Combating bank fraud that targets user behavior

Posted on: January 02nd, 2013 by Art Barger

Even with fraud defenses in place, individuals are still the ones who have to ultimately make banking decisions that could put them at risk. In other words, while anti-fraud technologies are designed to provide red flags and help detect fraudulent transactions, they can’t always stop people from being duped by clever social engineering schemes. That risk is often left up to the individual’s discretion, whether it’s a customer or employee.

The recent article, “How to Address Security’s Weakest Link,” explores one of the most inherent security vulnerabilities that banks face today — people. Broadly recognized as a bank’s most valuable asset as well as its biggest weakness, Matthew Speare, M&T Bank’s senior VP for information technology, said it doesn’t matter how much awareness effort is made, the ongoing challenge for every banking institution is to continually educate people about fraud trends while influencing user behavior.

“Whether it’s internal employees or customers, unfortunately, people end up being their own worst enemy, as well as ours.”

While today’s security strategies are largely focused on various technologies that protect banking channels and their customers, and rightly so, many see the value in incorporating educational programs to raise awareness around fraud and emerging social engineering schemes.

There’s no denying the role education can play in any bank’s anti-fraud strategy; however, that can be complemented with fraud prevention solutions that both educate and inform bank representatives about the level of risk of each customer call. The TrustID® network-based Physical Caller Authentication incorporates proactive fraud detection to instantly educate bank agents about the legitimacy of incoming calls.

By automatically validating the physical location of the telephone (landline or mobile device) before the call is answered, TRUSTID gives contact center representatives more insight into the call before they pick up. So, even when a criminal tries to manipulate their Caller ID or ANI in an effort to socially engineer a bank’s call center, financial institutions can instantly see if the call is coming from a legitimate customer, or if it poses a higher risk for fraud.

As a result of having a real-time customer authentication solution like TRUSTID that non-intrusively identifies legitimate customers and invisibly sees when criminals have spoofed their Caller ID — all before the call is answered — banks can make faster, better educated business decisions to reduce the risk of social engineering schemes that target unsuspecting customer care agents over the telephone channel.