How big data protected a leading UK retail bank against payments fraud
A Customer’s Story
As more internet banking services become available, the emphasis on visiting the branch decreases due to the convenience of carrying out routine tasks online. As the breadth of products and services continue to increase, so does the issue of security in the financial industry as the associated make it harder to protect a payment system.
Fraud has become a global problem, impacting organisations of all sizes, across all industries. Fraudsters are increasingly sophisticated and successful, especially as commerce and financial transactions move online. Here, it’s easier for fraudsters to evade detection, use stolen credit card information, impersonate individuals and take over online accounts.
For instance, credit and debit card fraudsters are utilising a wide range of scams to obtain personal information and using tricks like applying for multiple credit cards. And they’ve been getting away with it for years.
Whilst organisations have turned to existing anti-fraud solutions, many don’t have the capability to see every type of fraud, so potential red flags fall through the gaps.
The good news is, as business moves online, the evidence of internal or external fraud often lie in the massive amounts of unstructured machine data, commonly log files, generated within business applications, IT infrastructure and security systems. This makes fraud detection and prevention a big data challenge that organisations can use to implement process and actions based on fraudulent activity.
So how can businesses leverage big data within their own organisations? What steps need to take place?
Let’s follow the story of a leading UK retail bank.
With 14 million+ active customers and multiple brands, the risk of fraud activity had greatly increased and recently, due to geo-political tensions, the bank wanted the ability to monitor unusual behaviour and fraudulent activity mainly from Non-UK Countries. In particular, this bank needed to gain insights into payments-related fraudulent activity, including payments going to a single account from multiple users & credit card applications and approvals.
By having additional monitoring in place, the bank was confident it would be able to implement a process and associated actions that would protect customers and enterprise information, assets, accounts and transactions through the real-time, near-real-time or batch analysis of activities by users and other defined entities.
Ultimately, they wanted a solution that automated the detection of potentially fraudulent activity and flagged that activity for review. The bank knew exactly what it wanted and the importance of getting it done, but they were struggling to put the necessary tools in place.
The ECS Solution
Initially, the Bank’s Digital Security & Operational teams had no means of monitoring these fraudulent activities apart from relying on Cyber Security team to provide a view of that data.
ECS was on-boarded to provide professional services to the bank. With the adoption of Splunk’s Machine Learning Toolkit, we began indexing relevant machine data before searching and correlating it to identify the patterns of fraud. Doing so enabled us to put alerts in place that flagged fraud attempts in real time and prevented them from impacting the bottom line.
Our approach and engineering capabilities enabled us to analyse data coming from multiple sources, such as F5 devices, authentication systems, transaction processing systems, payment and billing systems, databases etc.
Leveraging all the associated data helped to detect anomalous internal and external behaviour, as well as indicators of failures through statistical analysis and machine learning capabilities.
All these insights were collated into a customised form-based dashboard, with drill downs providing easy access to targeted data for their investigative needs.
We also created rules & dedicated dashboards capable of correlating possible fraud indicators across all channels. Not only did this eliminate silos and manually intensive and cumbersome investigation processes, the bank now has a 360-degree view of their data. Digital Teams can see all customer activity in one place and look for anomalous changes in patterns in single or multiple channels that might indicate fraudulent activity.
So far, the bank has leveraged big data to gain insights into transaction and behavioural data. New Machine Learning capabilities have also enabled them to pinpoint activity that is likely fraudulent, providing a real-time view of fraud posture that helps the bank prioritise investigation or automate other mitigating action.
Below are just some of the use cases of fraud that were addressed by ECS Professional Services.
- Revoked Users by Non-UK Countries
- Invalid User ID or password by Initial
- Failed Login – Non-UK customers
- Sec & Fraud IB Registration by Country
- Unknown BOTS – Top 10 hits by page
- Unknown BOTS by Brand
- Attack & Non-UK Traffic Dashboard V1.0
- DDOS and Fraud Attacks
- Fraud Payment Checker
- Credit Card Approvals by Credit Limit
- Multiple Credit Card Applications by Single User
- Multiple Credit Card Applications by Single Email
Since our engagement, the bank has realised the following benefits:
- Significant reduction (50%) in certain types of fraud across all the brands.
- Saved the bank a predicted £1-3 million every year from potential frauds instances.
- Identification of gaps in the process of credit card application that helped fix specific fraud cases.
- Gained an end-to-end view of the logins & payment transactions there by reducing risk.
- More reliability in their service through increased service availability.
- Reduced man-hours for investigation due to automation & detailed dashboards.
- Applied machine learning to help identify outliers and activity that is likely fraudulent, to prioritise investigation or automatically cut incidents.
- Increased visibility in customer transactions and activity in real-time from non-UK countries.
Money has always been, and will always be, a target for hackers, making banks a particularly tempting industry to attack. The problem is, knowing you’re a target is not the same as knowing how you’re being targeted. And you can’t protect with any degree of certainty what you don’t have visibility over.
Big data and machine tools give you that visibility and can put you back in control of your data. Not only can this give you the power to spot increasingly sophisticated attacks as they happen, it can prevent payment and login frauds happening in the first instance.
If you would like to find out more, head over to our website to discover how you can harness the power of data for your business.