Story image

The three new fronts in the fight against fraud

25 Feb 2019

Article by Fiserv vice president of global market strategy and financial crime risk management, Andrew Davies.

The accelerating rate of technological innovation is transforming every aspect of our lives. The pace of change in business and financial services today is different than it was 10, or even three years ago. People want everything to happen more quickly, whether it's accessing their account balance, getting immediate access to their pay check or even purchasing a new product like a life insurance policy.

Recent quarterly consumer research from Fiserv only underscores the challenge for financial institutions. According to Expectations & Experiences: Consumer Payments, 50 per cent of consumers consider "real-time" in financial transactions to mean immediately. 

People want immediacy to go hand-in-hand with security. This year, that continued expectation will further nudge financial institutions from a mindset of acknowledging the need for speed to introducing those faster financial services.

Along with greater speed comes new fronts in the fight against fraud. Here are three trends to watch as financial institutions balance speed and security.

1. Real-time fraud detection

The introduction of new technologies such as the New Payments Platform (NPP) introduced in Australia early last year are enabling payments in real-time. Real-time offers a wealth of opportunities and conveniences to the industry and consumers, but there are inherent risks to any evolution in financial services.  As money moves more quickly, detecting and stopping fraudulent transactions takes on increased urgency.

With faster payments, the time from initiation to availability of money is seconds rather than minutes or hours. When all of the processing and network steps are considered, each must be completed within a second at most, including validation, accounting and fraud detection. This requires greater automation and can be facilitated by new ways of managing payments.

Payment-hub technology, for example, enables the management of all payment types on a single platform and promises better risk analysis, faster settlement, lower routing costs and a real-time view of transactions. The technology arose from European regulations, and gaining traction among financial institutions in other countries, many of which see value in the potential for greater efficiency and enhanced visibility.

2. Managing third-party risk

Consumer-focused technology companies are resetting expectations for financial services.

To adapt, financial institutions are embracing technology at every step of the consumer experience, whether through in-branch teller kiosks, artificial intelligence-based consumer assistance or integration with third-party fintechs.

Open banking regulations are making it a priority for financial institutions to integrate with fintechs and other third-party companies with which consumers have relationships. Under the regulations, financial institutions must provide trusted third parties access to customer information when consumers allow it. Currently in Australia, open-banking regulations are set to come into force no later than February 2020, with financial institutions currently piloting the system.   

Once again, technology presents many opportunities for consumers and financial institutions, but it also raises the stakes on security. If financial institutions begin engaging consumers more often through fintechs, identification and validation will become even more crucial.

A big question will be: What do you know about the security of the companies accessing information from your systems?

That question takes on multiple layers when considering the different channels and services fintechs and other third-party companies represent. Financial institutions' security strategies will need to account for payments, lending and card issuance, just to name a few.

Financial institutions can do this by adjusting their strategies in terms of due diligence, updating processes, and monitoring and evaluation. In the new interconnected financial services landscape, it’s not enough for a financial institution to ensure their own systems are secure, they also have to consider the security of the companies accessing information through their systems. 

3. Controlling and leveraging data

Financial institutions' success managing risk in the future will be largely dependent on how well they assess, leverage and control data. 

Yet the sheer volume of information flowing through financial institutions poses what can appear to be an overwhelming challenge. How can organisations manage so much data? How can they ensure its accuracy? How can financial institutions make sure it's useful?

Failure to answer those questions comprehensively can be costly. According to Gartner’s Data Quality Market survey, organisations believe poor quality data to be responsible for an average of $15 million per year in losses. Financial institutions don't simply need to manage the volume of data. The pace of change within that data is staggering, and institutions have to manage that in the context of financial crime risk. The best defence, then, is making sure the data is accurate.

Expect to see even more emphasis on technology that helps manage data quickly and efficiently. Advanced analytics, artificial intelligence and machine learning will play a prominent role in anti-money laundering strategies and data management.

Adjusting to the need for speed

Speed is a key factor for the future of financial services, and with the right strategy financial institutions can balance the need for speed with the imperative for security. As the introduction of faster financial services accelerates, security will become a differentiator for financial institutions that deliver it well.

ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Container survey shows adoption accelerating while security concerns remain top of mind
The report features insights from over 500 IT professionals.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.