This presentation introduces Guardian Analytics Omni-Channel Fraud Prevention solution as the only solution to meet the new requirements of fraud prevention.
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Behavioral Analytics for Preventing Fraud Today and Tomorrow
1. Fraud and Breach Prevention Summit Chicago
June 21-22nd, Chicago IL
Anand Sureka | Guardian Analytics
Behavioral Analytics for Preventing
Fraud Today and Tomorrow
2. Fraud & Breach Prevention Summit Chicago #ISMGSummits2
About the Speaker
Anand Sureka
Senior Solutions Engineer, Guardian Analytics
Anand Sureka is a Senior Solutions Engineer at Guardian Analytics. He has spent over a
decade working with banks to develop and integrate software solutions into online banking
and payment services, including fraud detection, personal financial management, bill pay,
ACH transfers and credit card payment services. Prior to joining Guardian Analytics, Anand
was a principle consultant for the professional services team at Envestnet-Yodlee.
3. Fraud & Breach Prevention Summit Chicago #ISMGSummits3
• Fraud and Breach Prevention Summit Miami
Behavioral Analytics - Preventing
Fraud Today
• April 12-13, 2016 – Miami, FL
Anand Sureka
4. Fraud & Breach Prevention Summit Chicago #ISMGSummits4
Banks Facing Unprecedented Trust Issue
§ Demise in trust
§ Legacy and silo approaches
failing - increase in fraud
§ Can’t hold back -
compe;;ve pressure
forcing innova;on
§ New approach is needed
Trust
Compe,,ve
pressures
Third party providers
Compe;;ve Banks
Speed
Convenience
Simplicity
Products/Services
Customer experience
Opera6onal Costs
Data breaches
• Malware
Social engineering
Single channel
Cross-channel
Customer Access
Customer Data
5. Fraud & Breach Prevention Summit Chicago #ISMGSummits5
New Requirements for Fraud Prevention
Support
payment /channel
innovation
Improve
customer
experience
Increase
operational
efficiency
Address
modern
fraud
6. Fraud & Breach Prevention Summit Chicago #ISMGSummits6
Meeting The New Requirements
Identity
Threat specific
Payment/channel slice
Behavior
Threat agnostic
Holistic view
Legacy Modern
Rules/scenarios Analytics
8. Fraud & Breach Prevention Summit Chicago #ISMGSummits8
Real-time Behavior-based Risk Scoring
Login/Access
Account Activity
Transactions
Risk score
every event
Each event
updates risk
L
L
M
L
H
Rule
Rule
Behavioral Analytics
• Individual • Population
•
Risk Data
Machine Learning
9. Fraud & Breach Prevention Summit Chicago #ISMGSummits9
Risk-based Intervention
Login/Access
Account Activity
Transactions
Risk score
every event
Each event
updates risk
L
L
M
L
H
Rule
Rule
• Behavioral Analytics
• Individual • Population
•
Risk Data
Rules-driven interdiction
Risk-driven interdiction
Policies drive
interdic;on ac;ons
(for any risk score)
11. Fraud & Breach Prevention Summit Chicago #ISMGSummits11
Partnership with The Norman Group
“To stay competitive, financial institutions need to
continually enhance their customer-facing products and
back-end technology platforms, and in parallel, rapidly
advance their capabilities to protect offerings and
channels. We are excited to combine our technical and
project management expertise in conjunction with
Guardian Analytics Omni-Channel Fraud Prevention
solutions to help financial institutions maintain a strong
pace of innovation without increasing their fraud risk.”
- Rob Grzeszczak, President and Managing Director
12. Fraud & Breach Prevention Summit Chicago #ISMGSummits12
Use Case #1 – Reducing Challenges for Large
Commercial Bank
Domes;c Cash
Movement
Applica;on
Global Cash
Movement
Applica;on
Wire
Processing
System
ACH
Processing
System
Client
Business Banking
Private Banking
Wealth
Management
Performance Analysis/
Risk Mgmt
Market Investment/
Fund Mgmt
External Deposit Services
Foreign Exchange
Benefits Management
Benefits Par,cipant
Retail Banking
Business Banking Central
Authen;ca;on
• Guardian Analytics Online Behavioral Analytics
Risk scores
drive stepped up
authentication
13. Fraud & Breach Prevention Summit Chicago #ISMGSummits13
Use Case #2 – ACH, Same Day ACH
• NACHA files
transmiMed or
uploaded
• Files processed
upon receipt
• Alerts published
within minutes
ODFI
$$ to
customer
Guardian Analytics ACH Behavioral Analytics
ACH Batch
Risk scores
ACH Batch
Risk scores
ACH Batch
Risk scores
14. Fraud & Breach Prevention Summit Chicago #ISMGSummits14
Use Case #3 – Wire Fraud
Detec%on Rates
Alert
Volumes
Low
Low
High
High
Trust too li:le
Know when to trust
Know when NOT to trust
Trust too much
Over $100K
And interna;onal
And new recipient
Over $100K
Or interna;onal
Or new recipient
The Wire Fraud Challenge
15. Fraud & Breach Prevention Summit Chicago #ISMGSummits15
Analytics Innovations to Raise and Lower Trust
Learn each individual originator behavior over ;me to determine risk
Learn new recipient
ra;o, typical
beneficiary paMerns
(i.e. keeps false posi;ves
for ;tle companies down)
Look to see if we can
raise or lower trust of a
beneficiary
If multiple wires to same “bene”
spread out, can raise trust
If many in rapid
succession, less trust
worthy
Use what we’ve
learned from other
fraud
Mule
Match in mule db?
Recipient
Originator
16. Fraud & Breach Prevention Summit Chicago #ISMGSummits16
Putting It All Together
Would beneficiary be expected?
(new beneficiary ra6o, beneficiary and FI loca6on/
region)
Are the originator’s wire ac,ons normal?
(6ming, velocity, type, accounts, direc6on, use of
instruc6ons, content of instruc6ons)
Are the wires typical?
(type, amount)
Originator Model
Wire Behavioral Analy,cs
Cross-ins,tu,on risk data
(Network effect)
Beneficiary Model
Is this a high or low risk beneficiary?
(beneficiary history with other originators, name/
account number match, suspected mule)
Self learning
No rules to write
Not threat specific
Adapts to new threat
Automa;c updates to analy;cs
100+ aMributes
from wire system
17. Fraud & Breach Prevention Summit Chicago #ISMGSummits17
Approach Highly Effective With BEC
New beneficiaries common (40%
of wires to new beneficiaries)
BEC beneficiary FIs vary (domes;c,
interna;onal, banks, credit unions)
Spoofed CEO
email
Spoofed
supplier email
Legi,mate
user
(CFO or
controller)
• Online
• Fax
• Branch
• Criminal beneficiary
• or mule
Criminals do their
homework on their
targets and prey on
urgency, sense of
duty and importance
Legitimate user logs into
online banking or
requests the wire
(legacy ATO detection
methods don’t work)
BEC amounts
within typical
range of client
wires
18. Fraud & Breach Prevention Summit Chicago #ISMGSummits18
Behavioral Analytics Detects Account Takeover
and Business Email Compromise
Spoofed CEO email
Spoofed supplier email
Legi,mate user
(CFO or
controller)
• Online
• Fax
• Branch
• Wire transfer
Amount
Expected OBI use
Velocity
Beneficiary
Beneficiary FI
Beneficiary Loca,on
Name/account number changes and
match
Individual and
Bank Popula,on Originator Models
Cross-originator
Beneficiary Models
Guardian Analy,cs uses originator, popula,on and cross-originator beneficiary models to accurately detect fraud with low alert volume; no rules or
scenarios to define
Criminal can spoof
email sender,
content language,
style, wire amounts
But they cannot
spoof how an
originator sends a
wire
19. Fraud & Breach Prevention Summit Chicago #ISMGSummits19
Recent Successes
Fraud prevented
$19M in last two months
(primarily BEC, have not missed
fraud)
Efficiency gains
Bank reduced reviews to only
high risk wires
(50-100 wires/day)
Client experience
Reduced callbacks
Reduc;on in alerts has freed
;me to discuss possible BEC with
clients in more detail
Bank with ~4,000 wires per day
Fraud prevented
$500K in last six months
(BEC and ATO, have not missed
any fraud)
Efficiency gains
Reduced reviews 70% (75/
day)
Increased wire risk
management coverage 400%
Client experience
Faster processing
Fewer callbacks
(1-5/day)
Bank with nearly 2,000 wires per day
20. Fraud & Breach Prevention Summit Chicago #ISMGSummits20
Behavioral Analytics In The
Future
Anand Sureka
21. Fraud & Breach Prevention Summit Chicago #ISMGSummits21
Meeting The New Requirements
Identity
Threat specific
Payment/channel slice
Behavior
Threat agnostic
Holistic view
Behavior + context
Threat agnostic
Omni-channel
Legacy Modern Next-Generation
Rules/scenarios Analytics Analytics
22. Fraud & Breach Prevention Summit Chicago #ISMGSummits22
Unified Omni-channel Fraud Prevention
• Channels
• Payments
• ATM
• Contact Center
• POS
• Branch
• Online
• Mobile
• Bill Pay
• Debit
• Wire
• ACH
• P2P
Customers are omni-channel. Criminals are omni-channel.
23. Fraud & Breach Prevention Summit Chicago #ISMGSummits23
Unified Omni-channel Fraud Prevention
Channels
Payments
• ATM
• Contact Center
• POS
• Branch
• Online
• Mobile
• Bill Pay
• Debit
• Wire
• ACH
• P2P
Fraud prevention should be omni-channel, too
Enterprise API
Omni-Channel
Risk Engine
Omni-Channel
Visual Analytics
Payments Channels Devices Locations Risk Data
24. Fraud & Breach Prevention Summit Chicago #ISMGSummits24
New Requirements for Fraud Prevention
Support
payment /channel
innovation
Improve
customer
experience
Increase
operational
efficiency
Address
modern
fraud