Company Name

Authentication/Fraud/Identity Theft

Cyber Resilience: Make a Practice of Revisiting Assumptions

By Jeff Mansir

Over time and through experience, we have learned that cyber-attacks will happen, some will be successful, and the ability to recover from a successful attack is something that must be considered and addressed. Defensive measures should no longer realistically be expected to safeguard an information network alone. An attack will happen; what will you do when it does?


Will Trump Election Make American Banks Great Again?

By Toni Lapp

November 9 –  Now that the dust has settled in the wake of one of the most vitriolic presidential campaigns in modern history, bankers want to know what to expect from President-elect Donald Trump. (more…)

The Future of Authentication

New technologies help improve consumer identification.

By Michael Scheibach

As banks continue their digital transformation, with expanded web-based and mobile offerings, the need for improved safeguards to protect their customers’ accounts and transactions is becoming even more critical . . . and daunting.


The Digital Disconnect

To Give Customers a Great User Experience, Your Employees Must Have One, Too

By Eric Crabtree and Weston Morris

There were roughly four apologies in five minutes from the well-meaning (but helpless) bank call center agent, recalled a bank IT executive in lamenting the plight of a fellow colleague. First, the agent had to run through another round of security questions, the same ones a colleague had just gone through minutes earlier. Then, the call center agent apologized because she only had access to the colleague’s personal account, and not his business account. Then, because the agent’s system was underperforming (a/k/a “so slow today”), she struggled to keep pace with the screens she wanted to walk him through. And ultimately, she had to transfer him to another agent, once again apologizing because he would likely have to answer those same security questions, once again. (more…)

Gas Retailers Implement Visa Transaction Advisors to Thwart Fraudsters

June 14 – Visa Inc., the global leader in payments, today reported on results of Visa Transaction Advisor (VTA), a service that extends the power of Visa’s global risk intelligence to fuel merchants, helping to reduce fraud at the gas pump. More than 35,000 gas stations are actively using the service in the U.S. On average, Visa Transaction Advisor users have seen fraud decline by more than half – a 54 percent decline in counterfeit fraud rates and a 51 percent decline in lost and stolen fraud chargeback rates. (more…)

Greater ‘Card Present’ Security Sees Fraud Activity Switch to eRetail

May 3 – A new study from Juniper Research has found that the value of online fraudulent transactions is expected to reach $25.6 billion by 2020, up from $10.7 billion last year. This means that by the end of the decade, $4 in every $1,000 of online payments will be fraudulent.


New Tax Refund Fraud Detection Tool Available for Banks/Credit Unions

April 13 – With the tax season in full swing, fraudsters will attempt to exploit the personal information of U.S. taxpayers to pocket millions of dollars in fraudulent tax refunds — illicit funds they will look to move through the financial system.  Verafin Inc., a leading provider of fraud detection and anti-money laundering collaboration (FRAMLx) software, announced a new analytic to help U.S. banks and credit unions detect suspicious tax refunds.  (more…)

Guardian Analytics Releases Mobile Banking Fraud Trends Research

April 8 – Guardian Analytics, a market leader in behavioral analytics solutions for preventing banking fraud, has announced findings from in-house research into mobile banking fraud across the company’s 400 customers. Analysis conducted by Guardian Analytics found that of all fraud cases involving mobile banking apps, 72 percent included remote deposit capture (RDC) and the use of fraudulent checks.


Five Measures That Can Help Identify Insider Fraud

By Hagai Schaffer

Fraud is an increasingly serious threat for businesses around the world, eroding data integrity and security, consumer confidence and brand integrity. Based on the latest ACFE (Association of Certified Fraud Examiners) study, organizations lose 5 percent of revenue each year to insider fraud.

logo_bottomlineAccording to the study, the majority of insider fraud losses — as high as 80 percent — are caused by collusion of two or more employees, even though only 45 percent of the incidents are attributed to collusion. One reason why the losses are higher is that when more people are involved, there are more opportunities to commit fraud and it becomes easier to circumvent anti-fraud controls and conceal the fraud for longer.

Companies invest in implementing controls such as requiring that transactions above certain thresholds be authorized by a second employee and preventing the same person from re-activating an account and transferring funds. But just by coordinating their efforts, employees can work together to circumvent these measures.

Here are five measures that can help identify insider fraud and collusion:

1. Monitor all user behavior
In order to detect potential insider fraud, businesses need to monitor and recognize unusual employee behavior. This can include things like sudden extravagant purchases or not taking vacations in order to perpetuate the crime and prevent detection. Suspicious behavior can also be detected by using monitoring systems to track when employees perform unusual changes to information systems. However, in all of these cases, fraud may be detected only after damages have been incurred.

An even better way to prevent fraud is to monitor data searches in order to detect when employees are planning fraud. For example, if a bank employee is attempting to deplete a dormant account, the first step is to perform inquiries to find inactive accounts with high balances. By monitoring user queries, investigators can recognize when employees are looking for potential targets before a dormant account is re-activated or money is transferred.

2. Compare an individual’s behavior with the relevant peer group
Employees who attempt to commit fraud are typically familiar with the controls that have been put in place and can try to circumvent them. For example, bank employees that know the transaction threshold that will send a red flag as potential suspicious activity can siphon off smaller amounts of money over a longer periods of time to avoid detection.

An analytic engine — one that learns the normal behavior of individuals and can compare it with normal behavior of other employees with similar roles in the same department or in other departments — can be more accurate at identifying fraud attempts. For example, a back office employee makes a query to discover accounts that have been inactive for eight to nine months (just before they are automatically flagged as dormant); this behavior can be flagged as suspicious when compared with typical queries conducted by his peers.

3. Correlate activities in various channels and systems across the organization
Businesses typically segregate functions between roles to lessen the opportunities for employees to commit fraud. For example, in banks typically only back office clerks can reactivate a dormant account, but they cannot transfer funds. Tellers, on the other hand, can transfer funds, but cannot change account status. Collusion between a back office clerk and a teller would allow them to liquidate dormant accounts. For detecting such schemes, an anti-fraud system needs to monitor and correlate all activity across back office, transactional systems, branch offices, e-channels and other systems.

4. Detect commonalities in employees’ actions
Two employees who are both conducting an excessive amount of activity on the same customer accounts can be a clear indication of collusion, especially if they are the only employees to access these accounts. For example, if a back office clerk and a bank teller are consistently viewing the same accounts, this can be an indication that they are working together to take over these accounts. One way to identify and hopefully prevent this type of fraud is to alert fraud investigators when multiple employees perform suspicious transactions on the same accounts.

5. Use visual tools to link employees, customer accounts and suspicious activities
Analytics alone is not enough. Since collusion involves multiple employees and suspicious events, visual link analysis can be very effective. It can uncover sophisticated scenarios that are difficult to uncover using traditional representations such as tables and charts. Using tools that can cluster events and identify trends with a visual display speeds up investigation and resolution.

By monitoring and analyzing all employee activity and looking for signs of collaboration, organizations can detect suspicious activity before any funds are lost or their reputation is tarnished. There are other benefits of notifying employees that a diligent tracking system has been implemented: employees are less likely to commit fraud if they know there is a greater chance of being caught. Also, if fraud is detected when losses are small, then larger problems can be avoided.

Hagai Schaffer leads Product Management and Marketing at Intellinx Ltd., a Bottomline Technologies company, and held the same position at Sabratec Ltd. He has over 25 years of experience in the software industry in both technology and business positions. Before joining Sabratec, Hagai served as CTO at Oblicore Inc., a leading provider of Service Level Management solutions. Prior to that, he held senior technology and business management positions with SPL WorldGroup. Hagai holds B.Sc., Mathematics & Computer Science (Cum Laude) and MBA (with distinction) from the Bar-Ilan University.


Instant Recognition: Mobile Bankers Want Biometric Authentication

By Michael Scheibach

Everyone knows that mobile consumers want access to a full range of banking services on the device of their choosing, whether smartphone or tablet, 24/7/365. Rather than being satisfied with these ubiquitous services, however, a recent report found that consumers are becoming increasingly dissatisfied with mobile access requiring cumbersome passwords and usernames.


Software: Kryptronic eCommerce, Copyright 1999-2017 Kryptronic, Inc. Exec Time: 0.058554 Seconds Memory Usage: 3.781219 Megabytes
Kryptronic Internet Software Solutions