The fraud challenges currently facing global financial institutions are extensive. From detecting scams through to synthetic identities, fraud detection in banking requires innovative solutions to deal with complex problems. Unfortunately, most traditional authentication and fraud prevention solutions are aimed at solving a specific problem – is someone logging in from a known device or is the password entered the correct one? These one dimensional solutions leave blind spots for criminals to exploit, coming in the form of remote access attacks, social engineering and malware.
Each bank faces its own set of unique challenges that evolve as the fraudster’s tactics change. In this blog we look at two case studies and how using behavioral biometrics in banking can successfully solve different sets of challenges within an organization and in a dynamic landscape.
Challenge 1: Faster Payments — faster fraud
The Treasury arm of a top-5 U.S. bank was looking to tighten controls in preparation for its transition to Faster Payments. The business knew they would have to expect more fraud, but was concerned that their current fraud detection wouldn’t be able to keep up with the pace set by criminals. While their current solution focused on identifying known Trojans, the bank identified a need for a broader solution that could address multiple issues.
Upon deploying the Biocatch system, the bank detected over 95% of all malware cases with a false positive rate of less than 0.05%. They were able to demonstrate the utility of behavioral biometrics enterprise-wide, finding that:
- Continuous authentication using behavioral biometrics reduced false positives and the need for step-up authentication protocols.
- Credential sharing was more widely-used than previously thought, in fact significantly so. By analyzing users’ physical and cognitive behaviors, it became evident that there were multiple people sharing passwords and tokens for the purpose of bypassing dual verification requirements for wire transfers.
- Malware detection based on real-time alerts that a session was under attack was more effective than a list of infected computers. By focusing on user behavior instead of known devices and Trojans, the bank was able to dramatically increase its detection rate, reducing its false positive rate to practically zero.
By adopting behavioral biometrics, this bank was able to provide a secure and seamless online experience for their corporate customers.
Challenge 2: Tackling a sustained cyberattack
A top five British corporate bank was experiencing very different issues compared to our previous fraud detection case study. It found itself the target of a sustained cyberattack, which was circumventing its traditional controls, such as malware detection, transaction monitoring and device fingerprinting.
By adding behavioral biometrics to their online banking application, they were able to quickly deflect the attack using real-time transaction alerts for risky transactions. One of the most notable cases involved a £1.6 million attempted fraudulent transaction involving an advanced remote access Trojan.
Despite having other solutions in place, such as transaction monitoring, anti-malware, device recognition and location analysis, our behavioral biometrics tool was the only control that generated a fraud alert in this instance. By analyzing the user’s cognitive preferences, the BioCatch system uncovered several anomalies that, when taken together, contributed to a high risk score.
- The user always used the scroll bar to navigate, while the attacker scrolled up and down with the mouse wheel.
- The attacker used the keyboard to select the destination country, whereas the regular user always used the drop- down menu using the mouse.
- The BioCatch system detected a disruption in the hand- eye-coordination session, determining it was done via remote access, a never-seen-before occurrence.
During the initial pilot period alone, the bank realized a 23x Return on Investment in fraud detection, and with BioCatch alone, was able to detect 81% of the fraud with less than 0.05% false positive rate.