Fraud operations teams have historically focused on loss prevention as a key indicator of success. While this is an important metric, 30% of banks today are building dedicated trust and safety teams and the focus has shifted towards more customer-centric models.
BioCatch takes a unique approach to solve the Trojan predicament. Rather than detecting a specific Trojan variant, wouldn’t it be better to detect all types of malicious actors, be it Trojans, bots or other adversaries? And what if we could not only protect against current, known, threats, but also future, unknown modes of operation? And finally, what if this detection can be truly continuous, easy to integrate with and deploy, with tools that provide visibility into the user activity?
New account opening fraud can directly impact the bottom line and threatens new digital business models, especially those that rely on growth through rapid customer acquisition. From credit cards and deposit accounts to a wide range of lending products, cybercriminals spare no effort to turn a profit by exploiting weaknesses in the digital onboarding process. This e-book explores the financial and business impacts of new account opening fraud, the effect on customer experience, and how behavioral biometrics can be used to reduce fraud risk and increase customer acquisition in digital onboarding.
Account takeover fraud remains an ongoing problem for financial institutions, e-commerce merchants, and virtually any organization that offers products or services that can be monetized. Last year, account takeover fraud cost U.S. businesses nearly $7 billion in losses. This e-book provides insights into what is fueling the growth in account takeover attacks, what traditional fraud prevention tools are missing, and new strategies and approaches to fight back.
Within a remarkably short period of time, COVID-19 has dramatically altered the way in which the global population works, transacts, and interacts. Social distancing, a term that was not in most people’s vocabulary just a few short months ago, is the new norm. Fraud and AML operations functions at financial services firms have not typically consisted of a remote-enabled workforce, nor are most operations centers known for ample space between workers, so the shift to remote workers and the requirements of social distancing have necessitated a rapid adjustment for firms around the globe.
According to multiple threat index reports issued at the end of 2018, the threat of Remote Access Trojans (RATs) is at an all time high. One RAT made Checkpoint’s Global Threat Index Top 10 list, while Proofpoint reports that the number of RATs doubled each quarter of 2018, accounting for more than 5% of all malicious payloads for the year, marking a significant change from the past.
In recent years, a growing number of organizations have employed two-factor authentication (2FA) as a primary safeguard mechanism. They all share the notion that requiring a second security layer will be instrumental in reducing data breaches and identity theft. Two-factor authentication is based on the fundamental assumption that at least two out of three authentication factors are used in the process (“something you know, something you have, something you are”). 2FA is not a new security measure, nevertheless, it is in extensive use, despite the growing recognition that it is not so effective.
As account opening continues to transition from physical to digital channels, financial institutions, issuers, lenders, and other organizations must optimize the digital experience of applicants in order to compete. At the same time, fraud is on the rise as criminals have become more successful than ever, thanks to some of the same digital channel benefits enjoyed by consumers: convenience, speed, and ease of use. To achieve the necessary balance between preventing fraud and providing a delightful experience for consumers, an approach to identity proofing that accounts for the channel, product, customer, and threat environment is absolutely critical. But regardless of the approach, inconspicuous solutions — like those based on applicant behavior — have a distinct role to play in how institutions manage the risk of application fraud.
As mobile devices eclipse computers and laptops as the preferred method of going online, fraudsters have followed users, porting their modus operandi –account takeover, social engineering, and malware based remote control attacks – to the mobile arena. Mobile has opened up many new ways for users to communicate and connect without being tied to a desk or a power outlet – and at the same time, it has presented hackers with many more opportunities to perpetrate fraud and carry out attacks that cannot be detected with traditional tools used to detect attacks in web sites. As a result, companies need to apply new fraud controls to protect mobile users and enable them to carry out transactions, check bank accounts, make purchases, etc.