Tinkoff Defense

The main articles are:

• Fraud Detection System
• Antiviruses

2024: Launch of rapid response teams to rescue victims of fraudsters

Tinkoff tested and launched special mobile teams from Tinkoff Defense employees to save victims of fraudsters at the moment when they plan to transfer money to attackers. These groups urgently go to people who are under the strong psychological influence of fraudsters, and convince them to perform fatal operations for them (if earlier Tinkoff Defense employees failed to do this by phone or chat). This was announced on February 16, 2024 by Oleg Zamiralov, deputy head of the Tinkoff Ecosystem Security Center.

Often, the victims of fraudsters are under such strong psychological influence on their part that - when the bank blocks a suspicious and atypical operation and calls the client to make sure that he really conducts it of his own free will - they do not believe the bank's employees and insist on making a transaction.

{{quote|"In fact, this is a serious problem - banks see that the operation is fraudulent, try to save the client's money, but a person can be so'processed' that he does not believe the bank's employees and insists on transferring money to attackers. Fraudsters use worked psychological techniques, for example, appeal to the authority of government agencies, present themselves as employees of law enforcement agencies, or play on trust in relatives and friends. Some customers even seem to fall into a trance and it is very difficult to get them out of this state remotely. That is why we decided to take advantage of our advantage and the fact that we are a bank without branches. We began to send the so-called special teams of ambulance anti-fraud and psychological assistance to the victims in order to "bomb" customers and stop them from losing money, "said Oleg Zamiralov, deputy head of the Tinkoff Ecosystem Security Center.

According to Tinkoff, such measures help convince 95% of customers who are under the influence of fraudsters, the rest do not agree to cancel transactions. Basically, these are people who got into a pseudo-investment scheme and want to invest more money in a fake project to make money on interest. Tinkoff holds up to 3 thousand meetings with such clients every month.

Tinkoff also conducted special psychological training for bank employees who communicate with such clients. Support specialists, together with a team of psychologists, have been trained for several months and have developed their templates and communication scripts so that during a call or meeting, their speech contains code words-objections and techniques that allow customers to build trust and establish contact in especially difficult cases.

"We even tried calls to clients from psychologists themselves, but they less effectively persuaded clients than experienced employees of the fraud prevention department, nevertheless, recently we have saved customers from losses of 2.6 million rubles. They also tested the pilot when, together with law enforcement officers, they worked to convince customers. In particular, if our methods did not help, they sent clients to the police station, "added Oleg Zamiralov.

2023: The launch of the "Protect or Refund" service

On August 30, 2023, the bank Tinkoff announced the launch of the Protect or Refund service. This is a service that, using technology, determines fraud during a call with a probability of more than 99% and protects customers from telephone scammers.

According to the bank, if Tinkoff cannot prevent telephone fraud and the client, under the influence of fraudsters, still becomes a victim of deception and transfers money, the bank will compensate for the losses.

Tinkoff will begin to return stolen funds to customers who have become victims of telephone scammers:

• the return will be made regardless of which bank the fraudsters from Tinkoff were transferred to;
• protection will cover not only cases of money transfers to fraudsters, but also disclosure of card details, access codes to a mobile application and an Internet bank, withdrawal of money from an ATM and other ways of losing money by customers under the influence of social engineering during a phone call;
• no court decision is needed to recover the funds;
• the decision on compensation is made promptly - from one working day.

How Tinkoff Zashchita works

For August 2023, the service is connected free of charge.

The Protect or Refund service runs on Tinkoff Protection technologies, which are based on the algorithms of the banking anti-fraud platform and Tinkoff Mobile's own telecom operator.

It is the synergy of the bank and the telecom operator in the Tinkoff ecosystem that allows you to protect customers from fraudsters, identify attackers during a call with a probability of more than 99% and minimize the risk of subsequent theft of funds.

The Defense or Refund service is based on four echelons of protection.

How "Protect or Refund" Works

Number determinant from Tinkoff

The free tool will warn who is calling from an unknown number: a fraudster, spammer or this is a potentially useful call with the category or name of the organization. Data Base is replenished in real time.

Call protection

With the Tinkoff Mobile SIM card, protection against suspicious calls is turned on. The number must have been set as a bank contact.

Technologies of the mobile operator from Tinkoff, including the technology for detecting fraud during the call "Neuroscience," the technology for determining the substitution of the Call Defender number and others, allow you to protect a person, inform him and the bank about a fraudulent call.

For example, an artificial intelligence-based "Neuroscience" detects and suppresses a fraud attempt directly during a call. The technology processes the data and compares it with the accumulated reference data sets of fraudulent calls. If the number of matches exceeds the permissible threshold, artificial intelligence marks the conversation as potentially dangerous and breaks it. The client can issue a new number or transfer his number from another operator to the Tinkoff Mobile network.

Protection of translations

Will secure transactions above a certain amount. Transfers over the limit will require additional verification - using selfies, SMS or a call from a call center. Customers are advised to set a limit on transfers from 100,000 ₽ in the application.

Blocking suspicious transactions

The fraud monitoring system, enhanced by artificial intelligence technologies, automatically analyzes operations and, if fraud is suspected, sends a signal to block the operation. The check works by default for all Tinkoff customers and evaluates operations by more than 1000 factors, such as atypical login to the bank's mobile application, non-standard device for the client, deviation from usual payment habits, and so on.

In addition to the key echelons of the Protect or Refund service, the security of customer accounts is provided by the Tinkoff Protection complex platform. It combines a whole range of banking and telcom technologies that work both under the hood by default and with customer involvement.

The main conditions for providing compensation for stolen funds within the framework of the "Protect or return money" service:

• The client has fulfilled all the conditions for connecting the service.
• The theft of funds occurred as a result of a telephone conversation on the Tinkoff Mobile number with an attacker who used classic scenarios of social engineering, introduced himself as an employee of law enforcement agencies and other structures, a bank or a mobile operator, and so on. As of August 2023, this does not include fraud through calls in instant messengers, but in the near future plans to expand the service to similar scenarios.
• If Tinkoff notified the client of a potential threat, blocked or rejected the client's telephone conversation with the fraudster, but the client independently decided to continue the dialogue with the attacker, compensation for such cases will not apply.
• The service does not apply to scenarios for transferring money to your own accounts with other banks.

In the vast majority of cases, Tinkoff will compensate for losses within one working day. However, in some cases, a statement to law enforcement agencies may be required to exclude the likelihood of intentional abuse of the service.

Full terms of the "Protect or Refund" service can be found on the site.

"We will protect or return the money"

Fraudsters use all available technologies to deceive people, create large-scale call centers, special interfaces according to the type of cloudy databases in which a fake certificate state agencies or institutions can be instantly manufactured, Get information about the latest current divorce scenarios and access to. personal data Russians Victims are people of all ages and levels, formations therefore, it was so important to eliminate the human factor, prevent fraudsters from getting into trust ― interrupt the conversation and prevent losses. To combat such a prepared adversary, we use the synergy of all ecosystem solutions to create impenetrable technological armor that will protect customers at all stages of the fraudulent scheme, from the first phone call to the end. money transfer told Alexey Baklanov, Vice President, Head of the Tinkoff Ecosystem Security Center

2021: Comprehensive Security Platform Launched

On June 2, 2021, Tinkoff announced the development and launch of the Tinkoff Zashchita integrated security platform.

According to the bank, its tasks are to ensure the safety of retail, business clients and ecosystem partners in any user scenarios (opening an account, logging into an application or Internet bank, conducting transactions, etc.), prevent fraudster attacks, minimize customer losses and increase financial literacy among residents of Russia (not only customers).

Tinkoff Defense

The Tinkoff Zashchita platform has combined both traditional banking tools for protecting customer funds and technologies developed in the Tinkoff ecosystem. For example, confirmation of operations in a mobile selfie application, the first telecom platform for protection against telephone fraud Tinkoff Call Defender, a free number identifier for any subscribers and others.

Tinkoff Defense works on the principle of 360 °: 24/7 automatically assesses risks during any operations, monitors suspicious calls, prevents attacks by attackers in all services and business lines of the ecosystem, including Tinkoff Mobile, broker Tinkoff Investments, Tinkoff Business and others.

The main elements of Tinkoff Protection:

• Authenticate clients during operations
• Fraud monitoring system enhanced by machine learning and artificial intelligence
• Phone Fraud Protection - Tinkoff Call Defender Platform
• In-App Number Determiner
• ATM Security System
• Site Scanner - technology for analyzing the sites of companies connecting to Tinkoff acquiring
• Scan smartphones for viruses or malware
• Training clients in financial self-defense

For June 2021, the client can confirm the transfer, purchase, loan application and other operations in several ways: through selfies, by calling to phone or video call from an employee, contact center by or SMS using a control question.

The first three methods are the least susceptible to compromise. During such checks, Tinkoff uses its own developments to verify the voice and face of the client, as well as liveness technology, which analyzes whether a person is alive and authenticated or, for example, a fraudster substitutes a photo recorded by the client's video to confirm the operation. Suspicious transactions are checked as seamlessly and comfortably as possible for the client.

Tinkoff Defense asks the client for confirmation of the operation as one of the verification factors. Most of the work on risk assessment takes place "under the hood" without direct interaction with the client.

Analysis and verification are carried out by a fraud monitoring system - a set of algorithms enhanced by machine learning and artificial intelligence technologies. The system collects information about the actions of the client, his payment habits and forms a list of typical places of purchase for him.

The system monitors what the client usually buys, when, in which store, in what way - by card or online, as he enters the application - by fingerprint or PIN code, from which device, to whom he usually transfers money and much more.

In the event that suspicious deviations from the usual behavior of the client and other risk factors appear, the system can signal. After that, the Tinkoff employee will conduct a risk analysis and can request additional confirmation of the operation (phone call or video). For example, if the client was in a bar, a taxi, and after that large purchases or transfers began to be made from the card, the system will give a signal for closer observation and possible blocking of transactions.

The fraud monitoring system also evaluates the digital fingerprint of the device. It allows you to determine the uniqueness of the device and correlate with a specific user. For example, if a client always entered a mobile application from one smartphone, and suddenly began to use another, then the system will give a signal to closely monitor operations in order to exclude the fact that the fraudster took possession of the phone.

Tinkoff Defense also examines other options for assessing the user's behavioral characteristics in order to identify and prevent fraud, for example, keyboard handwriting, client's habits of holding a phone, etc.

In addition to the digital fingerprint, Tinkoff Zashchita, according to data from mobile operators, tracks the unique code assigned to each SIM card (IMSI). When the bank sends SMS, the system checks the IMSI code, if it differs, then an additional check of the client's identity is launched. Thus, the fraudster will not be able to access the personal account of the mobile bank, even if he has the same phone number as the client. Tinkoff Call Defender is a banking anti-fraud platform for protection against telephone fraud, including using replacement numbers. The platform was developed in partnership with the largest mobile operators, including Tele2, Megafon, MTS and Tinkoff Mobile. The anti-fraud platform provides for the exchange of data between the bank and mobile operators in real time. With the help of special software, at the time of the call, the data of service members is automatically synchronized and suspicious phone calls are detected that may turn out to be fraudulent.

The number identifier in the Free phone number identifier application allows you to prevent fraud at the call stage. At the time of the call, the identifier automatically checks the phone number, checking it with various telephone databases, including data from mobile operators and the Tinkoff Call Defender anti-fraud platform. If the service detects a potentially fraudulent call, it will warn the subscriber and automatically transfer this information to the Tinkoff fraud monitoring system to prevent possible deception of the client by cybercriminals.

The determinant can connect subscribers of any operators, even if they do not have Tinkoff products. According to the service, customers who connect the determiner are 62% less likely to fall for the tricks of scammers than those who do not have it connected.

ATM Security The information security and encryption system protects ATMs from common hacking technologies and various types of attacks. It provides data isolation and makes it impossible to disable information protection. Thanks to disk encryption, even in the event of an ATM theft, attackers will not have the information necessary to penetrate the bank's infrastructure. Resistance to hacking is confirmed by pentests. ATMs also use technology to identify counterfeit bills and video surveillance.

Technology that analyzes the sites of companies that apply for an acquiring connection. Tinkoff, before connecting the company to Internet acquiring, conducts not only legal and accounting checks, but also assesses the risks associated with the possible fraudulent activities of the company. The technology scans the authenticity and reputation of the site, the company's compliance with the criteria of the bank, the standards of international payment systems and the Central Bank of the Russian Federation.

Tinkoff Protection during the launch of the bank's mobile application by the client automatically checks the smartphone for viruses, malware and remote access programs. Tinkoff's own development sends a signal to the fraud monitoring system if it detects such programs so that the employee pays attention to the client's further actions, for example, uncharacteristic transfers, payments and contacts the client on time.

Every year the share of social engineering is growing - when a client is tricked into making a transfer on his own or revealing a card number and other data. At the end of 2020, the share was 80% of the total volume of fraudulent attacks.

Technology helps track and block atypical suspicious transactions, but customers themselves must be vigilant and be able to determine in time that a fraudster is communicating with them.

To prevent attacks at the first stage - during a conversation or correspondence with a fraudster, Tinkoff Defense conducts training and regularly notifies customers about various tricks of fraudsters. Security rules are published in the Stories of the mobile application, sent to customers in push notifications and other channels.

As a result of this work, a whole "library" of anti-fraud materials was created, which is constantly being replenished. The Tinkoff Secure website has published key tips, a Tinkoff Magazine training course with tests, as well as an animated series for adults and children "Scammers in the Garden."

In addition, in the application, customers can themselves connect various options for additional protection: spending limits, hiding account balance, incognito mode, card protection and SMS notifications.