Account takeover and authorized push payment fraud are two of the most common fraud scenarios in the online finance industry, and probably two of the most difficult to detect. Photo by Bermix Studio on Unsplash What is Account Takeover (ATO)? ATO is an online variation of identity theft, a fraud scenario in which the perpetrator gains access to […]
Account takeover and authorized push payment fraud are two of the most common fraud scenarios in the online finance industry, and probably two of the most difficult to detect.
ATO is an online variation of identity theft, a fraud scenario in which the perpetrator gains access to a victim’s online account to commit a financial crime. It can happen in many different spaces, such as eCommerce, governmental sites, or in the banking industry. Also, the fraudster can benefit from it in multiple ways like executing fraudulent eCommerce transactions, selling personal identifiable information (PII) on the dark web, or transferring funds to one or multiple bank accounts.
The perpetrator can change the personal data registered on the account like the email address or phone number to reset the password without the victim even noticing the account has been compromised.
APP fraud is the act of criminals tricking their victims into transferring money to their accounts. For instance, these individuals may act as if they were from a legitimate company or entity, such as the victim’s bank. To sound convincing, fraudsters mention personal details about the victim, which they have collected from the victim’s social media and/or other public spaces that show their profiles. Fraudsters then advise the victims to transfer their money to another account (e.g. a safe one), as their current account has been compromised.
After realizing they transferred money to a scammer, the victims may never recover their stolen money. Therefore, it is recommended that they contact their banks as soon as possible.
Criminals might use a variety of methods to perform these two types of fraud. While ATO can require more hard skills to break into the victim’s account via Software Engineering methods, APP fraud is more about exploiting the individuals’ vulnerabilities through Social Engineering and persuading them to transfer money into an account controlled by the fraudster. This is one of the reasons APP fraud is so hard to detect. The payment is being initiated by the genuine customer, using the habitual device, IP, location, and even successfully authenticating through all the challenges the bank decides to implement, such as password, SMS tokens, or biometrics.
Let’s explore the most common methods used by fraudsters to attempt these two types of fraud.
All these threats can be classified into two categories:
In an era where customers are changing the way they interact with financial institutions, monitoring the identity and behavioural aspects of the customer and its devices during the interactions with the multiple bank’s channels is crucial to detect ATO and APP fraud.
Digital channels, like online banking and mobile banking apps, make these interactions quick and easy. With a generalized adoption of digital channels and the rise of FinTech companies, traditional channels, such as in-branch or phone services, are starting to decrease in usage.
In Insider Intelligence’s UK Mobile Banking Competitive Edge Study it is shown that:
“68% of all UK respondents surveyed use mobile banking. Of those that use mobile banking, 86% said mobile was their primary banking channel and 62% said they would even change banks if the mobile banking experience fell short.”
This rapid adoption of online banking activity increases the digital touchpoints between customers and the banks and it brings important data to be leveraged in the detection of ATO and APP fraud scenarios.
The new data is present at the time the payments are being made and in any digital activity event happening between the customer and the bank. This data allows companies like Feedzai to analyze the digital events earlier in the user journey, turning fraud detection into fraud prevention.
It is possible to analyze the customer’s digital behavior, namely the number and velocity of clicks, navigations, and typing patterns and compare it to the human behavior in the mentioned threats, in order to develop machine learning models that produce highly accurate profiling to detect scenarios of ATO and APP fraud.
Let’s explore how we can use digital activity data to detect fraud in a typical home banking session.
After the registration and account opening process, the user will log in into the home banking or mobile app to interact with the bank. At this point, we need to consider patterns such as:
Apart from creating a payment, the customer (or the perpetrator) can update part of his personal details. During these Account Updates, it is important to consider:
In general, it is also important to look into the following patterns at any stage of the session.
All these data elements are good examples of digital activity that can be analyzed during a banking session to build a genuine customer profile and detect criminals by using digital behavior.