innovations in new payment mechanisms are especially vulnerable to digital fraud. However, due to a lack of insight into the risks they expose, ineffective risk mitigation controls are often applied during their launch,” Ian explained.
Just like with any problem, there will always be a solution. Ian further highlighted some factors that need to be taken into consideration when taking steps to overcome digital fraud and financial crime. While adding more and more security mechanisms may seem like a good way to go about it, customers often get frustrated when going through the multi-level authentication and verification processes, especially when there are many steps required to log in or complete a transaction. In short, businesses are being forced to operate in a zero-trust landscape but customers have to feel trusted at the same time. It’s a very fine line to balance. Hence, Ian suggests that we should advocate for smarter authentication, not more authentication.
“In fact, in the digital world, it is often easier to remove the customer from the authentication process as much as possible. Humans only introduce risk and exposure. However, tracking the location and details of the device being used during prior digital activities allows businesses to increase confidence in the current interaction,” he explained.
Additionally, Ian also recommends that the financial services industry needs to better utilise available Artificial Intelligence (AI) and machine-learning technologies to overcome digital fraud and financial crime. For financial institutions, it is important to understand all entry points, or channels, available to customers. With such technologies, it can process all data streams in real-time and combine identity management and transaction monitoring to not only identify fraud that has occurred but to stop it even before it occurs.
The Power of Data Analytics and Cross Collaboration
According to Ian, financial organisations need full-scale technology and advanced analytics capabilities to identify modern and advanced threats at a fast pace. Predictive modelling enabled by Artificial Intelligence and machine-learning will reduce reliance on the manual monitoring of fraud activity, which leads to increased efficiency.
Analytics, which is a core component of AI, can help banking services to elevate or reduce the risks of dealing with fraud. He said, “Many fraudulent identities do not have records that would associate with a real person, such as a driver’s license. This lack of a well-rounded ‘life footprint’ can be identified by analytics to raise a red flag of an identity that warrants a closer look.”
This cross-collaboration is occurring between groups called consortia which are sharing data. These are forming across industries between telcos and banks, as well as e-commerce shopping and social networking sites to reinforce a person’s digital details, such as the combination of device and email address that has been used for several activities over the last few months or years. If these different digital details do not correlate, then a fraudster is likely creating new identities to attempt their next conspiracy.
SAS is one data company that is focused on ensuring the best experience for customers – enabling them to enjoy the convenience of the digital landscape while making sure they are well protected from fraud. Ian explained that SAS' technology platform was designed to empower organisations to do just that – allowing accurate, real-time fraud detection without compromising the customer experience.
“It acts as a decision hub that brings application data, customer data, payment activities and device monitoring together for analysis to assesses activity at these different levels; combines multiple analytical approaches including supervised and unsupervised machine-learning,” he explained.
Unlike rules-based systems, which are fairly easy for fraudsters to test and circumvent, SAS’ machine-learning adapts to changing behaviours in a population through automated model building. With every iteration, the algorithms get smarter and deliver more accurate results. It’s easy to see the value of machine-learning to keep pace with the emerging risks of new payment channels. SAS’ technologies are built with analytics at the core to ensure our customers can identify fraud and protect their customers.
All this is important because according to Ian, data analytics can help banking services essentially “connect the dots”, and therefore, the financial services industry as a whole needs to better utilise available Artificial Intelligence and machine-learning technologies. In Ian’s own words, “Financial institutions have been innovative during this pandemic to satisfy customers’ need for scalability and immediacy. Now they must re-evaluate how they protect themselves and their customers from digital fraud and financial crime.”