August 30, 2017
Fraud is still on the rise: here’s what you need to know to manage attacks
At this time of year, many organisations have adjusted their business strategies to adapt to the constantly evolving fraud. Sean Neary, Featurespace’s Subject Matter Expert in Financial Services, recaps his fraud predictions from earlier this year and shares how to plan ahead for the rest of 2017.
Relentless, agile, and clever, it comes as no surprise that fraudsters continue to cause disruption in new and innovative ways. In response, organisations are looking for better ways to future-proof their defence systems. So where should your fraud operations focus be and how can you plan for the long term?
Where’s fraud at right now?
Earlier this year, I explored three key areas that financial services organisations are likely to see fraud attacks on the rise:
Over the past few months, I’ve spoken to many financial services professionals, and heard many speakers at industry events, and it is clear that these fraud trends still pose a challenge globally.
> Authorisation stream attacks: these are becoming more common in card fraud, with fraudsters changing attributes of the authorisation message to manipulate an acceptance decision (for example, by changing specific parts of the track data to interpret a more secure payment type). I’m hearing of this rising both in the UK and the U.S., with the focus on how terminal remote access and other previously overlooked possible compromise points can be addressed.
> Social engineering: although not new, the recent increase in secure authentication methods (such as biometric profiling and step-up authentication) have limited the ways fraudsters can commit large-value payment fraud or even account takeover at an acceptable effort cost (yes, fraudsters do have cost effective models similar to ours!).
This has driven fraudsters to the next weakness: us, the consumers. With all the security in the world, there will forever be a weakness where the consumers are manipulated or tricked into thinking they are performing a legitimate action. This shift has been seen in industries such as commercial payments, where multiple relationships are managed and high volumes of payments are made within short periods of time, making it hard to spot that anomaly in the noise.
> Operational costs: these are always on every fraud operation team’s agenda and budget, but there’s been a shift this year in proactively investing in enterprise fraud solutions and holistic analytics systems.
On the rise: demand for enterprise fraud systems
The shift away from end-point fraud solutions has also been a huge topic in 2017. Many financial services organisations are researching and implementing enterprise fraud systems with advanced adaptive behavioural analytics and machine learning to enable a one-stop-shop view of their customers and fraud trends.
Enterprise systems also enable operational departments to become a multiskilled and efficient unit, rather than focusing on one fraud typology at a time.
What’s next in fraud prevention this year?
The fight against fraud used to be a “back-end issue” mostly tackled by banks and acquirers.
However, within the past year, I’ve seen first-hand that financial services organisations are bringing the fight against fraud to the front line. Merchants and payment service providers (PSPs), in particular, are proactively investing in holistic fraud prevention solutions, to stop fraud at point of origination.
While fraud attacks and risk management are keeping the financial services industry busy, there are also other factors influencing how we deal with fraud:
- New regulatory requirements and challenges for organisations introduced by the revised Payments Services Directive (PSD2) and the General Data Protection Regulation (GDPR). Both topics are constantly talked about, but becoming time to think about how they can be delivered successfully, without increasing high customer friction. Watch this space, as I’ll be looking at the PSD2 issue later this year.
- Desire to combine advanced machine learning with in-house advanced analytics: increasingly, organisations are seeking the ability to manage data science models alongside advanced third-party fraud models for even more powerful data analysis.
- The need to have full confidence in systems using Artificial Intelligence and Machine Learning by having detailed insight into the data used by the fraud prevention modelling systems will increase interest in such solutions.
Why should you plan ahead for fraud management?
Ultimately, fraud attacks can damage a company not only financially, but reputationally – through loss in customer trust.
To tackle the problems we’re seeing in the financial services industry, organisations that are ahead of the game are investing in a holistic, future-proof fraud prevention system which uses adaptive behavioural analytics to give them confidence and advanced security in managing the constantly changing fraud landscape.