In late 2016, one of the largest financial institutions in Africa found themselves the target of a sophisticated, highly coordinated ATM fraud attack. 100 people had used forged credit cards to withdraw $19M from 1400 ATMs in one city in under 3 hours. With over 8,000+ ATMs and 40,000+ POS devices in operation across the African continent, delivering an exceptional customer experience required the financial institution to remain on the forefront of early warning fraud detection and to gain immediate visibility into these attacks and ensure self-serve banking channels are running as expected, 24X7.
One of the key challenges this financial institution faced was a lack of end-to-end visibility into payments applications and the millions of transactions they processed every month. They were vulnerable to network blind spots that criminals were out to exploit. In this specific case, ATM transactions originating from foreign terminals were being approved within the financial institution’s payments environment – without actually making it to the back-end host authorization. This was due to a man-in-the-middle type of malware sitting on their payments switch.
Faced with increasingly sophisticated fraud techniques and information security risks, the group needed to implement a reliable, early-warning system to alert them immediately of any potential fraudulent transactions and minimize customer impact by:
Following this front-end attack, payment solutions expert Stanchion was consulted to architect and implement a first line of defence against fraud at the financial institution’s ATMs. Stanchion proposed a sophisticated solution that combined their proprietary skills and services with INETCO Insight® real-time transaction monitoring and data streaming software.
Some of the alerts that the financial institution set up to combat fraud, included:
INETCO Insight now makes it easy for the financial institution to profile transactions from end-to-end, without the use of heavy agents, extra traffic loads or code changes. Open access to this rich transactional intelligence consistently helps the group quickly isolate potentially fraudulent transactions and prevent processing.
Stanchion and INETCO Insight have strengthened the financial institution’s ability to detect and defuse front-end hackers, man-in-the-middle attacks and coordinated global attacks. They have helped this financial institution to: