Alán Alcoverro Aug 19, 2021 10 min read

How new tech can take the burden off fraud teams

In recent years, online banking and financial fraud have grown into a massive industry for cyber-criminals – as it continues to prove a low-risk, high-reward endeavor. Fraud teams at banks and other financial institutions are overwhelmed by the sheer number of fraud alerts they receive.

A situation only made worse by the many false positives and negatives that arise from implementing traditional anti-fraud solutions. A new approach is urgently needed to save time and money.

When inundated with fraud alerts, analysts have to prioritize them based on the risk level of each and then decide how to act. This process is naturally time-consuming since analysts must first determine which threats to escalate and what actions to take against these threats.

Whilst this is happening, fraudsters are often free to continue jumping from victim to victim. Thus, financial institutions can often find themselves sucked into a constant game of cat-and-mouse.

This lengthy process is also expensive - resulting in high operational costs, in addition to any fraud losses along with possible brand damage. Reducing false negatives and false positives and automating alert processing can take the burden off fraud teams.


Reducing false positives and negatives

One of the main causes of high fraud operational costs is fraud teams having to deal with many false negatives and false positives. These types of alerts can occur for several reasons. One example is Friendly Account Takeover when a friend or family member uses the owner’s legitimate account. With the ongoing rise in the adoption of online banking services by less tech-savvy users, this can be a common occurrence.

While the perpetrator of this so-called ‘friendly fraud’ may have the account’s legitimate security details, some anti-fraud systems will pick up that the user is not the owner of the account.

Fraud teams are often overwhelmed with alerts regarding this circumstance, despite no actual malicious activity occurring – whilst their time and resources are needed for genuine threats.

Financial institutions, therefore, need to invest in a solution that treats anomalies detected when friends or family are helping account owners as low risk - thereby avoiding the friction that false positives can cause, and freeing up fraud analysts to focus on high-risk threats.


‘Know Your User’

Another reason for the high volume of false positives and negatives is how traditional online fraud prevention methods approach looking for bad actors. Typical approaches profile users into ‘clusters’ of good or bad actors.

This type of profiling requires fraud prevention solutions to comb through massive databases containing millions of bad actor or good actor attributes to find a match. This process can also classify a lot of new users as unclassified – neither good nor bad. And it is unclassified bad actors who are in fact, responsible for the majority of online fraud. Instead of using this profiling approach, a new way to analyze users examines each user on an individual, more granular level, including analyzing their current behavior compared with their past behavior.

This revolutionary ‘Know Your User’ (KYU) approach analyses the risk of every user interaction by continuously examining their behavior combined with device and network assessments and allows financial institutions to build ‘cyber profiles’ for every user.

These BionicIDs are unique to each user – a bit like a digital fingerprint – and are created using continuous behavioral biometric analysis, which occurs ‘behind-the-scenes’ and thus does not disrupt the user experience.

A focus on recognizing each user and building their BionicID again greatly reduces the number of false positives and negatives. It thus dramatically reduces both fraud losses and the costs of online fraud prevention operations.


Automating fraud response

Fraud teams would be better served with tools that allow them to be proactive in their fight against fraud - instead of relying on just detection and alerting processes. The most efficient way to prevent fraud losses is to allow fraud teams to configure automated responses that prevent attacks and block known bad actors – thus minimizing the workload of fraud analysts whilst stopping fraud in its tracks.

More importantly, fraud teams can adjust the level of response depending on the risk, maintaining complete control over the online fraud prevention process.

For example, a team could configure lower-risk fraud alerts to result in an automatic step-up in authentication, such as sending an OTP to the user’s phone.

In fact, financial institutions can implement a proactive mindset to prevent fraud across the board through a strategy centered around an Active Defense to take the pressure off their fraud teams. In cybersecurity, ‘active defense’ refers to deploying actions that make it more complex and costly for cyber adversaries to carry out their attacks.

These actions aim to confuse attackers with traps and advanced forensics and often provide an automated incident response to increase the work required for the attackers and decrease the work for the defenders.

Using an Active Defense to fight online fraud is a game-changer. Automating the handling of most types of alerts can automatically and proactively prevent fraud losses, allowing fraud teams to focus on the more complicated and most crucial investigations.


The banks and financial institutions of today can often feel as if they are stuck between a rock and a hard place: with, on the one hand, online fraud ever-increasing in scope, sophistication, and frequency, and, on the other, fraud teams that are in short supply and overworked – inundated with a never-ending flood of fraud alerts and notifications.

Fortunately, the modern technological advances which have helped online attackers can also benefit the defenders. With the advent of new tools specifically designed to support fraud teams, through methods such as automation, behavioral biometrics, and Know Your User, fraud analysts will now be well-equipped to effectively and efficiently deal with the ever-evolving landscape of online banking and financial fraud.


Alán Alcoverro

Alán is a Solutions Architect at Revelock. With over 12 years of professional experience acting as a Solutions Engineer / PreSales in companies such as IBM, SCC, Allot Communications and Riverbed, he owns a transversal and integrated view of the IT world and all the digital challenges this implies for any company size, being Cybersecurity his main focus along the way. He is the main contact person for all technical items related with our Revelock online fraud prevention solution, for both current and future customers, generating at the same time new business opportunities within the EMEA region whilst offering highly efficient solutions for all challenges we face every single day related with cybercrime.