Staying ahead of the hackers

People can now open accounts, manage their finances and make transactions online, without having to go anywhere near a high street branch. And in recent years, services have moved on to mobile platforms, while other technologies, such as contactless cards, are also changing the way we transact.

This has presented huge opportunities for financial institutions – no longer restricted to geographic regions, countries or local areas – which now have the ability to expand their customer base and grow revenue across the globe.

THREATS AND VULNERABILITIES

But with the internet and other new channels have come fresh opportunities for fraudsters and criminal gangs, who are also able to take advantage of the inherent vulnerabilities of the digital landscape. “They can work together and create affiliations with each other in order to execute different types of crime over the internet, rather than having to physically walk into a branch and hold it up,” says Mike Urban, portfolio director, financial crime risk management, at financial technology firm Fiserv.

Much of the fraud committed comes from data that is openly available over the internet, such as social media, or which can be accessed through malware or online scams affecting customers. Financial institutions need to ensure they are in a position to identify suspicious trends and prevent incidents from escalating when they do occur.

“Preventing financial crime becomes much more important as your customer base expands in different geographic locations where you might not have a footprint,” says Mr Urban. “Transmitting that information into a system that can continue to track and monitor developments, and identify when particular behaviour is starting to go sideways then becomes mandatory.

“You need to be able to react to these threats in an automated fashion, rather than relying on a human being to look at it first, slowing the process down even further , especially as criminals are getting quicker all the time.”

PATCHY PICTURE

Many financial institutions have a patchy approach to the threat of fraud. “They have different areas that are focused on particular things,” Mr Urban explains. “Most institutions have a good card fraud programme in place, but that’s just focused on cards. The bigger you are, the harder it becomes to tie everything together. Some institutions may have multiple applications for the same process, depending on acquisitions or where the function is in the organisation.”

Legacy systems are also an issue, he says, with institutions still having to rely on pulling data out of these while needing the flexibility to accommodate other packages as other investments or acquisitions are made.

The solution, says Mr Urban, is a security platform which allows financial institutions to easily integrate legacy systems with the ability to adapt as new products – and threats – are introduced.

“It needs to be something that can be tailored to unique situations and then changed as required,” he says. “In the long run, it’s more effective because you have a platform where you can easily add new or changing types of crime scenarios, and adjust it as the criminals and the regulations change. Being able to tie all that information together also helps you make a better risk decision. We call it defence in depth.”

CRIMINAL MINDSET

Cases of fraud are only likely to get more aggressive and sophisticated in the future, meaning financial institutions have to start thinking along the same lines as the criminals themselves. “You have to put yourself in the mind of the criminal, during your risk assessments, to identify where they could get in,” says Mr Urban. “You have to be able to react as quickly as they can, even though they don’t have legacy systems and can whip up a piece of malware in a very short time.”

Recent high-profile cases, such as those involving US retailer data breaches, where the credit and debit card details of millions of customers were accessed by hackers, have contributed to a growing awareness of online crime in the public mindset. Mr Urban believes those institutions which can put in place a proven security platform can turn what has up to now been a concern into a strength.

“Everyone is aware of fraud in a way that maybe they weren’t five or ten years ago,” he says. “Often customers who are impacted by fraud will actually leave the institution and go elsewhere. Those who can deliver a better customer experience will minimise the risk of losing revenue and damaging the bottom line.”

The financial crime platform offered by Fiserv is used by more than 1,000 clients in over 70 countries around the world and can empower clients to add or change detection scenarios in response to emerging threats.

For more information visit www.financialcrimerisk.fiserv.com