countering cross-channel fraud threats

Countering Cross-Channel Fraud Threats

BAI Payments Connect

March 11, 2013 — 11:00 a.m.-11:30 a.m.

1

Dena Hamilton

Countering Cross-Channel Fraud Threats

Detica’s - 2013 Top Three U.S. Fraud and Compliance Trends

• Enhanced focus on the fraudster footprint

Fraudsters were accountable for significant financial losses in 2012, as many firms overlooked key

fraudster behavior and risk characteristics until it was too late. Institutions will need to carefully and

consistently investigate and better understand the fraudster to better protect against financial crime in 2013 –

reviewing history, patterns and other characteristics to provide investigators with more well rounded insight and

create a clear view of relationships in the networks in which the fraudsters operate.

• ACH and wire fraud remain favorite tools for organized criminals

With FI’s seen as easy prey, 2013 will see an increased exploitation of ACH and wire fraud by

organized criminal rings. Firms will need to invest more to develop their defenses and implement anomaly detection

to combat both anticipated and unexpected attacks.

• Mobile fraud matures

Mobile fraud will finally come into its own in 2013, as criminals leverage past source-code and tested techniques to

develop more resilient malware and gain access to high level data stored on mobile devices. FI’s will be

challenged to protect mobile data as the number of transactions and volume of data on

smart phones grows

© BAE Systems Detica 2013 Company Confidential 2

Cross-Channel Fraud Definition

Federal Reserve Presentation 2009

Cross-Channel Fraud —

“Theft from deposit accounts by way of multiple points of access —

whether branch, automated teller machine, call center, debit card, online

banking, ACH or wire.”

- Dan Tobin,

IT Examiner

Supervision, Regulation and Credit

Federal Reserve Bank of Boston


These Threats Are Pervasive and Relentless


Why This Topic and What’s New?


Global Evolution of

Existing Payments

Emergence of New Payment

Players and Mechanisms



The Rise of Mobile

In the U.S.



The Rise of Mobile



2012 Payments Fraud Survey Summary of Results — September 2012

Source: Payments Information and Outreach Office — Federal Reserve Bank of Minneapolis


• The faces of fraud are changing and evolving. Organizations are familiar

with the traditional forms of fraud with checks and payment cards, but

over the past year many different fraud events have made the headlines:

• ATM skimming sprees

• Multiple retail chain breaches

• Social networking sites infiltrated

• Fraudsters swapping out POS pin pad units at a favorite arts and craft retailer

• ACH and wire fraud with business banking clients

• Many targeted phishing schemes

• Because of the increase in these access points as well as the innovation

of new electronic payment methods, criminals and their attacks are

becoming much more sophisticated


Regardless of the Source

In the 2012 AFP Payments Fraud and Control Survey • Introduction and Key Findings:

“As payment options proliferate, so, too, do new twists on fraudster’s

schemes and techniques. Checks continue to lead as the payment type

most attached, even as their use dramatically declines. But as paper

gives way to plastic, Internet and mobile payments accelerate, and the

globalization of business continues to grow, the need for new

security models becomes ever more important”

- Stephen W. Markwell,

Product Executive of Treasury Services, J.P. Morgan

13 © BAE Systems Detica 2013 Company Confidential

Why This Topic?

• Financial Crime Survey 2012 — Operational Risk and Regulation in

conjunction with Detica NetReveal®:

• The outlook for continued investment in financial crime detection and prevention

remains positive for 2013, with anticipated annual growth well ahead of the previous


On average, 83% of respondents

expect an increase in their

financial crime and compliance

budgets (compared to 42% in

both 2011 and 2010), of which a

staggering 56% predict an

increase of more than 20%

(compared to 14% in both 2011

and 2010).

Mitigating Residual Risks

• In the current climate of advanced persistent threats, data breaches and

malware-infected end-points, it is not surprising that information security

stands out as a serious concern that warrants more attention


Countering Cross-Channel Fraud

Why so hard to catch?

• Multiple interactions with distinct touch-points

• Forensics typically focuses on the point of the breach, not the

interactions leading up to it

• When accessed only for exploration, the online channel typically

doesn’t record activity


Countering Cross-Channel Fraud

Why is the risk growing?

• Payments products are increasingly using multiple channels

• Emerging payments products are being adopted by financial

institutions

• The increasing role of third-party processors

• Operational, information security and legal/compliance risks may not

be fully understood

• Growing complexity of systems


Detica’s Financial and Cyber Crimes Intelligence Platforms


19

Securing a Connected World

A full suite of products and services to protect institutions

INSIDE, AT, and OUTSIDE THE PERIMETER

AT THE PERIMETER • Penetration Testing

• Secure Network Guard (SNG)

INSIDE THE PERIMETER • Fraud Detection/Management

• AML/Compliance

• Cyber Monitoring and Detection

(CyberReveal)

• Cyber Response and Remediation

• Communications Monitoring

OUTSIDE THE PERIMETER • Threat Intelligence

• Cyber Defense Strategies and

Consulting

INSIDE

AT

OUTSIDE

© BAE Systems Detica 2013 Company Confidential

ENTITY

ANALYTICS

DETECTION

SCENARIOS

ALERT AND

CASE

MANAGEMENT

SOCIAL

NETWORK

ANALYTICS

ENTITY ANALYTICS

• Single view of entities

• Applies analytics to create

electronic fingerprints / profiles

• Holistic, cross-channel

approach

SOCIAL NETWORK

ANALYTICS

• Relational approach of entities

• Detect collusive behavior and

hidden relationships

DETECTION SCENARIOS

• Out of the box scenarios —

combines rules and analytics

• Risk Scores

• Ability to incorporate external

models and behavioral scores

EXPERTISE

• Industry risk, fraud and

compliance SMEs

• Highly regarded graduate

program

• In-house data labs

ALERT AND CASE

MANAGEMENT

• 360° view of client

• Single technology platform

• Alert Triage and Optimization

Offers Depth of Defense


Detica Recommendations

• Single platform approach — risk, fraud, and compliance

• Integrated command and control KPIs and risk indicators

• Full solution suite — across every stage of the customer journey from

initiation through to remediation

• Full 360° view of the customer

• Unprecedented, perceptive approach to detection and prevention

• Predefined social network analytics

• Customer-centric analytics and profiling

• Watch list management

• Enterprise case management

• Compliance reporting capabilities

• Real time and batch, proven detection and prevention industry models

21 © BAE Systems Detica 2013 Company Confidential

22

Dena Hamilton

[email protected]

[email protected]

www.deticanetreveal.com

North America Head Office

BAE Systems Detica

265 Franklin Street

Boston

MA 02110

USA

Tel: +1 (617) 737 4170

Fax: +1 (617) 737 4190

International Offices

Australia

Belgium

Canada

Dubai

France

Germany

Ireland

India

Poland

Singapore

Spain

The Netherlands

UK

© BAE Systems plc 2013. All Rights Reserved.

BAE SYSTEMS, DETICA, NETREVEAL, Detica NetReveal are

trademarks of BAE Systems plc.

Detica Limited is a BAE Systems company registered in England and

Wales under number 1337451. Its registered office is at Surrey

Research Park, Guildford, England, GU2 7YP

If you have any questions or would like to find out more about Detica

NetReveal® please contact:

Contact Details


mailto:[email protected]

References and Resources

Detica

• Knowledge Center — https://www.deticanetreveal.com/en/knowledge-centre.html

• 2013 Trends — https://www.deticanetreveal.com/en/knowledge-centre/news/item/bae-systems-detica-forecasts-

top-us-fraud-and-compliance-trends-for-2013.html

• Cross Channel Fraud — https://www.deticanetreveal.com/en/knowledge-centre/financial-services-collateral-

en/general.html?task=weblink.go&id=119

AFP

• 2012 Survey: Key Results — http://www.afponline.org/pub/pdf/2012_AFP_Payments_Fraud_and_Control_Survey--

Introduction_and_Key_Results.pdf

Google

• Mobile Trends — http://www.thinkwithgoogle.com/insights/library/studies/our-mobile-planet-us/

• Mobile Banking Trends — http://www.thinkwithgoogle.com/insights/library/studies/mobile-banking-trends-2012/

Federal Reserve

• Payment Fraud Survey — http://www.minneapolisfed.org/about/whatwedo/payments/2012-payments-fraud-

survey-consolidated-results.pdf


https://www.deticanetreveal.com/en/knowledge-centre.html




https://www.deticanetreveal.com/en/knowledge-centre/news/item/bae-systems-detica-forecasts-top-us-fraud-and-compliance-trends-for-2013.html

























https://www.deticanetreveal.com/en/knowledge-centre/financial-services-collateral-en/general.html?task=weblink.go&id=119









http://www.afponline.org/pub/pdf/2012_AFP_Payments_Fraud_and_Control_Survey--Introduction_and_Key_Results.pdf





http://www.thinkwithgoogle.com/insights/library/studies/our-mobile-planet-us/







http://www.thinkwithgoogle.com/insights/library/studies/mobile-banking-trends-2012/







http://www.minneapolisfed.org/about/whatwedo/payments/2012-payments-fraud-survey-consolidated-results.pdf











countering cross-channel fraud threats

Documents