RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2017/03/03 15:40:14

How to select an antifraud system for bank? TADetails

The world around us became digital for a long time, technologies develop very quickly and become available in global scales, a variety and the number of devices on which users play games grows, watch video, go on-line and using them make payments and other financial transactions, the number of non-cash transactions constantly grows. On the other hand, the software becomes more difficult, the amount of potential and real vulnerabilities is multiplied. In these conditions cyber crime became very profitable use of criminal talents.

Content

What cybercriminals are aimed at?

Cybercriminals are well equipped and organized, in such groups there is a role distribution – coordinators, dropper and other specializations. Technologies of plunder also develop and represent full technology process - from a stage of detection of vulnerabilities to ready instruments and methods of plunder.

The attacks, at the same time, can be conducted on information systems and banks and their clients, including the automated workplace of KBR (The automated workplace of the client Bank of Russia), With RBS remote banking (system), CORE BANKING SYSTEM (The automated banking system) and other. The main objective of cybercriminals – profit maximization from plunder at risk minimization, is more rare – causing reputation damage.

Counteraction to well trained cybercriminals requires complex approach on prevention of fraudulent transactions at remote banking.

What methods of fight against a fraud exist?

From the very beginning of development of channels of remote banking there was a need for protection against their unauthorized use.

At the moment the complex of means of fight against fraud is quite wide, it and the standard login and the password, the EDS, hardware and program keys, antivirus software, the notification by the SMS about perfect transactions, access codes by the SMS on each or most risk transaction, automatic completion of a session of the user at the configured inactivity time, installation of limits of payments, industrial an antifraud system and other.

At the same time it is important to understand that any technical and software tools will be useless without observance of elementary safety rules, without organizational measures. A good example of that – growth of number of plunders using methods of social engineering when the human factor becomes the weakest link in a chain.

File:Aquote1.png
Therefore complex approach to counteraction to fraud is so important and an antifraud system are one of important components of such approach, - the associate director of department of retail products of BSS company Dmitry Knyazev notes. - The antifraud system works at the party of bank as a certain detached onlooker and if on client side or even the RBS systems in bank there was a fraud attempt, it will be revealed.
File:Aquote2.png

How work a solution antifraud for the RBS system is arranged?

Now there is a lot of different a solutions antifraud, it is possible to classify them by the following signs – internal or external, western or domestic, self-written or industrial, based on productional rules or more complex systems of artificial intelligence, universal or business focused, cloud or local (set in bank), commercial or freely extended and so forth.

Since we consider only a solution antifraud for fraud prevention in RBS channels, the special case of the scheme of work of such system can be provided so (though the antifraud system can interact also directly with the core banking system):

Protozoa a solution antifraud use the normal filters similar to filters in the core banking system (on a payment amount, black lists and so forth), more difficult study at the accumulated data on a customer behavior, the history of payments also well proved methods of machine learning, such as search of anomalies use (deviations from normal behavior).

All these solutions in addition to their purpose are integrated by one – all of them obtain data for the analysis from some source and on the basis of certain criteria do the conclusion whether to consider payment competent or fraudulent.

The main source of data for the analysis is as it is easy to guess, the RBS system since through it there is a communication of the client with bank and in it payment documents and other events in which analysis the antifraud system is engaged form. The antifraud can obtain a part of these data also from the core banking system, but information on many events of the RBS system does not reach the core banking system since in the core banking system it is simply not necessary.

Also the "black lists" distributed anti-drop by club, the Central Bank of the Russian Federation (FinCERT), the bases of check of partners created on the opened and closed sources can be sources of information (for example, from Integrum company).

File:Aquote1.png
In case the vendor a solution antifraud is at the same time and vendor of the RBS systems, access to information source at it a solution antifraud obviously more simply and is more complete, - Dmitry Knyazev emphasizes. - But also in case of use of third-party RBS the antifraud system can obtain information from this source or by means of integration, or, as a last resort, by the analysis of logs of the RBS system.
File:Aquote2.png

Among the parameters and events analyzed an antifraud system can be as data of the receiver of payment (final destination (where money), other details and parameters of payment leaves), and characteristics of a workplace of the sender of payment. These data include, including, information on the receiver of payment, payee bank, appointment and a payment amount, time and frequency of payments, the account balance, the IP and MAC address, errors of an input and change of the login/password, change of the device, provider or the domain during the session of work of the user, existence of software of remote access (for example, RDP), existence of addressing harmful domains, change of a form, geothis and other. In really working systems a fraud analysis of such parameters tens.

As it was noted above, in developed an antifraud systems data are analyzed in dynamics, taking into account the accumulated history of payments on each client and at each payment or other event search of anomalies, i.e. deviations from the standard patterns of behavior inherent in a certain client is run.

The antifraud systems is the main metrics of efficiency percent of false operations – positive (the competent payment is recognized a fraud) and negative (the frodovy payment is missed). Both metrics should be minimized since in case of positive false operation manual check of payment (load of employees of the bank) will be required and money will reach the receiver later, and in case of negative money will be stolen by cybercriminals. These two metrics are interconnected and depend on setup of sensitivity of a system or, in a different way, on an operation threshold. Developed an antifraud system at the corresponding setup and experienced positive false operations allow to lower a fraud analytics to less than 1%, and negative to reduce practically to 0.

By what criteria it is necessary to select an antifraud system for banks?

When choosing a system a fraud analysis each bank itself defines what characteristics of an antifraud for it are most important. Nevertheless, it is possible to give a number of qualitative and quantitative criteria to which it is worth paying attention when choosing:

  • Efficiency of the solution - on the basis of experience of use in other banks;
  • The solution maturity – exists how many years in the market;
  • Specialization of the solution – accounting of specifics of the Russian banking business;
  • The number of implementations in Russia – quantity and the size of banks;
  • System implementation speed – including availability of an implementation team;
  • Development and maintenance of a system – presence at vendor of necessary resources and examination, an opportunity and readiness to modify a system under needs of bank;
  • Integration opportunities – existence of integration with SDBO, ABS, external suppliers of information;
  • Technology platform – the supported system-wide software (open and proprietary, OS, DBMS, application servers), scalability and other.
  • The cost of the solution – the cost of the license, support, completions, TCO.

Cumulative assessment by these criteria will allow bank to select optimal for it a solution antifraud.

Why banks give preference to the solution "FRAUD-Analiz" of BSS company?

The solution of the company BSS exists in the market more than 6 years and is intended for fraud prevention at service of legal entities and physical persons by bank in systems remote banking (RBS). The solution completely corresponds to specifics of banking business and the legislation of the Russian Federation, continuously develops, improving the functionality and capability to answer the most serious modern calls of fraud in the RBS systems Today[1]of "FRAUD-Analiz" represents the powerful tool and is implemented in more than 40 Russian banks, including 10 banks from TOP 100.

Difference of the solution BSS of others western and Russian an antifraud systems first of all in balance of characteristics of this product. The solution is not either the cheapest, or the oldest in the market, nor the most universal. Why banks make the choice for benefit of it? Reasons a little:

  • Permanent improvement on the basis of 6 years' experience of use of a product in more than 40 banks.
  • Equally productively for check of payments of legal entities and physical persons.
  • In the solution the effective adaptive model of check using knowledge of clients and their behavior accumulated by a system is implemented. The model is flexibly configured, including, through built-in the designer of criteria and rules.
  • System operation is transparent also the decisions made by a system can be controlled and, if necessary, be adjusted by authorized employees of the bank.
  • A system stores detailed information on check of each payment, builds profiles of payers and receivers, creates analytical reports.
  • The solution has the flexible system of notifications about different events (by the SMS, email).
  • Security policies, differentiation of access rights, audit of actions of users, domain and internal authentication, journalizing of all transactions are built in a system.
  • Technology a system is constructed on the industrial JavaEE platform with support of the different freely extended and proprietary application servers (Glassfish, WebSphere AS Weblogic), DBMS (PostgreSQL Oracle RDBMS MS SQL Server), OS Windows Linux (). The solution is easily scaled and configured.
  • The solution already "from a box" is able to work with the RBS systems of BSS company: CORREQTS Corporate, CORREQTS Retail,[2]"RBS BS-Client x64", "RBS BS-Client. The private Client" and[3]the Notification Server system and also through an open format is easily integrated with the core banking system and other systems of bank.
  • With[4]version v "FRAUD-Analiz". 4.0 a system can interact with the solution on the analysis of a workplace of the user of BT SB of Group-IB company.
  • Primary system deployment in bank takes only several hours.
  • The company, if necessary, quickly makes product modification under specific bank inquiries.

File:Aquote1.png
For providing the best product to our clients, we, along with permanent expansion of functionality and improvement of internal properties of the FRAUD-Analiz system, implement joint solutions with our partners, - Knyazev Dmitry comments on advantages. - One of such examples is integration into the Bot-Trek Secure Bank system of Group-IB company, one of the leading international experts in the field of prevention of cybercrimes and fraud using high technologies.
File:Aquote2.png

Outputs

The choice of an effective system by bank a fraud analysis allows to reduce risks of theft of money of clients and also reputational risks of the bank to a minimum.

File:Aquote1.png
At the same time, you should not forget that the greatest effect of fight against fraud in RBS channels can be reached only thanks to all complex of the means mentioned earlier, including not only technical, but also organizational — Dmitry Knyazev summarizes.
File:Aquote2.png

It is prepared with assistance of BSS company

117