Bank of Moscow implemented an authentication system in RBS channels

On April 28, 2015 Bank of Moscow and Jet Infosystems company announced start in system operation of opposition to fraud in channels of the remote banking (RB) of legal entities on the platform of the solution RSA Adaptive Authentication.

Project Progress

Experts of Jet Infosystems company booked audit of the IT infrastructure of bank involved in operation and control of the RBS system, analyzed the operating processes of opposition to fraud, data of financial transactions and statistics on the elicited facts of fraudulent activity. On the basis of the acquired information created functional and architectural requirements to a system on fight against fraud. Further a system was integrated into infrastructure of bank and connected to the RBS and core Banking System systems, to full save of indicators of their reliability and performance. For the RBS system configured rules of collection of data on user environment and transactions of users, obtaining results a fraud analysis and scenarios of response to them.

Bank of Moscow, 2014

At the expense of technological capabilities of RSA, the local system of protection of bank is connected to the global database about fraudulent transactions accumulated by tens of international organizations in real time. All types of transfers, the main transactions made within RBS services of legal entities are exposed to the analysis.

"A key stage of implementation – trial operation. At this stage the project team provided "training" of a mathematical model of identification of fraud, profiling and accumulation of historical data. The implemented mathematical model allows to reveal high-risk transactions proceeding from general criterions of actions of the malefactor and on the basis of all activity recorded earlier in attempt of implementation of plunders", – Alexey Sizov, the head on fight against fraud of Information Security Center of Jet Infosystems company told.

Project Results

As a result of implementation operating expenses of business divisions of bank on identification and counteraction to fraudulent transactions are fivefold reduced. The self-trained system adapts to the new, changing schemes of fraud and in the automatic mode reveals and blocks not less than 99.79% of transactions of high risk. The number of the transactions requiring the analysis in the manual mode is reduced five times.

"The volume of financial flows from the legal entities passing through the RBS system of bank in 2014 exceeded 30 thousand payments a day. At the same time in peak hours it processes more than 100 transactions per second, – Vasily Okulessky, the head of department of information security of Department on security of Bank of Moscow told. – Total number of the transactions requiring control extremely deadlines of their analysis, need to minimize influence of a human factor on its result and also speed with which swindlers change methods of the activity delivered for us system implementation of risk management, having self-training potential in real time, in a row the tasks crucial for business".

Technical details

System core – RSA Risk Engine – in real time estimates activity of external users, tracing more than 100 indicators of the fact of fraud. The mechanism of assessment consists in assignment of unique point of risk to each action of the user based on a combination of assessment of his recent behavior, data which are saved up for a long period and risk degrees of the transaction appointed by the analyst manually. At the expense of it the efficiency of fight against the MITM attacks and trojans implementing the attacks of "Man-in-the-Browser" is provided. When calculating point of risk the principle of a Bayesian network is used: new schemes of the attacks come to light on the basis of a small number of fraudulent transactions. Parameters of a Bayesian network are daily recalculated. It allows to support risk model in current status.

The revealed transactions with high point of risk are registered and analyzed in a subsystem of Case Management working in real time. The received results are returned in Risk Engine which automatically registers the confirmed fraudulent scheme or, having obtained the evidence of legality of transaction, executes self-adjustment for work with such transactions in the future.

One more element of a system - the RSA eFraudNetwork database intended for distribution and sharing of information on activity of swindlers by all its users. Data on frauds come to the database in real time. If one of users underwent the attack, all local copies of databases which the Case Management systems of certain users address receive about it notifications. The local copy of databases of eFraudNetwork of Bank of Moscow is updated each several minutes.