Traditional online banking fraud prevention strategies focus on mitigating losses by targeting individual cases of fraud – for example by preventing a bad actor from creating a new account with stolen credentials.
Focusing on mitigation rather than total prevention means that whilst fraudsters constantly evolve and innovate, the fraudsters put in place solutions to stop them do so only partially, and inconsistently.
This is why the narrative around consumer safety in online banking and digital commerce has been evolving. Whilst it was once focused on simply preventing the direct losses that occur as a result of online fraud, it is beginning to adopt a far broader perspective, within which the notion of trust is fundamental.
Banks need to build up their own trust with their customers by ensuring that customers are who they say they are and have only legitimate intentions.
The only way in which to do this is through assessing their behavior on a granular level – the more specific a bank can be about each customer’s usual behavior, the less likely they are to stop or hold up legitimate transactions or let a bad actor slip through the net.
This will also help ensure legitimate customers’ online journeys and interactions are not unnecessarily slowed down or halted, maintaining the frictionless online experience users demand.
However, delivering a seamless experience needs to be balanced with security measures comprehensive enough to engender reciprocal customer trust in the bank itself.
Customers must also be able to trust their banks can keep their funds safe and identities secure.
Banks can do this by creating a secure online environment for customers so they need not fear becoming a victim of a session hijack, or account takeover fraud at any point through the customer journey from setting up accounts, accessing funds, or making payments.
Some types of fraud attacks don’t necessarily take place within the bank’s infrastructure. For example, a phishing or RAT-in-the-Browser attack could lead customers to counterfeit browser pages that mimic their bank’s branding.
Customers attacked in this manner may then attempt to login and in doing so accidentally pass on their credentials to fraudsters who can use them to perform an account takeover (ATO) on the actual website.
This is an example of why banks need to change their mindset from preventing direct losses from just preventing online banking fraud to establishing customer trust and safety.
Although banks might initially feel as though this falls outside of their jurisdiction, customers who fall victim to these kinds of fraud described here would think they were interacting with the bank.
When they find out what happened, it is the bank they lose faith in and they will easily make the decision to change banks as a fallout.
Building trust and safety using behavioral biometrics
To instill trust, banks need to protect customers at all points of their online journey, but going too far with security measures can result in banks losing customers to organizations offering easier online banking processes.
It’s in this way that traditional fraud prevention can become the enemy of customer satisfaction and limit business growth.
Banks need to find a way to balance safety with frictionless user experiences.
This goal can be achieved by broadening anti-fraud horizons to encompass trust and safety and working proactively to counteract online banking fraud, through investing in a solution that incorporates behavioral biometrics into its authentication processes.
Furthermore, this solution should analyze user behavior on an individual basis instead of comparing clusters of ‘good’ or ‘bad’ users and allowing fraudsters to fall through the net and customer trust to be affected.
Such a solution should seamlessly protect across the entire customer journey instead of only at one point of interaction.
Previously identified fraudster behavior needs to be front and center to secure against attacks, in order to pinpoint and weed out fraudsters from legitimate customers.
The bonus of using behavioral biometrics to establish trust and safety with banking customers is that the behavioral analysis can occur constantly and invisibly to the user – throughout the customer journey – delivering a risk score to the bank from all interactions without administering additional, friction-filled authentications.
Preventing fraud and maintaining mutual trust
Implementing a trust and safety mindset in an organization is by no means a niche trend – tech giants such as Google, Facebook and Airbnb have all invested in specific Trust and Safety departments – but it is a disruptive idea.
If banks plan holistically, utilizing a wealth of none personally identifiable information readily available from each user across their entire lifecycle, instead of at individual points, they can comprehensibly prevent fraud rather than simply mitigate its effects.
Mitigation cannot easily be scaled and can negatively impact business growth.
But if banks think proactively and create an anti-fraud strategy that deploys deep learning technology to analyze behavioral biometric data, and more they can utilize automated tools that scale and can adapt quickly to evolving threats helping banks remain agile in their fight against fraud.
Banks can then adapt and evolve as they encounter new fraud patterns in real time (and even detect fraud patterns before they have happened), while maintaining customers’ trust and delivering great user experiences.