What happens if a fraudster has already infiltrated a bank’s system and is operating undetected from within?According to a recent report by RSA, more than 30 percent of online banking fraud is carried out from accounts supposedly belonging to legitimate customers.
The battle which is consistently the hardest to fight is against those fraudsters who are already on the inside.
In order to comprehensively detect and prevent fraud and then block it from happening again, the battle needs to be fought dynamically throughout user sessions, as well as throughout the entire system: identifying fraudsters, investigating and understanding their operational behavior, and then stopping the criminal activity at its source. Finding fraudsters and the compromised accounts linked to them is extremely important if fraud is going to be cut off at its root. But once the fraudsters have been discovered, fraud analysts at individual banks need to be able to bar their digital door against them, and guarantee those same criminals – and anyone connected with them – can’t gain access to the bank’s system in the future.
Fraudster Hunter’s Policy ManagerIn order to successfully block fraud at its source, the focus has to be on locating the fraudsters themselves.buguroo’s platform generates a unique digital profile – or Bionic ID – for every user who accesses a bank’s online system by analyzing thousands of parameters relating to each user’s behavioral biometrics, from the way in which they type their name to the angle at which they move the mouse or hold their phone, as well as contextual information such as geolocation, device profiling and malware records.
buguroo’s unique capability, Fraudster Hunter, performs link analysis powered by these Bionic IDs to recognize the real user behind the user profile.
The tool identifies and investigates fraudster activity and visualizes the connections between components to discover the accounts being used to commit fraud or those at high risk of being used to commit fraud. This is where things get innovative.Once a fraudster or any kind of fraudulent activity has been found, the bank’s analysts can utilize fraudster identifiers or behavior links to create a bespoke rule, which automatically flags up the same type of fraud or person in the future.These individual rules utilize dozens of Bionic ID attributes to detect fraudster activity, before automatically triggering a predefined action which can range from stepping up authentication to terminating the transaction altogether, depending on the level of risk. For example, once a fraud team has uncovered a fraudster and blocked them from logging in or carrying out a transaction, they can then create a bespoke rule surrounding this same user. The next time the fraudster tries to log in to the bank’s online system, the rule will detect a match, essentially recognizing them before automatically blocking them from logging in or carrying out a transaction.