We present an approach that integrates into your system landscape and prevents fraud in e-banking in six steps
Author: Floarea Serban
What does a fraud detection solution for the digital world of tomorrow look like?
We described the capabilities of a future-proof fraud detection solution in our last blog. In this article we show how these requirements can be implemented in an IT system. Our experience shows that a timely response to fraud attempts is crucial: Even while the transaction is still in progress or even before it is fully recorded, the easiest way to prevent damage is to use a fraud detection solution.
From a logical point of view, in such a fraud detection system, six levels of processing and three types of interaction with surrounding systems can be distinguished to optimally support the requirements.
Interaction type 1: Events related to an e-banking transaction are made known to the fraud detection solution in a timely manner, whether it is technical information about the user's device, the content of the financial transaction or the time and place of card transactions at ATMs or on the Internet.
Processing step 1: The majority of transactions are already approved as harmless in this first processing step. An isolated analysis checks, for example, whether a user's device is infected with malware. Or whether it is a risk-free AHV pension payment.
Processing step 2: The temporal or relational correlation of different events from different IT systems in the bank's system landscape is a core task of the fraud detection solution. For example, it links the card transaction via the direct debit account and the customer with the current e-banking payment. On the other hand, it recognizes that five payments have already been made within one minute from a customer's e-banking account.
Processing step 3: The remaining (few) transactions are enriched in the third step with customer profile, device profile and usage profile or e-banking.
Interaction type 2: The information to be enriched is stored locally in order to minimize access time and to enable a timely reaction to suspicious transactions.
Processing step 4: The fourth step uses all this information to identify whether the current usage, the currently used device configuration or transaction (e.g. the credit account) deviates significantly from the norm and is excessively risky. It uses pattern recognition, technical rules or statistics for this purpose.
Processing step 5: Financial transactions reach this stage only in the per mille range. It is very likely to be a case of fraud. As a precautionary measure, the affected transactions are suspended immediately.
Interaction type 3: The IT systems for e-banking and order management offer specific (internal) interfaces. This uses the fraud detection solution to react immediately to a detected case of fraud, e.g. to prevent the entry of further orders in e-banking across channels.
Processing step 6: In the last step, the decision remains with the specialist, in order to clarify the suspicious transaction with the customer in case of doubt. The future will show to what extent this task can be performed by an IT system (e.g. by means of machine learning).
Due to the loose coupling of the individual stages and the surrounding systems, a fraud detection solution based on the approach presented here is prepared for all eventualities. Even if you do not know today which fraudster will strike when and where.