Combating Online Banking Fraud - A Top 10 List
For many financial institutions, the recent ruling in the US holding a bank responsible for fraudulent losses from business accounts has raised a few eyebrows because, traditionally liability has remained with the customer for business accounts.
However, the court ruled that the bank has a responsibility to protect its customers through the use of fraud detection mechanisms.
For most banks this just means doing what they do already. The fraud detection systems used today are comprehensive - looking at payments from different organizations, across different channels, all day every day, and spotting anything that seems even slightly out of the ordinary. As an industry we share information about types of fraudulent attacks, or even the IP addresses used by criminals to try to gain access to online bank accounts, and the fight never stops to stay one step ahead of the fraudsters.
If banks want to check that they are promoting reasonable efforts to prevent and detect online banking fraud protection for their customers, we have produced a checklist of ten of the most important features of successful fraud prevention and detection:
- Apply multi-factor logon authentication for online banking systems – such as tokens with one-time password or Adaptive Authentication (risk-based authentication).
- Utilize real-time analytics – monitor transactional behavior to determine whether activity is standard or anomalous for that customer. When high-risk activity is detected, action can be taken in real time or near-real time to stop the transfer of funds from the customer’s account. Funds can also be held until customer validation can take place (see #4 below)
- Employ profiling – include non-financial information (IP address, login activities, and device characteristics) to build customer profiles which can be stored to monitor ongoing behavior.
- Make use of out of band notification methods – utilize phone call, text message, e-mail, etc to confirm activity with customers before transactions can be completed.
- Maintain anti-virus software – Be sure to recommend your customers keep it current on end-user machines. While not fool-proof, it can stop lesser forms of intrusion.
- Maximize password management – Ensure password management best practices are enacted (e.g. change password every ninety days, minimum length, combination alpha-numeric, varying history, etc.)
- Leverage dual approval and limit management capabilities in your online banking tool – End-users with transaction initiation or approval entitlements should not also have administrative rights.
- Implement token management at ACH or Wire release – this approach provides another layer of authentication prior to finalizing the transaction.
- Employ a prescriptive, layered approach to security – utilize security tools within your online banking solution (e.g. multi-factor authentication, limit management, etc) with a fraud prevention and detection solution (e.g. profiling, analytics, etc.
- Education – keep it simple but constant. Partner with your customers to ensure they are aware of today’s threats and know what tools are available today to protect themselves.
Related blog posts
Integrated Fraud Prevention Tools in an Omni-channel World
In a previous blog post, I discussed the way in which technology partnerships are driving the evolution of the traditional payment gateway model, with value-added services becoming an increasingly important aspect of a payment gateway proposition. Real-time fraud prevention is one of many potential value-added services that a payment gateway can offer, but one that deserves particular focus, as the trend towards omni-channel commerce presents new challenges around fraud management.
The Evolving Role of Global Payment Gateways
Partnering with a payment gateway has long been a logical approach for a merchant seeking to extend their business across international borders, taking advantage of the opportunities that the globalization of eCommerce has created. But merchants eyeing up global expansion want to move more quickly than ever - the last thing they want or need in a highly competitive space is a gateway provider that either restricts their growth, or forces them to work with multiple payment service providers (PSPs) in different regions.
What Is the Link Between Payment Methods and Conversion Rates?
Checkout conversion rates are an incredibly important indicator for merchants’ bottom lines. Even minor change in website design, checkout flow, or the overall payment methods setup can noticeably impact a merchant’s conversion rate – positively or negatively.
Payment Service Providers Face Pressures from Many Sides, as Merchant Expectations Rise
The payments industry is more dynamic than ever, and despite the advances that innovation brings, the speed of change is undeniably putting pressure on traditional business models. The roles of acquiring banks and payment service providers (PSPs) – previously quite clearly defined – are blurring, and merchant demands are becoming technologically more complex.
eCommerce Payments Optimization as a Merchant Growth Strategy
In the majority of developed markets, store-based retail sales are shrinking while eCommerce and mCommerce grow at 10- 20% annually. Consequently, merchants are focused on digital commerce growth opportunities more than ever before.
Assessing the impact of the MIF Regulation interchange fee caps
The European Regulation on Interchange Fees for Card-based Payments (or the MIF Regulation for short) came into effect in December 2015. Comprised of four main areas—interchange fee caps, acquirer pricing transparency, the separation of card schemes and processing, and other supporting rules—the regulation will have a profound impact upon the European payments industry and has the potential to reshape the eCommerce payments landscape. No area, however, is poised to cause more of a commotion than the interchange fee caps. Acquirers, card issuers, and payment service providers are all affected, but the impact of interchange fee caps—and what it means for their businesses—varies considerably.
July: the hottest shopping time of the year for consumers, retailers—and fraudsters
Summer is in full swing, and while many people equate this time of year with beach-hopping and BBQs, retailers—and those of us who keep them in business— are quickly making July one of the most exciting shopping months of the year. Irresistible online sales and promotions abound, and with that, so does the risk of fraud. In fact, eCommerce fraud attempt rates in July, 2016 (1.6%) are slightly higher than fraud rates in December, 2015 (1.2%), which is the busiest holiday shopping time of the year.
Can payments really be simple Depends on whom you ask
According to the experts from Merriam-Webster, the definition of “simple” is fairly, well, simple to understand:
Consumers want access Merchants want simple global and secure opportunities How to achieve both
While riding the local commuter rail on my last leg home from NYC, I sat next to a woman who was on her smartphone shopping on what looked like a Chinese website. I smiled to myself after just having spent the day talking about the massive opportunities presented in the borderless world of eCommerce. The scenario was very timely as the day’s discussion centered on providing consumers with access to goods and services and the merchants’ opportunity to serve them anytime, anywhere with the payment options they desire.
There is no one size fits all approach when it comes to crossborder eCommerce strategy
Every business has its own strengths – and weaknesses – that need to be taken into account when formulating a cross-border eCommerce strategy. What has worked for one merchant is no guarantee of success for another, and the same applies to payment providers supporting merchants with global ambitions. But being able to successfully support merchants expanding internationally opens up new revenue streams and business opportunities. As CEO & Founder of PAY.ON, and ACI’s SVP Product Line Manager for Merchant Solutions, Markus Rinderer is no stranger to both the challenges and opportunities of cross-border eCommerce.