Cybersecurity Professionals Need Adaptable Fraud Prevention Solutions in 2018
The recent ISMG “2017 Faces of Fraud Survey” results could scarcely be more bleak. The survey of banking and security leaders reported that barely over one-third of respondents have high confidence in their anti-fraud tools. Roughly 10 percent show low or no confidence in their abilities to fight fraud—but only 53 percent of survey respondents said they have even moderate confidence in their anti-fraud controls and staff.
Given the recent numerous, sizeable, and well-publicized data breaches, our current state of fraud protection is both dire and ironic. Significant breaches of 2017 included:
Equifax: A website application vulnerability allowed hackers to access names, birth dates, Social Security numbers, addresses, and some driver’s license numbers. The stolen information also included more than 200,000 credit card numbers and nearly 200,000 other documents containing personally identifiable information (PII) of nearly 143 million Americans.
Uber: Cybercriminals hacked a third-party server and stole 57 million user account records that contained phone numbers, email addresses, and names of drivers and riders using the service.
Verizon: Records comprising names, phone numbers, and PINs of 14 million Verizon customers were left exposed.
This is not all. Given a larger attack surface, even more data breaches can be expected in 2018. With attacks come cover-ups; Uber, for example, attempted to hide its massive data breach, and industry observers expect more such cover-ups to be exposed in 2018. Posing additional and major concerns are outdated technologies and vulnerable systems like ColdFusion, Windows XP, old WordPress sites, and unsupported or open APIs.
These security weaknesses have resulted in cybercriminals making massive amounts of PII available on a regular basis, which further enables fraudsters to steal and use victim identities. The press is full of the news of these victims’ plight. In such an environment, it’s prudent to ask if risk and security professionals should continue approving transactions based on static identity reference data that is so frequently exposed, such as names, addresses, emails, credit card numbers, and Social Security numbers. Aren’t knowledge-based authentication systems that process “authenticated” (but often fraudulent) payments based on so much compromised data obsolete?
Today’s fraud is persistent, sophisticated, and here to stay. Organizations need to understand that relying on these outdated systems could result in substantial financial and reputational damage.
How to win in 2018
Globally, financial service providers must protect each legitimate member, especially the victims of identity theft and fraud, with a comprehensive fraud-prevention solution that adapts and evolves to combat cybercriminals. Such a smart solution would include better machine-learning technologies that use additional data sources to enhance detection algorithms and spot fraud in a timely manner. The solution should be able to identify possible fraud attempts, and where warranted, block and cancel fraudulent transactions.
Simility meets these needs by using advanced self-optimizing machine-learning models and fraud clues (like device, geolocation, behavioral, reputational and historical attributes) to predict and future-proof risks anywhere along the customer journey where fraudsters may attack—for example, when payments are approved or when an account is created.
Furthermore, Simility offers superior and customizable fraud-detection techniques to help meet risk and security needs. This ensures that legitimate customers are approved while cases that warrant further review are escalated. Simility’s enterprise-grade, state-of-the-art fraud-detection solution gives any financial institution the competitive advantage to accelerate growth, foster loyalty, block fraud, and make loss due to data breaches a thing of the past!
Want to learn more about Simility? See it in action by requesting a demo.