Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.


Online fraud is still a dominant issue in the retail banking sector despite the major decline in losses reported by the Financial Fraud Action UK (FFA). The latest figures suggest the cost against UK institutions was calculated at a substantial £17.1 million for the first half of 2013, even though it represented a decrease of 21 per cent compared to the same period in 2012.

Jon Inns, Director of Product Management, Accumuli
Jon Inns, Director of Product Management, Accumuli

Improved fraud detection and swifter action on phishing sites is reported to have contributed to the significant drop. The FFA statement released in early October said that enhanced processes for intelligence-sharing across the banks, as well as better online security tools and greater awareness amongst consumers had led to a decline in losses. Phishing sites, set up by criminals to trick vulnerable customers into giving away their passwords by convincing them they are communicating with their bank or building society, has also seen a dramatic 87 per cent drop in the numbers of these sites, since the equivalent period in 2012.

These statistics may paint a more positive picture; however the retail banks affected by the continuing online fraud practices are still working hard to tackle the issue. The drive to keep customers and their accounts protected remains as strong as ever, with an increased demand for enhanced security solutions to guard customers against online fraud.

At Accumuli, we have been working with a fortune 500 banking group that has a large retail presence across Europe. The bank had invested heavily in retail online banking fraud prevention systems, including two-factor authentication devices, which were provided to every customer. Despite this proactive action, the bank still faced a significant on-going problem from fraudulent online banking transactions, caused by advanced malware specifically targeting their customers. The malware works by manipulating the online banking web interface displayed to the customer, in order to obtain the required two factor codes and make fraudulent payments.

Unfortunately, this is not an uncommon problem with many financial institutions facing attack from this type of advanced malware. The malware used to launch this breed of attack is widely available to buy from hacking forums and even some social media sites, and the code is continually being changed and enhanced to avoid detection.

In a bid to protect its customers, maintain regulatory compliance and protect its world leading reputation, the bank had built internal fraud systems, using analytical techniques, which meant that customers suspected of being victims of online banking fraud were placed in a protected mode and were proactively supported while the malware was removed.

However, the action was not completely successful as the attacks on the bank continued, and the process of protection became both labour intensive and expensive. The bank also needed to continually adapt to changing fraud patterns, which led to using more complex analytical detection techniques and required extra staff to provision.

The bank identified the need for a system that would enable the automation of the analytical detection process developed in-house and increase the speed of detection and response. The system had to have the capability to be rapidly enhanced to deal with new or evolving online banking threats and complex detection criteria and also deliver a platform that could be extended to provide detection and prevention technologies for other types of transactional fraud.

The result of a market review by the bank led to it selecting SIEM as its preferred solution for delivering an automated fraud detection solution. The approach we took involved using our seven stage EDGE methodology to analyse, design and deliver a comprehensive ArcSight SIEM solution. The detection design included a flexible, extensible framework and implementation technology to allow the bank to rapidly update and refine the detection rules if the threat evolves or if new detection patterns are identified.

The new system was designed to support fraud detection capabilities for more than 13 million online daily banking transactions, as well as infection detection capabilities in excess of 40 million web logs per day.

The banks technical teams from mainframe, networks and retail banking worked alongside the Accumuli SIEM experts, who designed and delivered the automated online banking fraud detection solution, implementing existing bank detection logic. When the implementation was completed, the bank’s fraud analysts were provided with an interface into which fraudulent and suspicious transactions were displayed in near real time. The transactions were accompanied with metadata detailing the detection logic that was matched and a threat score, to allow the analysts to prioritise their work.

The system had a significant impact on detection times, reducing it from 24 hours using the manual process, down to less than ten minutes using ArcSight and the external database interface. Subsequently, this allowed the bank to rapidly begin the process of blocking fraudulent payments or start the recovery process before any money had been extracted from the destination account.

As retail online banks continue the fight against fraud it has become clear that increasingly sophisticated techniques from today’s fraudsters demand more complex solutions to help protect customers. The losses to UK online banks may be on the decline but the issue is still highly prevalent in this sector and needs to be tackled with the right mix of expertise and technology.

Jon Inns, Director of Product Management, Accumuli