In today’s environment, setting up a fraud prevention program is a hugely complex process. Algorithms will need to include a wide range of rules and models that can evaluate a huge number of factors to spot and block fraudulent transactions in real-time, without impacting on legitimate customers.
One area that must not be overlooked is the impact of non-financial events and activities on a fraud prevention strategy. Fraud does not happen in a vacuum – there will often be something that takes place before the actual transaction that can give an indication of what is to come.
If banks are focusing their attention solely on transactions themselves, they could miss these warning signs. So what non-financial signals should banks be looking for in order to enhance their fraud prevention efforts?
Fraudsters take advantage of new technology
One issue that’s becoming increasingly common for the banking sector as a whole with the rise of contactless technology and digital wallets is fraudsters looking to take advantage of offerings like cardless transactions.
For example, many banks now offer cardless services at their ATMs, where a consumer who has forgotten or misplaced their card can still gain access to cash by logging into their mobile banking account and receiving a unique code, which they can input at an ATM.
However, it’s possible for this code to be intercepted by a fraudster, or for a criminal to gain access to someone’s mobile banking account using stolen credentials and change contact details such as an email address or mobile phone number. They can then send a code to themselves and carry out a fraudulent transaction.
By itself, changing a contact detail is not necessarily a suspicious behavior – people get new phone numbers every day. But it is an unusual activity for a banking account, so a fraud prevention manager cannot simply dismiss it. These events must be included in their rules and models as a potential red flag for fraud, so that banks are able to confirm it with the customer or request more information. Ensuring these activities are tracked and acted on can prevent fraud before a transaction is even attempted.
Having the right solutions
Criminals using stolen passwords to access a customer’s online or mobile account and change details is just one example of a non-financial event that can occur in the leadup to fraud. Others may include transferring money between a savings and checking account in preparation for making a withdrawal. But whatever activities take place prior to actual fraud, it’s vital prevention programs are able to detect them and factor them into their risk scoring calculations.
Such is the sophisticated nature of today’s fraudsters and the technology they use, it could only be a matter of nanoseconds between a non-financial event and the subsequent fraudulent transaction, so real-time solutions are essential. It’s also important that different parts of a bank’s infrastructure are able to communicate with each other – which may not always be the case when financial institutions are still dependent on aging legacy systems.
Many banks may have systems for online banking management and fraud prevention programs run by different vendors that do not connect directly with one another. This may mean that fraud solutions do not even have access to the data they need to make their operations a success.
Fraud managers therefore need the most up-to-date systems throughout the bank in order to gain real-time insight into unusual non-financial events when setting up the rules and models for their programs. Without this, they may not be able to spot fraudulent transactions until it is too late, and this could have severe consequences for a brand’s reputation and relationship with its customers.