Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

EMERGING MOBILE TECHNOLOGY CAN TACKLE ONGOING ISSUE OF SOCIAL ENGINEERING FRAUD

EMERGING MOBILE TECHNOLOGY CAN TACKLE ONGOING ISSUE OF SOCIAL ENGINEERING FRAUD

A new mobile technology designed to halt sophisticated digital identity fraud, could eradicate cumbersome verification processes on online banking and mobile apps, and halt the ongoing issue of social engineering in its tracks. Aspect Software, which has already saved a major British bank £10m per year in fraud losses with its Aspect Verify™ trust platform, says ongoing developments with the technology is looking to finally seal the weakest link in cyber security – the human dimension.

According to the Crime Survey bulletin from the Office of National Statistics released in December 2016, two-thirds (66%) of ‘cyber related’ fraud were categorised as ‘bank and credit account’ fraud. Cifas, the fraud prevention organisation, claims that nine in ten identity frauds of all types take place online today. A recent report from Agari also claims that three in ten businesses were victims of social engineering fraud in 2016.

Keiron Dalton, Global Program Senior Director, Aspect Verify, commented: “Before any account takeover can take place, some form of social engineering needs to happen in order to obtain the right information to complete a false transaction. This could be any way of tricking or manipulating victims into providing personal information, including passwords, dates of birth and so on. While the most effective method of securing any account or technology system is to use multi-factor authentication, the human interaction element of fraud is still the weakest link in the chain.”

Passwords continue to be the most popular method of securing the first layer of authentication for online and mobile banking. Aspect’s 2017 consumer study into online banking fraud, The banks’ balancing act: Fraud risk vs the customer experience, found that 88 per cent of customers (who experienced at least one fraudulent incident on their bank or credit card account in the last year) recall needing to use a password, PIN, or some combination of characters and symbols in order to log in. For complex transactions, this number reduces to 75 per cent.

Keiron believes that passwords are a moot point. He said: “Any kind of password is practically a comfort blanket. We’re so used to them, but in between social engineering and sophisticated fraudsters, they’re near enough useless at protecting our money.

“Working with some of the big banks, we’ve been seeing a rise in sophisticated mobile fraud designed to target personal bank accounts, such as SIM Swap. Since some banks use one-off SMS codes to verify the identity of the victim, criminals have taken advantage of a weak spot by impersonating and convincing mobile network operators in the contact centre to ‘swap’ the SIM of the victim with a new one. After this happens, the fraudster can access these one-time codes via SMS and when combined with information they already have, such as PINs, passwords and personal details, can clean someone’s account out in minutes online.

“You could theoretically add more layers of security – say, to a mobile banking app – but all you’re doing is placing restrictions on users, forcing them to jump through hoops just to do something that a mobile app should let them do quickly and easily. They’ll get frustrated pretty quickly and you’re more likely to lose them as a customer down the line,” he said.

Keiron says that developments between the mobile network operators, banks and technology providers have meant that they are well on their way to striking that elusive balance between ease of use/convenience and appropriate levels of security that will stop social engineering at the start of a compromise. The technology leverages publicly available data to help banks to step up authentication by determining variables such as geo-location of the user, call divert and SIM Swap detection. This reduces customer friction and provides both enhanced security and extra flexibility for the modern digital citizen.

Keiron added: “Currently, an automated voice call is all that’s needed to authenticate a transaction for us to know whether it’s genuine or not. Eventually, the verification will be imperceptible and won’t interrupt a genuine user experience. A fraudster could be making an ‘omni-channel’ attack where they have already taken over someone’s mobile device, and is being talked through a process to transfer money on a separate channel while the automated call is taking place. It has been very successful in practice.”

Aspect Verify is a trust platform and a cloud-based service for fraud prevention and detection that maintains a great customer experience. It is a collection of automated engagement solutions for proactive monitoring, identification, prevention, and notification of fraudulent transactions, including SIM Swap, and diverted calls and SMS. Notification options target both the organisation and the customer, and include system-level alerts as well as phone calls (landline or mobile), SMS, and email. Aspect Verify enables the bank to manage the on-going communication with the customer.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post