preventing fraud with a multi-channel approach
Post on 23-Jan-2018
169 Views
Preview:
TRANSCRIPT
December 6, 2017
Preventing Fraud with a Multi-Channel Approach
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 2
Jesus OrtizVP Product Development
Margarete MuckerEVP, Operations
Karen WebsterCEO
Preventing Fraud with a Multi-Channel Approach
Guardian Analytics Presents
Featuring:
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 3
• Founded in 1956
• Headquartered in Silicon Valley, CA
• More than $9 billion in assets
• 100,000 Members
• Ranked 10th in total assets among 6,500 credit unions nationally
• Ranked #1 by the Credit Union National Association for the past 4 years for member giveback
About Star One Credit Union
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 4
The year 2006 brought a dramatic change in how FIs and technology companies could work together to reduce fraud.
Emerging Fraud & New Requirements
Emerging fraud
FFIEC MFA guidelines
Member protection
Rules can’t compete
MFA doesn’t stop fraud
Machine learning offers true protection
Star One’s Perspective Guardian Analytics’ Perspective
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 5
• We see a wide range of online attacks
• You never know which tactic a criminal will use
• Criminals can get past controls
• You may not know you have “fraud”
• Not all online account takeovers end in an unauthorized online transaction
• Cross-channel fraud starts online
• It’s not a matter of if, but when
Star One’s Perspective on Threats
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 6
Star One’s Attitude on Fraud Prevention
• Starting with payment fraud is too late
• We must protect our members from themselves
• Looking at behaviors, not transactions, offers true protection
Results from a Decade of Behavioral Analytics-Driven Fraud Detection
Case Studies from Star One Credit Union
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 8
1. Fraudster used phishing email to steal member account credentials
2. Fraudster logged in to account and created a new bill pay payee
3. $4,500 was sent to the payee – a victim of a romance scam cultivated by the fraudster
4. Upon receiving the money, the romance scam victim wired the money back to the fraudster
5. After Star One reversed the transaction and credited the member’s account, the romance scam victim suffered the $4,500 loss
Takeaways: The source of this fraud was the Phishing e-mail and the entry into Online Banking. If we would have had Guardian Analytics in place at the time of this fraud, we feel, it would have been prevented and would have revealed the suspicious activity at the time of the initial unauthorized login.
Case Study: Before Guardian Analytics
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 9
Case Study: In Beta With Guardian Analytics
1. Fraudster used social engineering to obtain member login credentials & personal info
2. Fraudster contacted call center to change account phone number
3. Fraudster logged into member account and viewed cleared drafts to learn member’s signature
4. Fraudster initiated wire transfer of $98k to bank in Texas
5. Since signature matched and phone number routed to fraudster, Star One approved the transaction
6. Member discovered the loss when reviewing monthly statement
7. When Guardian Analytics reconstructed the login analysis of the account, they produced a Red alert on the first fraudulent login
Takeaways: The source of this fraud was the public/private info the fraudster had in order to social engineer our call center. We feel, and have the proof, that the Guardian solution would have discovered this fraud even though it involved both online and offline activity.
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 10
1. Guardian Analytics surfaced a red risk alert for an account login
2. Further investigation into activity from the login showed check image views and password & MFA question updates
3. Star One member claimed good security practices, felt no breach to his system was possible
4. Upon running a malware program, member discovered a key logger on his system
Takeaway: Even practicing good security habits can leave a PC vulnerable. With a solution in place that really guards against unauthorized logins, we feel we have extended the security on our valuable Online Banking members who are amongst the most savvy and profitable to us.
Case Study: Fraud Prevented
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 11
1. Member disputed Visa charges that occurred in person and online
2. Star One looked at Guardian Analytics data and found no anomalous activity
3. When faced with results of the investigation, member “remembered” that she had in fact made the purchases she was disputing and rescinded her affidavit
Takeaways: The Guardian system helped us detect when there was no fraud present. We feel that after explaining our methods of investigating online fraud and specifically the use of the login analysis tool, that our member realized that we have were aware of actual verified logins performed by the member at the time she clamed there was fraudulent activity.
Case Study: Fraud from Within
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 12
7,540 average daily logins
0.26% red and yellow alerts
3.35% of alerts require qualifying
17% of qualified alerts are actionable
Efficiency: Average Daily Alert Volume
Guardian Analytics leads to • Fewer total alerts • More qualified alerts• Less time spent reviewing
false positives
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 13
Prevented Fraud Loss in 2017
Loss prevented from 9 Bill-Pay transaction alerts
Loss prevented from Reg E ACH disputes across 40 transactions
Loss prevented from Wire Transfer fraud across 4 transactions
$160,469 $197,180 $878,472
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 14
Guardian Analytics Approach to Fraud Prevention
Collect user data
from online activity and transactions
Compare to known user ‘behavior’
Flag behavior that is
statistically anomalous for that user
Create action to mitigate risk
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 15
Building an End-to-End Solution
2017: AML Beta
2016: Omni-
Channel Visual
Analytics
2015: ACH RDFI
2014: ACH ODFI &
Wire
2012: Mobile
2007: Online Retail
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 16
• We have brought online losses to near $0
• We experience low alert rates
• We have no rules/scenarios to write
• There is no change to our customer experience and we market our security as an advantage to our members
• Examiners & the board are happy
• It feels like criminals do not attack us as much anymore because nothing gets through!
Star One Perspective: Why Guardian Analytics?
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 17
Guardian Analytics Customers See Results
Cut fraudulent transactions by 90%
Lower false positives by 5x
Reduce callbacks by 80%
Capture fraud in real time
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 18
Modern Financial Crime Platform Architecture
Omni-Channel Risk Engine
Enterprise API Integrated Risk Database
Fraud Cockpit
Omni-Channel Visual Analytics
Online Mobile ACH Wire Supplier Portal
AML
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 19
Financial institutions
Commercial & retail account holders
Banking activities
450 40M 5B
Guardian Analytics at a Glance
© 2017 Guardian Analytics. All Rights Reserved – Confidential and Proprietary. 20
Q&A
Please add your questions to the
questions module on your control panel.
top related