By Mohammad Zraiqat
The wave of payments fraud that continues to sweep the globe shows no signs of receding, leaving the financial services community anxiously in search of reliable ways to stay one step ahead. Just as payment processing becomes faster, so too are the cyber attackers moving quickly to find new ways to compromise sensitive data, transactions, and infrastructures, putting banks under ever increasing pressure to find dynamic ways to manage the payments fraud risk. The increasing adoption of instant payments also sharply reduces the time windows to screen and interrogate payment instructions, adding to the compliance and fraud prevention burden.
The disruption caused by payments fraud, especially high value wire transfers, is well documented and widely reported, and demonstrates the increasing focus of highly sophisticated criminal entities on the global financial payments system. In response to the growing payments fraud threat, and in light of continuing breaches, banks are urgently analysing and reassessing existing cybercrime defence strategies to ensure the ongoing integrity of global payments infrastructures.
Know your enemy
On the surface, the recently reported cases of payments fraud seemingly illustrate a common source of specific vulnerabilities – the external gateway hacker. Yet this common perception of cyber criminals utilising malware to circumvent the local security systems of a bank, thereby gaining access to payments messaging networks to send 'fraudulent' messages to initiate fund transfers, is not the complete picture.
Studies by the Association of Certified Fraud Examiners (ACFE) reveal that 78% of overall fraud losses stem from actions committed internally by employees. Fraud counter-measures that only guard against 'external' intrusion provide no protection from unauthorised activity from within an organisation, and therefore the majority of threats. In addition, no matter how advanced a hacking prevention or intrusion protection system – including ones deploying the growing number of biometric authenticators of iris, facial, voice, or fingerprint recognition - these have, and always will, eventually be compromised and broken.
The numerous recent cases of high-value payments fraud, however different in source and origin, commonly exploit the traditional readiness of banks to approve 'authenticated' messages at face value – without a requirement to conduct the additional checks that would be considered best practice outside a secure and closed network.
This highlights the necessity of going beyond standard authentication of wire transfers to counter criminals targeting financial payments, which can be considerably challenging in today's environment of real-time payments. There are however tools available that rise to this real-time forensic challenge.
Real-Time Forensics
To gain strategic advantage in this fight against payment fraud requires solutions that do not merely respond to past patterns of attack, but deploy highly advanced predictive and anomaly aware technology, detecting and preventing fraudulent payment patterns in real-time. The continuing threat of high-value payments fraud reinforces the necessity of deploying pattern detection and anomaly alerting functionality on the actual traffic flowing through – the kind of functionality that can offer what we call 'real-time forensics'.
The deployment of machine learning and other Artificial Intelligence disciplines are proven and powerful in providing this real-time forensic capability, offering tools that payments participants can deploy to provide secondary validation by analysing the small pieces of information within transactions and detecting unusual behaviour. On the surface, a fraudulent payment tends to look normal, but by its very fraudulent nature, contain micro-anomalous data – this could simply be the time of day it was initiated, or in aggregate with other payments, show a transaction volume or amount deviation. Self-leaning AI disciplines are not dependant upon static configuration, and can reason over large data volume patterns to adjust and learn far more than any human operator could to detect attempted fraud. A fraud attacks evolve, through self-learning, so too does the fraud prevention system.
Natural Language Processing disciplines can also be utilised to convert unstructured narrative fields into structured information, delivering the ability to identify parties and purpose and perform profiling analysis.
Winning the War
The adoption of such 'real-time forensic' technology can provide a robust and reliable approach to secondary payment validation, working in real time to ensure the millions of valid messages sent each day across the network are not interrupted, and is essential to ensure global financial infrastructures remain secure.
The National Crime Agency in the UK warns of a cyber technology arms race where "criminal cyber capability currently outpaces the UK's collective response to cybercrime" and echoes the warning that global financial networks face criminals that are "sophisticated, use advanced tools and technologies and invest heavily in their fraudulent activities".
Highly resourced criminal entities will continue to invest in new ways and new technologies to commit fraud. Armed with the highly capable and self-learning real-time forensic AI tools, the global payments community can seize the advantage and keep one step ahead of the fraudsters.