One-time passwords (OTP) remain one of the most widely used forms of two-factor authentication, despite their well-documented vulnerabilities. Earlier this year, a major UK bank was hit by an attack in which fraudsters diverted text messages from legitimate customers’ phones in order to bypass two-factor authentication and access accounts.
Vishing costs British banking customers millions of pounds every year and has become the fastest growing scam in the United Kingdom, but the risk is not limited to that country. In a typical vishing fraud case, the criminal dupes his/her victims into performing financial transactions. For example, a fraudster may call the victim disguised as a security official from his or her bank and, after establishing trust, coerce the victim into transferring funds from his or her account into the scammer’s account as a ‘security measure.’ This voice-based, social engineering crime is only growing in popularity and is set to cost banking customers even more money in the coming years.
The paradigm for identity risk management and authentication is changing. In the new paradigm, context and data available for a specific type of interaction must drive analytics. Instead of just looking for commonality, we need to make better use of data that is unique.
As account opening continues to transition from physical to digital channels, financial institutions, issuers, lenders, and other organizations must optimize the digital experience of applicants in order to compete. At the same time, fraud is on the rise as criminals have become more successful than ever, thanks to some of the same digital channel benefits enjoyed by consumers: convenience, speed, and ease of use.
With account fraud rising and large amounts of personal information already compromised, financial institutions realize the shortcomings of basic passwords and OTPs and the need for biometric authentication to bolster security and enable a seamless user experience. However, many biometric platforms still use knowledge-based information to enroll customers, which makes it easy for hackers to create new accounts using personal identifying information.
There are many faces of fraud in the insurance market - using stolen identities to obtain a new policy - or just as troubling, an account takeover to make a false claim or change payee information to receive claim funds. And when fraud hits, it hurts everyone in the pool. In fact, according to the Federal Bureau of Investigation (FBI), annual losses related to insurance fraud is approximately $40 billion, costing the average American family $400-$700 in increased premiums each year.
BioCatch works with leading banks around the world and monitors more than 2 billion transactions per month. Join us as we provide a summary of fraudulent activity gathered via our behavioral biometrics platform in 2016, review the latest trends in online fraud and share some insights as to what 2017 will bring.