Don't Neglect The Online Channel: Combating Cross-channel Fraud At The Cause

The newest threat to online banking accounts and online fraud detection involves fraudsters using a multi-step system that involves different interaction points with financial institutions.

Cyber-criminals commit this cross-channel fraud by first breaking into an account via the online channel to pinch vital information such as account balances, check images, or signature blocks, in order to carry out wire, check and other types of offline fraud that never get linked to the original breach online.

Unfortunately, the online channel's role in these schemes is often overlooked. This is exactly what makes this kind of fraud so effective - and tough to catch. Financial institutions simply register the final transaction fraud, and do not account for the original breach, which often occurs in the online channel. Add this to the actuality that consumers don't know it is happening, and the fraudsters have a wonderful opportunity to continuously get away with this misconduct.

Case in point is what took place recently to a leading financial institution that services tens of thousands of customers daily. Despite hard line efforts to protect its online environment, fraudsters pulled off a startling cross-channel fraud scheme.

Here's how the fraud scheme worked:

1. The fraudster called the institution's customer service number and, with social engineering procedures, reset the online account password and contact phone number.

2. The fraudster accessed the online account, learned more about the customer's online activities, and downloaded check images containing the customer's signature.

3. The fraudster then called on a different institution using the stolen information to open a brand new account in the victim's name.

4. A wire transfer was organized to empty the victimized account and credit the new account at bank #2. Because the names on the accounts were identical and the fraudster had presented a phone number under his/her control and a official looking signature, an offline confirmation of the transfer by phone, as a back up means of identification, passed and was authorized.

5. The fraudster withdrew his loot slowly, visiting separate branches in a state separate than the victim's.

Legacy Fraud Detection Approaches Blind to Online Activity

When fraudsters utilize schemes involving multiple interactions with different touch-points across an institution, they aren't caught for the reason that the precursor online channel breach is often overlooked.

Common industry operation registers the last fraud transaction as the breach instance, and case forensics employ incomplete resources to return insight that cannot trace the original breach to the online channel. When accessed only for investigation, the online channel records no "transaction" for discovery. This is precisely what makes cross-channel fraud so efficient - and so hard to catch. Moreover, as what kind of fraud is our preceding example to be logged. Is such a loss wire fraud, check fraud, or simply "online account fraud"?

A next-generation strategy to online fraud detection and prevention is needed if we are to continue to encourage customer confidence in online banking security. According to Javelin Research's 2007 Identity Fraud Survey Report, it takes an average of 60 days for consumers to even spot that fraud has occurred. This leaves fraudsters with a perfect opportunity to execute successful cross-channel fraud crimes if financial services providers don't take blocking steps to protect both their customers and their bottom line. New best practices and back-end technologies that concentrate on online behavior can better isolate and prevent cross-channel fraud at the source.

Modeling Individual Account Behavior Ends Fraud at Its Source

An developing best practice of online fraud prevention is to employ predictive models of individual customer online conduct to detect when the "customer" logging in isn't who they say they are, even if they pass authentication. Beyond straightforward machine signature technology, user profiling technologies rely on trended analysis of behavior account by account. They start by understanding what "normal" behavior is for each individual customer - and admit that there is no single blueprint of "normal" behavior to write an anti-fraud rule for.

Dynamic, model-based analysis of account activity "does the math" - correlating what by themselves may seem like feeble indicators of fraud until a dominant pattern emerges of online fraud detection. Behavior that differs from what is expected becomes suspicious - the more the deviation, the deeper the suspicion. This comprehensive analysis allows for more granular risk scoring and better matching with offline activity patterns. A consequence of this behavioral analysis through transaction monitoring software, also provides a rich history of online activity that aids investigation and forensics.

Using these techniques, banks can identify the fraudster via the alarms to online activity outside the customer's likely behavior. Deploying strong analytics at the source - the online channel - ensures that fraudsters' attacks are shut down before any damage is done.