[ news_security_news ]
Don't Overlook The Online Channel: Combating Multi-Channel Fraud At The Source
Tom Miltonberger
Contributing Writer
2008-05-21
 Insider Reports RSS Feed
The latest threat to online banking accounts involves fraudsters using multi-step schemes that involve different interaction points with financial institutions.
Cyber-criminals commit this multi-channel fraud by first breaching an account via the online channel to steal valuable information such as account balances, check images, or signature blocks, in order to commit wire, check and other types of offline fraud that never gets linked to the original breach online.
Unfortunately, the online channel's role in these schemes is often overlooked. This is precisely what makes this kind of fraud so effective - and hard to catch. Financial institutions only register the final transaction fraud, and cannot account for the original breach, which often occurs in the online channel. Add this to the fact that consumers don't know it is happening, and the fraudsters have a perfect opportunity to continuously get away with this crime.
Case in point is what happened recently to a leading financial institution that serves tens of thousands of customers daily. Despite aggressive efforts to safeguard its online environment, fraudsters pulled off a startling multi-channel fraud scheme.
Here's how the fraud scheme worked:
1. The fraudster called the institution's customer service number and, using social engineering techniques, reset the online account password and contact phone number.
2. The fraudster accessed the online account, learned more about the customer's online activities, and downloaded check images containing the customer's signature.
3. The fraudster then called on a separate institution using the stolen information to open a new account in the victim's name.
4. A wire transfer was arranged to empty the victimized account and credit the new account at institution #2. Because the names on the accounts were the same and the fraudster had provided a phone number under his/her control and a valid signature, an offline verification of the transfer by phone, as a second means of identification, passed and was authorized.
5. The fraudster withdrew his loot piecemeal, visiting separate branches in a state different than the victim's.
Legacy Fraud Detection Methods Blind to Online Activity
When fraudsters use schemes involving multiple interactions with different touch-points across an institution, they aren't caught because the precursor online channel breach is often overlooked.
Common industry practice registers the final fraud transaction as the breach point, and case forensics employ limited resources to return insight that cannot trace the original breach to the online channel. When accessed only for reconnaissance, the online channel records no "transaction" for detection. This is precisely what makes multi-channel fraud so effective - and so hard to catch. Moreover, what kind of fraud is our previous example to be classified? Is such a loss wire fraud, check fraud, or simply "online account fraud"?
A next-generation approach to online fraud prevention is needed if we are to continue to inspire customer confidence in the online channel. According to Javelin Research's 2007 Identity Fraud Survey Report, it takes an average of 60 days for consumers to even detect that fraud has occurred. This leaves fraudsters with a perfect opportunity to commit successful multi-channel fraud crimes if financial services providers don't take pre-emptive steps to protect both their customers and their bottom line. New best practices and back-end technologies that focus on online behavior can better isolate and prevent multi-channel fraud at the source.
Modeling Individual Account Behavior Stops Fraud at Its Source
An emergent best practice is to employ predictive models of individual customer online behavior to detect when the "customer" logging in isn't who they say they are, even if they pass authentication. Beyond simple machine signature technology, user profiling technologies rely on trended analysis of behavior account by account. They start by understanding what "normal" behavior is for each individual customer - and admit that there is no single pattern of "normal" behavior to write an anti-fraud rule against.
Dynamic, model-based analysis of account activity "does the math" - piecing together what are by themselves may seem like weak indicators of fraud until a powerful pattern emerges. Behavior that deviates from what is expected becomes suspicious - the more the deviation, the deeper the suspicion. This comprehensive analysis allows for more granular risk scoring and better correlation with offline activity patterns. A byproduct of this behavioral analysis also allows for a rich history of online activity that aids investigation and forensics.
Using these techniques, institutions can identify the fraudster via the alerts to online activity outside the customer's predicted behavior. Deploying strong analytics at the source - the online channel - ensures that fraudsters' attacks are shut down before any damage is done.
About the Author:
Tom Miltonberger is president and CEO of Guardian Analytics, the technology leader in protecting online channels from account fraud. Prior to founding Guardian Analytics, Mr. Miltonberger was senior vice president of Products at Quova, where he led the development of groundbreaking IP geolocation products and services. He is a recognized expert in using IP information for online fraud prevention, network security and regulatory compliance. Mr. Miltonberger has held leadership positions at Backflip, Decisive Technology, General Magic and Advanced Decision Systems.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
