Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

GOING BENEATH THE SURFACE OF ONLINE FRAUD PROTECTION: EXPLORING THE SUBCONSCIOUS

profile-of-a-man-with-close

By: Ryan Wilk, Director of Customer Success, NuData Security

Last year, cyber criminals got ahold of hundreds of millions of records containing the personal data of customers across all industries. Name-brand retailers were hit particularly hard, sometimes in ingenious ways, and at least one major bank suffered an embarrassing large data theft. IT teams are not usually run by psychics, so they must do their level best to protect user data – and their best often proved to not be good enough. That’s because hackers are insidious in their ability to keep creating new attack vectors.

Many times, the sought-after commodity is credit card numbers, which malicious actors use on other e-commerce sites or sell to fellow criminals. While dealing in stolen financial data is still a lucrative endeavor, a shift is occurring in the value of another commodity: usernames and passwords. Because many people use the same credentials across multiple Web accounts, a cascading effect occurs if a hacker gets hold of those credentials. Suddenly, all those accounts can be accessed – including emails accounts, if those credentials work for email as well.

Banks employ a variety of methods to safeguard their users. These methods include authenticating users by sending an SMS message to a user’s cell phone and Knowledge Based Authentication(KBAs), in which users answer pre-defined questions (“What’s the name of your first pet?” “Where did you meet your spouse?” etc.) While these methods provide an added layer of protection,they also add customer friction, potential customer insult and lost conversions, all of which a business wants to avoid.

A newer user validation method works in a much different way: it focuses on the subconscious aspects of a user’s behavior. This grants insight intowhether they really are who they claim to be. These are called subconscious metrics, and they look at how a user functions at the most basic level – just below the level of awareness. In day-to-day life, this can be as simple as always putting on your left shoe first. When online, it’s more complex, like the speed you type your email address into a username field on a website. These experienced-based data points are unique to the user and very difficult to mimic or forge. The collection of this data is 100 percent non-intrusive to the end user and gives you the ability to monitor, authenticate, verify and gain confidence in who your users are, all in realtime.

Brute Force, Username Testing and Account Testing are some of the methods used to take over accounts, one of the most popular forms of identity theft today. For anyone trying to protect their web or mobile user accounts from such schemes, the concept of subconscious metrics is an exciting one. If you can verify that the username and password entered are correct and also that the subconscious behavioral patterns matchprevious interactions, you can feel much more comfortable allowing that user to proceed. The opposite is true as well; if the user comes back with the correct username and password but the subconscious behavioral elements drastically differ from prior interactions, there is now powerful intelligence available to protect both the account holder and the overall brand.

It becomes much more difficult for a fraudster to impersonate a legitimate user when behavioral profiles are being used as a fraud detection method, because these profiles are composed based on hundreds of subconscious behavior measures. This allows us to determine that a change in a user’s behavior is not malicious, like using a computer instead of a smart phone, while still providing insight that a majority of the behavioral elements displayed by the user are accurate. Most of today’s authentication systems may have created customer friction based solely on a user logging on from a different device.

Avivah Litan, security and privacy analyst for Gartner, encapsulated the current fraud security zeitgeist in a recent research note: “The ultimate goal of OFD [online fraud detection] is: continuous behavioral profiling of users, accounts and entities.”A best practice for financial institutions looking for an authentication approach is to search for one that creates the most accurate behavioral, account and entity-profiling model available.

The best option for success in user validation is to gather and analyze a huge number of data points to discern who is really responsible for a transaction. This is called complex behavioral biometrics. The subconscious aspects of this behavior elevate our strategy so firms have a powerful weapon to protect their community of users against dangerous attacks such as account takeover and identity theft – and do it absolutely passively.

Zeroing in on subconscious behavior measures is an exciting new option in the fight against online fraud. It is a comprehensive method that greatly increases the likelihood of financial institutions being able to detect fraudulent behavior and, subsequently, keeping customers—and your bottom line—safe.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post