Pablo de la Riva Nov 24, 2020 10 min read

How to Guarantee Online Banking Fraud Won’t Happen Again

How do you trust a customer you’ve never met? This is an issue banks contend with every day as they try to detect and prevent fraud. 

Online banking fraud has become an epidemic – and as bad actors continue to adapt and employ more sophisticated techniques to commit their crimes, fraud analysts are left playing catch up. One in every two companies in the world has been a victim of cyber fraud in one way or another.

Online banking fraud prevention traditionally focuses on static points in the user journey, such as account creation and access layers such as login and the moment of transaction.

What happens if a bad actor has already infiltrated a bank’s system and operates undetected from within?

According to a recent report by RSA, more than 30 percent of online banking fraud is carried out from accounts supposedly belonging to legitimate customers.


The battle that is consistently the hardest to fight is against those bad actors who are already inside.



To comprehensively detect and prevent fraud and then block it from happening again, the battle needs to be fought dynamically throughout user sessions and throughout the entire system: identifying bad actors, investigating and understanding their operational behavior, and stopping criminal activity at its source.

Finding bad actors and the compromised accounts linked to them is significant if fraud is cut off at its root. But once the bad actors have been discovered, fraud analysts at individual banks need to bar their digital door against them and guarantee those same criminals – and anyone connected with them – can’t gain access to the bank’s system in the future.

 

fraudster-hunter-policy-manager-blog-04

Revlock Hunter’s Policy Manager

To successfully block fraud at its source, the focus has to be on locating the bad actors themselves.

Revelock´s platform generates a unique digital profile – or Bionic ID – for every user who accesses a bank’s online system by analyzing thousands of parameters relating to each user’s behavioral biometrics, from how they type their name to the angle at which they move the mouse or hold their phone, as well as contextual information such as geolocation, device profiling, and malware records.


Revelock’s unique capability, Revelock Hunter, performs link analysis powered by these Bionic IDs to recognize the real user behind the user profile.



The tool identifies and investigates bad actors' activity and visualizes the connections between components to discover the accounts used to commit fraud or those at high risk.

This is where things get innovative.

Once a bad actor or any fraudulent activity has been found, the bank’s analysts can utilize bad actors identifiers or behavior links to create a bespoke rule, which automatically flags up the same type of fraud or person in the future.

These individual rules utilize dozens of Bionic ID attributes to detect bad actors' activity before automatically triggering a predefined action, ranging from stepping up authentication to terminating the transaction altogether, depending on the level of risk.

For example, once a fraud team has uncovered a bad actor and blocked them from logging in or carrying out a transaction, they can then create a bespoke rule surrounding this same user.

The next time the bad actor tries to log in to the bank’s online system, the rule will detect a match, essentially recognizing them before automatically blocking them from logging in or carrying out a transaction.

 

fraudster-hunter-policy-manager-blog-03

Rule-based fraud prevention campaigns

What’s more, these rules can be stored and then combined to create personalized, rule-based fraud prevention campaigns that are built to address any combined set of attacks the fraud team deems necessary – ranging from phishing to RATs to new account fraud. In the example above, rules can be combined to ensure the bad actor is effectively blacklisted and can never access accounts in the bank’s system.

Furthermore, link analyses delivered by Revelcok Hunter mean that if the bad actor acts as part of an organized fraud ring, anyone connected to them can be blocked as part of the same campaign, automatically revealing and blocking bad actors and potentially freezing entire networks of mule accounts.

Enabled rules and campaigns actively scan all mobile and online transactions for matches with predefined bad actor identifiers and activity in real-time.

 

fraudster-hunter-policy-manager-ban2
Key benefits of Policy Manager

The introduction of Policy Manager, which is now a standard feature included with Revelock Hunter, allows fraud teams to drastically increase their efficiency and fraud detection rates.

The customizable nature of the capability allows fraud analysts to personalize the deployment of AI in their fight against online fraud, which means the solution is like adding another member to the team. Only this teammate has a photographic memory and can identify fraud and then recognize it again every time it occurs.

Teams now have increased flexibility to respond to emerging fraud attacks, reducing losses caused by fraud without increasing fraud team size.

Above all, the campaign-based solution is fast, flexible, and scalable, irreversibly eliminating fraud throughout banks’ systems and at all points in the user journey through continuous authentication.

It allows financial services to swiftly respond to threats and stop new fraud schemes without affecting legitimate customers and maintaining customer trust and safety.

With the addition of Policy Manager, Revelock Hunter now delivers the ability to comprehensively:

1)      identify bad actors

2)      learn and understand how they operate

3)      create automated defenses to stop them from committing fraud at the bank in the future.

avatar

Pablo de la Riva

Pablo de la Riva founded his first company when he was 21 years old – a security consulting firm – and Revelock was his first software startup experience. He has been working in the anti-fraud sector for almost 15 years, first as a cyber-security analyst, then as a team leader, later as CTO with almost 200 people reporting to him and now as CEO.