How can financial institutions stay one step ahead of fraudsters? Michelle Weatherhead looks at the latest technologies and methods designed to stop fraudsters in their tracks

Anybody involved in fighting financial crime knows that fraud is constantly evolving
in response to emerging payment technologies and changing payment habits. In recent years, we’ve seen the decline of paper-based payment methods such as cheques, as debit and credit cards take over, even in the low-value payment space. When the online and mobile dimensions are added to the mix, as well as other technology innovations such as contactless payments, it is clear why fraud is becoming more complicated to track and more sophisticated in its nature. As a result, fraud detection and prevention is becoming more challenging.

As financial institutions monitor the changing nature of fraud, they are constantly working to stay one step ahead of the fraudsters and protect their customers and bottom line. However, against the backdrop of the current economic downturn and the rise in financial crime, fraud prevention and detection has never been so important. Not only can successfully preventing fraud help protect the valuable relationship with the customer, it can also deliver tangible and significant savings for banks at a time when every process and system is under scrutiny to deliver efficiency and reduce cost.

Cross-border fraud is an increasingly important battleground for banks in this fight. There are many factors driving fraud internationally, not least of which is EMV. In the past, it was relatively easy for criminals to steal or copy a card with a magnetic stripe and use it in the country of issue with a forged signature. However, the additional security of EMV has driven fraudsters to the card-not-present environment, or to places such as the Middle East where EMV has not yet been rolled out completely, or the US where it has not been rolled out at all. According to Apacs’ 2008 fraud statistics, fraud abroad – committed by criminals using stolen UK card details in countries yet to upgrade to chip and PIN – rose to £230.1 million, which is nearly double the amount at which it stood two years ago.

In addition, the growth of online activity, such as internet shopping, means that fraudsters have grasped the opportunity to target consumers anywhere in the world from the relative security of their front room. Indeed, according to Apacs, card-not-present fraud losses increased by 13 per cent over 2008 and now account for 54 per cent of all card fraud losses.

Automated fraud monitoring

The drive towards payments harmonisation across Europe and the breaking down of borders that comes with various regulations such as the Payment Services Directive (PSD) is also contributing to the rise in cross border fraud by making banking relationships vulnerable to the weakest link. For example, if a payments institution in one country allows customers to open accounts and conduct activity without the necessary know your customer (KYC) checks commonplace in other countries, then there is a chance they could open the back door for criminals, enabling them to conduct fraudulent transactions across the EU that may have been prevented in the past.

However, these cross-border fraud challenges are not insurmountable and banks have an arsenal of tools they can use to detect and prevent fraud. The one that potentially offers the most significant savings for banks is the automation of fraud monitoring rather than the traditional reliance on manual analysis and checks. This not only reduces the resources needed in a fraud department, but also enables the bank to run fraud checks in real time – identifying suspicious transactions at the earliest possible opportunity and stopping them. Real-time has been a buzzword in relation to fraud detection for some time but the good news is that it is now being successfully proven in the field and has great potential in the area of cross-border fraud.

Real-time decision making, simply put, is fraud checking during the authorisation response of online transactions, as opposed to offline transactions where checking is automatically approved by the merchants without them contacting the bank for approval. When a card transaction is initiated by an ATM or point of sale (POS) device, the system sends information about that transaction via the acquirer, to the customer’s bank for authorisation.

If banks are running real-time fraud analysis, this takes place during that authorisation process and must be completed in milliseconds. Therefore, only the most robust, accurate and reliable real time anomaly identification systems can be applied.

Understanding fraud patterns along with normal customer transaction behaviour is crucial to not only ensure fraud is identified quickly but also accurately.

Real-time fraud prevention tools

Real-time fraud prevention tools can be applied in conjunction with other fraud mitigation techniques such as point of compromise (POC) analysis. POC detection is one of the most important preventative fraud measures that a financial institution can take when addressing card fraud, in particular by enabling them to identify fraud trends and pinpoint where cards were compromised. While POC analysis does not provide instantaneous fraud detection, it is the intelligence from the analysis that should be used with real-time countermeasures. The POC is the location at which the card skimming – the illegal copying of ATM or POS card numbers and PINs for the purpose of stealing money from bank accounts – has taken place and always refers to the specific terminal where skimming occurred. By knowing the POC, at risk cards can be monitored and potential future fraudulent attempts can be stopped. This results in immediate fraud loss savings to the bank.

According to recent figures released by the European ATM Security Team, card-skimming fraud at European ATMs increased 129 per cent in 2008, with a total of 10,302 reported incidents. This trend illustrates the importance of the identification of the POC as it allows the financial institution to recognise trends and write rules based on the locations where the compromises occur. For example, if three customers of a bank experience fraud after using their cards at one ATM or merchant, the bank can quickly flag up all other cards used at that site and monitor them even more closely for suspicious activity. When this is done in real time, it can have a fast and very real impact on stopping the fraudsters.

Another emerging tool in near real-time fraud detection and prevention is SMS alerting, which is where customers receive an automatically produced text message when there is an unusual transaction initiated on their account. Customers can set the security parameters that they feel most comfortable with, such as being notified of transactions above £1000 or outside certain countries and then be sent the automatic SMS alert when these are breached. Alternatively, banks can send alerts when they believe a transaction is fraudulent, even if it doesn’t meet the customer’s set criteria. If it is a false alert, all the customer has to do is ignore the text message; however, if he or she is not carrying out the transaction that has triggered an alert, he or she can notify the bank immediately and potentially stop the fraudster in his or her tracks. This can significantly reduce a bank’s losses from fraudulent transactions, no matter in which country the fraud is being perpetrated, as well as enhancing the customer experience.

Cross-border fraud

The cross-border nature of online banking fraud, however, poses a different challenge, and for this, many banks are turning to tools such as IP profiling. IP profiling in a fraud detection system gives financial institutions the ability to monitor transactions based on customers’ IP addresses, thereby establishing patterns in their online banking behaviour. If unusual patterns are detected, IP addresses are blacklisted or monitored. For example, the most common type of online banking fraud is phishing, where the perpetrators try to obtain confidential customer information such as user-id and password to siphon away funds from online bank accounts, or make alterations to the account such as address changes, new card or new PIN requests.

If a customer has been a victim of a phishing attack, the bank can identify the IP address the fraudster is using to log on to a bank account and compare it against known fraudulent addresses as well as the customer’s usual activity. Therefore, not only can IP profiling help identify and block fraudulent attempts to access a bank account online before anything is lost, but around 98 per cent of all dubious transactions are prohibited through establishing a pattern before the rules are even applied. This method together with two-factor authentication tools enables a bank to detect virtually all internet banking fraud.

IT security such as IP intelligence must be used in conjunction with other detection methods as part of an enterprise approach to cross-border fraud detection in order for it to work to maximum effect. Enterprise risk management looks at all the activity on an account, whether it is online banking transactions, ATM use, shopping using credit or debit cards, or even something as seemingly innocent as a change of address. By having this bigger picture of its customers, a bank is able to quickly and accurately identify cards or accounts that have been compromised anywhere in the world. This approach moves banks away from traditional silo-based fraud defences to intelligent enterprise-wide solutions where regardless of the means of payment or where the fraud is being committed, protecting the customer’s available balance is possible.

The drive towards electronic payments and the growing harmonisation of the payments infrastructure within Europe at least, means that cross-border fraud will only continue to be a thorn in the side of many financial institutions. However, automating fraud prevention, analysing activity in real-time and using the latest tools and techniques will give the banks the best possible chance to significantly reduce their fraud losses domestically as well as across borders, while also offering them the opportunity to deliver real efficiency savings within their fraud departments. Only through such a joined up approach can banks too transcend borders and take the fight to the fraudsters.

By Michelle Weatherhead, risk solutions manager at ACI Worldwide (EMEA) Ltd