Commentaries and insightful analyses on the world of finance, technology and IT.

« Engaging Millennials -- The New Cash Cows of Banks | Main | Starting a new chapter with behavioral biometrics »

Combatting Bank Frauds

- By Prasanna Sekar and Maruvarkuzhali Subramanian

It is almost the end of another eventful year. Banks are battling myriad regulatory uncertainties, technology twists, and unconventional competition, while fraudsters are raising their game relentlessly. By 2020, industry experts are pegging online banking fraud to grow by 27 percent approximately. Not surprisingly, major fraud detection and prevention (FDP) players are screaming from their rooftops warning about omnichannel vulnerabilities and the need to raise the bar.

Card-not-present fraud is almost like a new normal -- be it the bank heist at Bangladesh's central bank or 3.2 million debit cards getting compromised in the Indian subcontinent. In the west, Tesco Bank as well as banks across the Atlantic have been victims of cyber theft, too.
Reactive forensic audits by banks are inevitable, but few banks have taken cues from their peers' wounds. For instance, the US Bank offers Visa's geolocation service that matches card and mobile phone locations. The nascent behavioral biometric technology used by National Westminster Bank in London tracks every customer movement (website / mobile app) to spot anomalies. And NatWest (RBS), currently employing physical biometrics, has deployed BioCatch's behavioral biometric software to provide 'nonstop authentication.'

Thus, there are various technologies that banks can adopt to detect and prevent fraudulent transactions. There are technologies like the RSA security which can look for various threats like spoofed websites, phishing, and apply that in a database that the clients/customers use which is used as a basis for creating an authentication system. In tandem, the banks keep a check on false red flags.

The digital revolution is making lives easier for banks and customers, but as there are always two sides of a coin, it opens doors for cyber-attacks and fraudulent transactions (e-commerce payment, ATM fraud, etc.). Most banks continually research on possible foolproof systems, unafraid to invest in risk management. They are precautious while trying to safeguard the privacy of their customers and continuously come up with new technology like artificial intelligence, machine learning, multi-factor authentication, biometrics, popular Europay, MasterCard, and Visa chips, and more. Yet, there is a tremendous scope for improvement, as technology is evolving, after all.

Fraudulent transactions are getting innovative by the day, forcing banks to think beyond traditional security measures. The increase in successful adoption of mobile voice recognition technology in the financial services industry is proof enough for further uptake among banks. Various advanced identification systems analyze the way each individual sounds, verifies other markers like accent, pronunciation etc. and can even distinguish if the customer is suffering from a cold. It is very difficult to emulate / mimic and beat a human voice.

Apart from tech spend, banks need to educate their customers on aspects like debit / credit card theft, hotlisting, identity theft, and such. For instance, customers can minimize ATM fraud exposure simply by using own bank's ATM and avoiding ATM PIN disclosure. Similarly, in the absence of wireless point of sale (POS), customers ought to refrain from PIN disclosure to dodge a walk to the bill / cheque counter. Also, it is high time the single universal password or the PIN is forgone.

There is no safe place on earth. IT countermeasures cannot succeed on its own, as real change necessitates a drastic shift in the customer mindset too, making them equally liable. In the dynamic digital age, banks need to innovate to stay one step ahead of the fraudsters and provide a safe environment to transact. In the future, an impenetrable cyber banking infrastructure will be a key differentiator.

Comments

It is very much true.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Infosys on Twitter