The ease and flexibility of digital and mobile banking is creating a revolution which is providing consumers with more ways to access their finances than ever before.
Consumers can now control their accounts through virtually any internet connected device and deposit checks, pay their bills, transfer balances to other accounts, or even send money to a person or business anywhere in the world.
At the same time however, this convenience and accessibility is opening new doors to fraudsters who are always looking for vulnerabilities to exploit to siphon money from consumer and business accounts. The more that banks open up new channels to allow consumers easier access to their money, the greater the risk that those same channels can be exploited for fraud.
In terms of fraud prevention, both financial institutions and their customers need practical solutions. As a first step, it’s important to identify and implement the easy, tactical things that can provide the most protection. Here are eight top tips to help protect both banks and consumers from fraud.
1. Implement multi-factor authentication
The first step for banks is to implement a robust multi-factor authentication process during account registration. Whether the consumer is registering for online banking at home, or downloading the mobile banking application, having a robust multi-factor authentication strategy that leverages things such as out-of-band authentication is the critical first step in preventing fraud online.
2 Implement and use consumer email and text alerts
One of the most effective ways to prevent fraud is also one of the simplest – email or text alerts. Alerts allow a bank to notify consumers in real-time when there has been any unusual activity online or through a mobile device.
For example, if an electronic payment has been made online to a never before seen payee, the bank can send the consumer a text alert to their phone to confirm that the requested transaction is legitimate.
Text alerts have not only proven to be an effective tool in stopping fraud but they also offer a positive customer experience that helps banks establish more trust and goodwill with customers.
3 Implement and use online activity logging and behavioural analysis
Monitoring consumer’s online and mobile access to their accounts is a critical component of preventing account takeover. Activity should be tracked to the Device ID or the IP address and monitored for anomalies such as access from foreign countries, access from devices known to be involved in a prior fraud, a high velocity of recent logins, an escalation in bad login attempts and other unusual circumstances.
Monitoring online activity is an important component of protecting consumers against online and mobile fraud.
4 Implement multi-channel fraud and suspicious activity monitoring solutions
A fraud monitoring solution is an important component in protecting against mobile and online fraud. Fraud monitoring platforms have many off-the-shelf capabilities that help banks to prevent, detect and report instances of fraud.
The most critical components that these systems have are:
Enterprise view – The ability to take in multiple sources of data across different channels to get a holistic view of each customer’s account and relationship. This includes checks, electronic payments, access to accounts online and access to accounts through mobile devices.
Scores, rules, and alerts – the ability to generate a risk assessment of a customer’s account based on business rules or sophisticated analytic scoring models that use profiles and other techniques to find fraud and create alerts.
Fraud reporting – the ability to generate business and regulatory reports when fraud does occur so that it can prevented in the future.
5 Proactively educate consumers and employees
By educating consumers and employees on the latest fraud scams and schemes, banks can help consumers prevent fraud before it starts. For example, banks should help consumers understand common email phishing schemes that are designed to have them unknowingly provide their login credentials or banking details to fraudsters.
6 Monitor and clean for malware regularly
Bank hackers are routinely able to steal millions of dollars by convincing customers or even bank employees to click on emails or links that download malicious malware onto their computers.
The malware infects the computer and allows the fraudsters to monitor keystrokes, capture emails, capture screens and other valuable information that they later use to steal from the banks. Scanning for and removing malicious malware is a critical component or reducing online fraud.
7 Use secure access through HTTPS as often as possible
HTTPS is a protocol for secure connections over the Internet that ensures a person is accessing the site they think they are, as well as making sure data is encrypted so it cannot be stolen. By using HTTPS consumers can ensure against 'Man in the Middle' attacks that allow personal or banking data to be stolen.
8 Manage online credentials wisely
Changing passwords frequently and making those passwords substantially different from old passwords is a simple but effective way to help prevent online and mobile account takeover. Even if information is stolen, changing passwords frequently may limit or even stop the information from being used.
Be vigilant. Be aware. Be suspicious.
If something is too good to be true it often is. In the online and mobile world, clever fraudsters are constantly preying on consumers and banks to exploit vulnerabilities. Their tactics will change but in most cases there will be some hint that the activity or request is somehow 'not quite right'.
The best defence against online fraud is to maintain vigilance. Fraud is always changing, so consumers and banks need to be aware of those new schemes and finally to be suspicious of anything that seems a little 'too good to be true'.
Sourced from Mannie DaSilva, Global Product Line Manager, Financial Crime Risk Management Solutions, Fiserv