Contenu connexe
Similaire à Countering Cross-Channel Fraud Threats (20)
Countering Cross-Channel Fraud Threats
- 2. Countering Cross-Channel Fraud Threats
Detica’s - 2013 Top Three U.S. Fraud and Compliance Trends
• Enhanced focus on the fraudster footprint
Fraudsters were accountable for significant financial losses in 2012, as many firms overlooked key
fraudster behavior and risk characteristics until it was too late. Institutions will need to carefully and
consistently investigate and better understand the fraudster to better protect against financial crime in 2013 –
reviewing history, patterns and other characteristics to provide investigators with more well rounded insight and
create a clear view of relationships in the networks in which the fraudsters operate.
• ACH and wire fraud remain favorite tools for organized criminals
With FI’s seen as easy prey, 2013 will see an increased exploitation of ACH and wire fraud by
organized criminal rings. Firms will need to invest more to develop their defenses and implement anomaly detection
to combat both anticipated and unexpected attacks.
• Mobile fraud matures
Mobile fraud will finally come into its own in 2013, as criminals leverage past source-code and tested techniques to
develop more resilient malware and gain access to high level data stored on mobile devices. FI’s will be
challenged to protect mobile data as the number of transactions and volume of data on
smart phones grows
© BAE Systems Detica 2013 Company Confidential 2
- 3. Cross-Channel Fraud Definition
Federal Reserve Presentation 2009
Cross-Channel Fraud —
“Theft from deposit accounts by way of multiple points of access —
whether branch, automated teller machine, call center, debit card, online
banking, ACH or wire.”
- Dan Tobin,
IT Examiner
Supervision, Regulation and Credit
Federal Reserve Bank of Boston
© BAE Systems Detica 2013 Company Confidential 3
- 4. These Threats Are Pervasive and Relentless
© BAE Systems Detica 2013 Company Confidential 4
- 5. Why This Topic and What’s New?
Global Evolution of Emergence of New Payment
Existing Payments Players and Mechanisms
© BAE Systems Detica 2013 Company Confidential 5
- 6. Why This Topic and What’s New?
The Rise of Mobile
In the U.S.
© BAE Systems Detica 2013 Company Confidential 6
- 7. Why This Topic and What’s New?
The Rise of Mobile
© BAE Systems Detica 2013 Company Confidential 7
- 8. Why This Topic and What’s New?
The Rise of Mobile
© BAE Systems Detica 2013 Company Confidential 8
- 9. Why This Topic and What’s New?
2012 Payments Fraud Survey Summary of Results — September 2012
Source: Payments Information and Outreach Office — Federal Reserve Bank of Minneapolis
© BAE Systems Detica 2013 Company Confidential 9
- 10. Why This Topic and What’s New?
Source: Payments Information and Outreach Office — Federal Reserve Bank of Minneapolis
© BAE Systems Detica 2013 Company Confidential 10
- 11. Why This Topic and What’s New?
Source: Payments Information and Outreach Office — Federal Reserve Bank of Minneapolis
© BAE Systems Detica 2013 Company Confidential 11
- 12. Why This Topic and What’s New?
• The faces of fraud are changing and evolving. Organizations are familiar
with the traditional forms of fraud with checks and payment cards, but
over the past year many different fraud events have made the headlines:
• ATM skimming sprees
• Multiple retail chain breaches
• Social networking sites infiltrated
• Fraudsters swapping out POS pin pad units at a favorite arts and craft retailer
• ACH and wire fraud with business banking clients
• Many targeted phishing schemes
• Because of the increase in these access points as well as the innovation
of new electronic payment methods, criminals and their attacks are
becoming much more sophisticated
© BAE Systems Detica 2013 Company Confidential 12
- 13. Regardless of the Source
In the 2012 AFP Payments Fraud and Control Survey
• Introduction and Key Findings:
“As payment options proliferate, so, too, do new twists on fraudster’s
schemes and techniques. Checks continue to lead as the payment type
most attached, even as their use dramatically declines. But as paper
gives way to plastic, Internet and mobile payments accelerate, and the
globalization of business continues to grow, the need for new
security models becomes ever more important”
- Stephen W. Markwell,
Product Executive of Treasury Services, J.P. Morgan
© BAE Systems Detica 2013 Company Confidential 13
- 14. Why This Topic?
• Financial Crime Survey 2012 — Operational Risk and Regulation in
conjunction with Detica NetReveal®:
• The outlook for continued investment in financial crime detection and prevention
remains positive for 2013, with anticipated annual growth well ahead of the previous
On average, 83% of respondents
expect an increase in their
financial crime and compliance
budgets (compared to 42% in
both 2011 and 2010), of which a
staggering 56% predict an
increase of more than 20%
(compared to 14% in both 2011
and 2010).
© BAE Systems Detica 2013 Company Confidential 14
- 15. Mitigating Residual Risks
• In the current climate of advanced persistent threats, data breaches and
malware-infected end-points, it is not surprising that information security
stands out as a serious concern that warrants more attention
© BAE Systems Detica 2013 Company Confidential 15
- 16. Countering Cross-Channel Fraud
Why so hard to catch?
• Multiple interactions with distinct touch-points
• Forensics typically focuses on the point of the breach, not the
interactions leading up to it
• When accessed only for exploration, the online channel typically
doesn’t record activity
© BAE Systems Detica 2013 Company Confidential 16
- 17. Countering Cross-Channel Fraud
Why is the risk growing?
• Payments products are increasingly using multiple channels
• Emerging payments products are being adopted by financial
institutions
• The increasing role of third-party processors
• Operational, information security and legal/compliance risks may not
be fully understood
• Growing complexity of systems
© BAE Systems Detica 2013 Company Confidential 17
- 18. Detica’s Financial and Cyber Crimes Intelligence Platforms
© BAE Systems Detica 2013 Company Confidential 18
- 19. Securing a Connected World
A full suite of products and services to protect institutions
INSIDE, AT, and OUTSIDE THE PERIMETER
INSIDE THE PERIMETER
• Fraud Detection/Management
• AML/Compliance
• Cyber Monitoring and Detection
(CyberReveal)
• Cyber Response and Remediation
• Communications Monitoring INSIDE
AT
AT THE PERIMETER
• Penetration Testing
• Secure Network Guard (SNG) OUTSIDE
OUTSIDE THE PERIMETER
• Threat Intelligence
• Cyber Defense Strategies and
Consulting
© BAE Systems Detica 2013 Company Confidential 19
- 20. Offers Depth of Defense
ENTITY ANALYTICS DETECTION SCENARIOS
• Single view of entities • Out of the box scenarios —
• Applies analytics to create combines rules and analytics
electronic fingerprints / profiles • Risk Scores
• Holistic, cross-channel • Ability to incorporate external
approach
ENTITY DETECTION
models and behavioral scores
ANALYTICS SCENARIOS
SOCIAL ALERT AND
NETWORK CASE
ANALYTICS MANAGEMENT
SOCIAL NETWORK ALERT AND CASE
ANALYTICS MANAGEMENT
• Relational approach of entities • 360° view of client
• Detect collusive behavior and • Single technology platform
hidden relationships • Alert Triage and Optimization
EXPERTISE
• Industry risk, fraud and
compliance SMEs
• Highly regarded graduate
program
• In-house data labs
© BAE Systems Detica 2013 Company Confidential
- 21. Detica Recommendations
• Single platform approach — risk, fraud, and compliance
• Integrated command and control KPIs and risk indicators
• Full solution suite — across every stage of the customer journey from
initiation through to remediation
• Full 360° view of the customer
• Unprecedented, perceptive approach to detection and prevention
• Predefined social network analytics
• Customer-centric analytics and profiling
• Watch list management
• Enterprise case management
• Compliance reporting capabilities
• Real time and batch, proven detection and prevention industry models
© BAE Systems Detica 2013 Company Confidential 21
- 22. Contact Details
If you have any questions or would like to find out more about Detica
NetReveal® please contact:
North America Head Office
BAE Systems Detica
265 Franklin Street
Boston
Dena Hamilton MA 02110
USA
Tel: +1 (617) 737 4170
Dena.Hamilton@BAESystemsDetica.com Fax: +1 (617) 737 4190
International Offices
Australia
Belgium
Canada
Dubai
France
Germany
Ireland
India
Poland
Singapore
Spain
The Netherlands
UK
netreveal@detica.com
www.deticanetreveal.com
© BAE Systems plc 2013. All Rights Reserved.
BAE SYSTEMS, DETICA, NETREVEAL, Detica NetReveal are
trademarks of BAE Systems plc.
Detica Limited is a BAE Systems company registered in England and
Wales under number 1337451. Its registered office is at Surrey
Research Park, Guildford, England, GU2 7YP
© BAE Systems Detica 2013 Company Confidential 22
- 23. References and Resources
Detica
• Knowledge Center — https://www.deticanetreveal.com/en/knowledge-centre.html
• 2013 Trends — https://www.deticanetreveal.com/en/knowledge-centre/news/item/bae-systems-detica-forecasts-
top-us-fraud-and-compliance-trends-for-2013.html
• Cross Channel Fraud — https://www.deticanetreveal.com/en/knowledge-centre/financial-services-collateral-
en/general.html?task=weblink.go&id=119
AFP
• 2012 Survey: Key Results —
http://www.afponline.org/pub/pdf/2012_AFP_Payments_Fraud_and_Control_Survey--
Introduction_and_Key_Results.pdf
Google
• Mobile Trends — http://www.thinkwithgoogle.com/insights/library/studies/our-mobile-planet-us/
• Mobile Banking Trends — http://www.thinkwithgoogle.com/insights/library/studies/mobile-banking-trends-2012/
Federal Reserve
• Payment Fraud Survey — http://www.minneapolisfed.org/about/whatwedo/payments/2012-payments-fraud-
survey-consolidated-results.pdf
© BAE Systems Detica 2013 Company Confidential 23