How financial institutions can stay vigilant amidst evolving cybercrime
New fraud threats are constantly emerging because of the rapid increase in digital interactions and marked rise in the number of users interacting with merchants and financial institutions online and via mobile devices. Banks, credit unions, retailers and others are tasked with combatting the ever-mutating fraud threat through agile, preventative and comprehensive approaches.
Owing to the trend of popular migration to digital, account takeover fraud has been identified as the fastest-growing form of fraud. Account takeover losses increased 90% since 2020 to $11.4 billion in 2021, per the Javelin Strategy & Research 2022 Identity Fraud Study: The Virtual Battleground, representing about a quarter of all identity fraud losses in 2021. Being prepared to respond to and recover from fraud will always be essential, but a proactive approach can prevent millions of dollars in losses in the first place.
Threats on the Rise
As cybercrime evolves, data breaches have become a formidable threat to every industry. One trend that is causing significant loss to both consumers and financial institutions is impersonation through phone calls, emails and text messages. Fraudulent text messages were projected to account for approximately $28 billion in losses in 2022 alone, according to a RoboKiller report.
Although consumer discretion plays an important role in preventing these losses, financial institutions have a responsibility to stay ahead of the threats. Financial institutions that use such traditional verification methods as birth date and zip code are more susceptible to fraud, as this information is easily accessible to fraudsters online. Some people are even duped into providing this sensitive data willingly via discussion threads on social media sites.
Prevention Through Proactivity
Protecting against ransomware and similar attacks should also be a top priority for every financial institution. Nearly 72% of targeted cyberattacks involve a phishing email, many of which can be prevented by methods such as:
- Two-factor authentication. Invest in and update consumer authentication methods across payment channels and consumer touchpoints.
- Audit trails. Maintain records of the consumer journey, knowing expected patterns and behaviors and flagging any behavior that is considered uncharacteristic.
- Secure infrastructure. Prioritize security standards across the organization, including partners and vendors.
- Routine updates. Refine internal processes to ensure security practices are evaluated and updated regularly.
- Customer education. Continuously communicate and educate consumers and remind them to be aware of potential scam tactics and steps they should take to safeguard their accounts.
Today’s consumers expect their financial services interactions to be fast and free of frustration, and while they demand security, they do not want to jump through multiple hoops to access their accounts. Account takeover can be difficult to detect. Unlike card fraud, where the accountholder might quickly notice suspicious charges, an account takeover attack can go undetected for an extended period—as criminals can change login and contact information—delaying the time it takes for the real accountholder to realize they’ve been compromised.
A dynamic view of customer activity can help prevent this. Solutions like AuthHub from Fiserv provide a 360-view of the consumer across a wide range of payment types and channels. Using a comprehensive and layered approach can help detect multichannel fraud, while also maintaining a friction-free consumer experience.
By connecting financial channels and touchpoints—including debit and credit card transactions, online and mobile banking activity, ATM interactions, rewards programs and contact center activity—automated technology can create an in-depth profile of an individual’s financial services behaviors and patterns. This comprehensive, cross-channel knowledge, combined with industry data, enables more accurate identification of unusual or suspicious activities that might indicate fraud.
Staying Agile Amidst Ever-Changing Landscapes
All industries susceptible to account takeover fraud must stay vigilant. Financial institutions in particular have higher risk due to potential unauthorized access to customer funds. It is essential to prioritize and allocate resources toward effective fraud prevention and remain agile to prepare for emerging threats.
In an increasingly connected and digitally dependent world, financial institutions, merchants and other companies must achieve the highest levels of cybersecurity. Knowing potential threats to an organization—and quickly identifying and eliminating them—can help financial institutions maintain their hard-fought position as trusted financial services providers.
Patti Reid is VP/card risk solutions with responsibility for the community issuer and network fraud risk business at Fiserv, a CUES Supplier member. With over 20 years of payments experience, Reid is passionate about the evolution of the payments Industry. From portfolio growth to business intelligence to risk, bringing good things to life is her niche. She joined Fiserv from TSYS, where she spent 18 years in a variety of roles including product, innovation and corporate strategy across the North American and EMEA markets to improve the payment experience. At Fiserv, Reid leads the risk product team, driving solutions to mitigate fraud and improve consumer experience.