A San Francisco-based bank recently disclosed the results of a payment fraud investigation that uncovered ATM skimming attempts at the bank’s terminals across the United States. Fraudsters installed ATM skimming devices in several branches and used them to skim customer account information. The bank was understandably concerned that the stolen data would be used to create fake debit cards and attempt cash withdrawals.
While the fraud attempts happened in November, the investigation took much longer and customers were not notified until eight months later in June, 2022. The bank worked together with law enforcement on the review of the ATM network, blocked compromised accounts, and reissued new debit cards for affected clients.
In this case, the fraud attempts were uncovered and blocked relatively quickly. Unfortunately, this doesn’t happen all the time. Handling fraud prevention has become a 24/7 battle for financial institutions that now have to face cybercriminals and fraudsters who use elaborate digital tools and intelligent bots powered by artificial intelligence.
If years ago it was enough, for example, for a payment card fraud department to investigate an instance of card fraud on their own, with the convergence of crime, constant online threats, and automated attacks, the approach to fraud prevention has shifted to increased collaboration between cyber intelligence, AML, fraud departments, and law enforcement.
While financial institutions and businesses understand the importance of such partnership, breaking the siloes between departments and divisions is not a walk in the park. It requires a strong data fusion program to allow relevant information sharing while adhering to privacy and governance rules. It also requires advanced technology tools to support that strategy.
We looked at recent fraud trends and shifts and put together a list of three key elements of a successful payment fraud prevention strategy that will help win the fraud battle in 2022 and beyond:
1. Data fusion
Having a single source of real-time transaction data that is available to multiple departments when they need it is the foundation of an efficient fraud prevention program in 2022. Data fusion allows stakeholders to see the big picture, not simply a snapshot of a payment system’s vulnerabilities.
Last year, we observed a rise in supply chain cyber attacks. We’ve heard about such cases as Kaseya’s data breach, Quanta (Apple) breach, Audi, Volkswagen, and the Mercedes-Benz data leak. While during the pandemic many organizations were trying to adapt to the digitization and new requirements, some risk management activities were reduced or disregarded. As Global supply chains become increasingly complex and interdependent, having a Know Your Supplier (KYS) framework will be imperative. And here, access to the right data and analytics in real-time will enable a faster, more effective response to threats.
With island hopping, cybercriminals undermine the weakest link in a company’s cyber defense chain by targeting its vulnerable partner and supplier network. Data fusion allows enterprises to find vulnerabilities in the payment ecosystem faster and fix them before bad actors can find them.
2. Advanced analytics and ML Technologies
In the last few years due to increased digitization, payment fraud and cybercrimes converged. Very often, bad actors use cyberattacks to get access to systems or account details to steal funds or subsequently commit a serious crime.
In the current fraud and cyber landscape, financial institutions and enterprises need to add additional layers of protection to proactively and quickly identify new emerging cyber threats and take immediate action to block them, without creating negative friction for real customers.
Machine learning is an important element of this strategy. Newer solutions leverage both unsupervised and supervised machine learning to reduce the need to manually train models. Through self-learning, machine learning models are updated automatically and this reduces gaps in protection when new threats are identified.
The most effective machine learning implementations generate individual machine learning models for each customer, card, device, and entity. They leverage network, application, and application payload data for every transaction channel. Used to drive user and entity behavioral analytics (UEBA), this approach can better differentiate between users and bots and thus generate far more precise risk assessment than can be provided by systems using supervised machine learning and limited data for analysis.
Providing UEBA along with comprehensive network, application, and application payload data in real-time enables modern solutions to detect new and emerging threats in real-time.
In the first six months of 2021, more than 7,000 DDoS attacks were launched against commercial banks and payment card processors. Application layer DDoS attacks are some of the most difficult attacks to mitigate because they mimic normal user behavior and are harder to identify. These attacks are intelligent enough to bypass biometric protections such as CAPTCHA programs.
Identifying new and emerging threats quickly enough to respond before damage is done requires real-time UEBA that leverages data not only from the network and applications, but also from the application payload – the information contained within each message field of a transaction.
As fraud and cybercrimes often happen hand-in-hand, it’s important to have technology that also works hand-in-hand to detect both cyber threats and payment fraud on one platform. The solution should block the perpetrators or bots before they damage the bottom line and brand reputation.
3. Collaboration and Fusion Centers
Breaking the siloes doesn’t just mean implementing the right tools for data sharing. It requires an organizational shift in mindsets by the multiple teams who will need to share relevant information with one another for the benefit of the entire company.
Because cybersecurity and fraud are closely linked, businesses and organizations globally are establishing fusion centers or entities that gather cybersecurity, anti-fraud, and AML teams to converge their data and processes for a more holistic view of the threat landscape.
Research from Abrigo showed that in 2022, 47% of financial institutions will combine their AML and fraud programs to improve their defenses.
Strategic prevention should be the key to improving the protection of the business and its customers. Criminals don’t make a distinction between AML, fraud, or cybercrime. They simply act based on whatever gaps in the system they can find. If businesses look at their systems with the same approach, they will be able to find vulnerabilities faster than fraudsters and fix them.
If you would like to detect and block payment fraud and cyber attacks with granular precision, reducing customer friction, fraud losses, and reputational damage, get in touch with one of our experts.