Within a remarkably short period of time, COVID-19 has dramatically altered the way in which the global population works, transacts, and interacts. The ability to quickly build a remote-enabled workforce and adhere to social distancing requirements has necessitated a rapid adjustment for how fraud and AML teams work. For financial services firms, the problem is even more profound as they prepare to support the increase in consumer transactions and manage the expected increase in fraud that comes along with it. In this webinar, Julie Conroy, Research Director, Aite Group, will present best practices and lessons learned from financial services firms adjusting to operations with a largely remote workforce and the effect on fraud management. Ayelet Biger-Levin, VP of Market Strategy, BioCatch, will provide guidance on strategies that can be used to automate fraud operations and protect digital channels.
Zelle is awesome! The highly innovative P2P scheme allows people to pay in real-time from their bank account to any of their contacts. It’s easy to use, super-fast and extremely convenient.
Digital transformation has introduced exponential opportunity in the financial space. The way we manage our money online (via banking, money transfers and shopping) has changed dramatically. We have moved away from a one-time, occasional transaction with a merchant, requiring several steps to checkout, to a continuous, connected relationship and quick, instant checkout. Digital identity has evolved into an essential part of the modern money lifecycle, bringing into the mix issues of securing personal data, privacy and more. At the same time, data breaches and phishing attacks have created an abundance of stolen credentials, turning identities into the most consequential attack vector in the financial world. During this webinar, Ayelet Biger-Levin, VP, and Gareth Campbell, Head of Threat Analytics, will discuss how BioCatch enables the future of money by providing a secure and frictionless user experience across multiple use cases such as account opening, login and payments.
New account fraud continues to grow at a rapid pace, threatening new digital banking business models and fintech platforms such as Zelle, that are in a customer acquisition race. Convenience, speed and ease of use make digital the preferred channel for consumers, but also open the door for criminals. With 14.7 billion personal records stolen in the last 6 years and the proliferation of synthetic identities making it very difficult to tell the difference between a legitimate applicant and one that will result in loss, new models for identity verification are starting to emerge, with behavioral biometrics as a key component.
The newest report issued by the U.S. General Accounting Office (GAO), Federal Agencies Need to Strengthen Online Identity Verification Processes, calls for an overhaul and updated guidelines on identity proofing, highlighting the availability of data stolen in various data breaches over the years in the hands of attackers and fraudsters. Already, the National Institute of Standards and Technology (NIST) has issued guidance in 2017 that effectively prohibits agencies from using Knowledge-Based Authentication (KBA) methods for sensitive applications. Now, the GAO is going one step further, recommending that all agencies discontinue the use of KBA and highlights various alternatives for consideration. The outcome may have far-reaching implications not just for federal agencies but across the board for all private entities that conduct identity verification and authentication to provide digital products and services.
Identity is everything on the internet. Every authentication hurdle online users need to jump through, such as two-factor authentication and passwords, is aimed at one goal – verifying the identity of the user. Digital identity has never been as important as it is now and will only continue to grow in importance as digital transformation takes hold.
One-time passwords (OTP) remain one of the most widely used forms of two-factor authentication, despite their well-documented vulnerabilities. Earlier this year, a major UK bank was hit by an attack in which fraudsters diverted text messages from legitimate customers’ phones in order to bypass two-factor authentication and access accounts.
Vishing costs British banking customers millions of pounds every year and has become the fastest growing scam in the United Kingdom, but the risk is not limited to that country. In a typical vishing fraud case, the criminal dupes his/her victims into performing financial transactions. For example, a fraudster may call the victim disguised as a security official from his or her bank and, after establishing trust, coerce the victim into transferring funds from his or her account into the scammer’s account as a ‘security measure.’ This voice-based, social engineering crime is only growing in popularity and is set to cost banking customers even more money in the coming years.
2018 seemed a dismal year for cybersecurity and identity. Massive data breaches, new forms of malware and increasingly sophisticated social engineering attacks hit businesses and consumers at a steady pace. This pace does not seem to be slowing down. Can we expect any better in 2019?
The paradigm for identity risk management and authentication is changing. In the new paradigm, context and data available for a specific type of interaction must drive analytics. Instead of just looking for commonality, we need to make better use of data that is unique.
Fraudsters are ever-evolving and constantly discovering new methods of stealing money from institutions worldwide. The drive to digital transformation is providing new opportunities for fraudsters to exploit businesses and consumers remotely. The losses from cybercrime continue to rise year-after-year with the number of cyber incidents targeting businesses nearly doubling between 2016 and 2017 according to the Online Trust Alliance. 2018 is not showing any reduction in these trends.
The world of payments is rapidly-changing. The rise of P2P payments in the U.S, Canada and Australia along with dramatic regulatory changes in Europe (PSD2), has created new opportunities across the ecosystem. New third-party payment providers (TPP's) in the EU and P2P apps in other regions are entering the arena by supporting the rapid rise in demand and associated adoption rates. Banks are enabling direct access to accounts via APIs. Consumers now get to pick which apps they use, how they want to pay, and when, making the user experience paramount to win their loyalty. At the same time, however, the speed and “openness” makes the ecosystem vulnerable to several types of threats including malware, social engineering, remote access Trojans, SIM swapping, call forwarding and other techniques. Using these techniques, the fraudsters are able to exploit various points of potential weakness: at the account creation stage, the bank account linking process and payment authentication.
As account opening continues to transition from physical to digital channels, financial institutions, issuers, lenders, and other organizations must optimize the digital experience of applicants in order to compete. At the same time, fraud is on the rise as criminals have become more successful than ever, thanks to some of the same digital channel benefits enjoyed by consumers: convenience, speed, and ease of use.
