Cyber criminals are successfully defeating anti-virus, secure clients, multifactor authentication, and traditional fraud monitoring systems and walking away with millions. To protect their customers, financial institutions need to start using the strategic advantage they have over the fraudsters – deep knowledge of their customers.
Behavioral analytics is a proven fraud detection and prevention methodology that uses online banking behavior as the starting point to detect fraud. Different users quite naturally have different behavior from each other, as well as being different from a fraudster. Behavioral analytics takes advantage of this fact. Rather than solely looking for specific malware, fraud indicators or fraud patterns, which are all changing too rapidly for most institutions to keep up, behavioral analytics combines knowledge about fraud with transaction monitoring and anomaly detection during every online banking session to determine if it is expected and legitimate behavior or suspicious behavior. (Video: Using Behavioral Analytics to Stop Fraud)
FraudMAP's patented (see sidebar) implementation of behavioral analytics is Dynamic Account Modeling™. Dynamic Account Modeling works automatically - there are no burdensome rules to write or maintain, no algorithms to manually train — and from day one, it can catch fraudulent behavior.
With Dynamic Account modeling, FraudMAP Online can detect when someone other than the legitimate user is accessing on online accounts, even if the machine, location, IP address, etc. appear to be the legitimate user's as they do in many Man-in-the-Browser attacks.
There are over 70,000 variations of Zeus. Phishing attacks via email, SEO, and mobile phones are rampant. Criminals move money online via the ACH network, wire transfers, bill pay, and execute varying forms of offline fraud. Some attacks are automated, some have a real human behind them. Financial institutions simply do not have the resources to understand, anticipate and respond to every possible online fraud threat.
Solutions that detect fraud based on fraud rules, specific attack pattern definition or malware identification will miss fraud. Why? Unless the fraud happens exactly as the rule was defined and follows a specific pattern or uses a certain piece of malware, it will not be detected. There are too many types of threats and attacks to make these solutions effective.
By nature, malware detection, rules-based or pattern detection-based systems are reactive - security vendors and institutions need to know what the fraud looks like in order to define a rule or train an algorithm. But fraudsters rarely stick to the same attacks and are quickly innovating, meaning never-before-seen threats will be missed.
Because Dynamic Account Modeling is not dependent on rules or patterns, but instead looking for any deviation from predicted behavior, it can find the widest array of attacks and automatically detect new and emerging attacks. And, because it is focused on specific account holders and not generalized patterns of behavior, FraudMAP Online not only maximizes detection, it does so with minimal alerts.
Request a live, personalized online demonstration of how FraudMAP uses behavioral analytics to stop fraud attacks.
This in-depth primer explains what anomaly detection is and how it works to stop the online banking fraud attacks that other solutions miss.