Fraud Detection in Banking: Q3 2023 Guide

Learn about the most common types of digital banking fraud in the current threat landscape, effective banking fraud detection techniques, tools, and technologies, best practices and future trends, including AI for fraud detection.

As high-profile guardians of wealth, banks are among the most obvious targets for fraudsters seeking financial gain.

That's why the banking industry faces the toughest fraud detection and prevention challenges imaginable.

How many fraud attacks does a typical bank face each month?

The banking sector is charged with fighting fraud at enormous scale. According to a recent study¹, banks earning at least $10 million in annual revenue face an average of 2,000 attempted fraud attacks per month. Larger, high-profile banks can face tens of thousands of fraud attacks per month.

At this scale, a 100% manual (e.g. carried out by human analysts) fraud detection and prevention strategy isn't sustainable.

Banks have no choice but to adopt automated solutions for fraud detection and prevention.

What are the negative impacts of fraud in the banking sector?

Financial losses for the bank and its customers. The most direct consequence of successful fraud is financial loss (up to 5% of revenue, according to a 2022 study²). While undetected fraud can result in financial losses for customers, fraud that is detected is typically compensated by the bank in order to maintain trust, leading to direct financial losses.

Damage to customer trust and the bank's reputation. Banks that fail to develop an effective fraud detection and prevention strategy can suffer damage to their public reputation and customer trust, negatively impacting the business's overall standing in the market.

Concern over regulatory compliance. Banks are legally obligated to implement robust fraud detection measures to comply with financial regulations and data protection laws.

Photo by Ales Nesetril on Unsplash.

What are the latest fraud trends in banking in 2023?

While the volume of fraud attacks is a serious problem for banks, another challenge is the variable nature of attacks.

Here are the fastest growing types of fraud affecting banks this year:

  1. Fraud/Crime as a Service (FaaS/CaaS). Cybercrime is becoming more commercialised every year, with fraud automation and phishing kits available for purchase for a monthly fee³. These kits are designed to be easy to use even when the fraudster has limited technical skills. The result is that it's easier than ever before for unsophisticated actors to commit fraud at scale.
  2. Credential Stuffing. In line with the rise in automated fraud tools, fraudsters are increasingly leveraging software or bots to test stolen or leaked credentials at scale.
  3. SMS phishing/smishing/robotexts. The frequency of SMS phishing attacks targeting bank customers is exploding⁴. As email clients become more sophisticated at detecting and stopping phishing attacks, fraudsters are turning to a channel with far fewer spam controls: SMS. SMS messages are also many times more likely to be opened than email⁵, making SMS an increasingly attractive channel for scammers.

How does fraud detection in banking typically work?

Despite the ever-evolving tools, tactics and techniques of fraudsters, almost all digital banking fraud (including mobile banking fraud) has something in common: it involves payments or withdrawals from the victim's account that differ from the victim's typical pattern of behaviour.

Some of these differences are so subtle that they can be difficult for a human analyst to detect.

This is why automated real-time fraud detection tools, such as Antifraud, are essential for fraud detection in banking.

Automated banking fraud analytics tools monitor dozens of behaviour (behavioural biometrics) and device (device fingerprinting) signals in real-time, then ship them to connected tools, such as Splunk, for analysis.

The predictable nature of fraud is the foundation of the fraud detection field.

It means that regardless of the evolving tactics of fraudsters, fraud detection techniques that detect anomalies in the typical behaviour or device signals associated with an account will continue to remain effective.

An automated fraud detection in banking example:

Here's an example of how automated fraud detection often works in the banking setting:

1. A fraudster sends a phishing email to a banking customer.

2. The phishing email is used to install malware in the victim's internet browser, which is then used to steal the victim's online banking credentials the next time they log in to online banking.

3. Next, the fraudster launches an account takeover attack (ATO) using the stolen credentials and attempts to transfer a large sum of money out of the account.

4. In the background, a fraud detection tool like Antifraud is collecting behavioural analytics and device fingerprint data and sending this data to an enterprise log management and fraud analytics tool like Splunk.

5. Using the Antifraud data, Splunk detects an anomaly and alerts an analyst.

6. The analyst freezes the suspicious transaction before it is completed.

Why is geolocation no longer the primary way to detect fraud?

In the early days of fraud detection, unexpected changes in geolocation were often the primary means to detect fraud. Since fraudsters are often not in the same country (or even continent) as their victims, checking geolocation against typical patterns seems like a logical approach.

Over time, it has become increasingly common for both fraudsters and F/CaaS software to use a configurable VPN or proxy to disguise connections as originating from an expected geolocation (such as appearing to originate from Australia when attempting fraud against an Australian bank.)

For this reason, checking geolocation alone is no longer an adequate fraud detection strategy. While geolocation data remains a powerful signal, it must also be combined with device and behavioural data to build a unique "fingerprint" for the bank's authorised users.

What are the bank fraud detection techniques you should be using in 2023?

A robust fraud detection strategy will require the adoption of several varied fraud detection tools and techniques.

  1. Behavioural Analytics / Biometrics. The field of behavioural analytics (also known as behavioural biometrics) is founded on the well-supported idea that people exhibit consistent patterns of behaviour over time. Deviations from these established patterns could indicate fraudulent or malicious activity. Commonly tracked metrics include things like time of day, geographic location, transaction frequency, and spending habits. More sophisticated behavioural biometrics solutions track dozens of behavioural biometrics to build a full picture of the user.
  2. Device Fingerprinting. While behavioural analytics tracks user behaviour, device fingerprinting solutions track the devices and applications authorised users typically use to carry out this behaviour. For example, when it comes to online banking, most people will typically access these services using their mobile phone or tablet, and possibly a work and/or personal computer. They may also tend to use certain browsers or applications on these devices. Device fingerprinting techniques can identify deviations in typical device access patterns and trigger alerts or 2FA challenges in response. The best fraud detection software combines both behavioural analytics and device fingerprinting capability.
  3. Transaction Fraud Monitoring. Transaction fraud monitoring applies the principles of behavioural fraud analytics to payment fraud detection and prevention. Just as user behaviour is understood to follow a pattern, transactions and payments also tend to follow typical patterns. Transaction fraud monitoring tools flag and potentially block transactions that fall outside these typical patterns, whether in amount, frequency, location, or identity of the receiver.
  4. Machine Learning and Artificial Intelligence (ML/AI). Rather than a technique in its own right, ML/AI is typically used to enhance the effectiveness of the aforementioned fraud detection techniques. ML can be used to enhance fraud detection algorithms with aggregated training data from millions of legitimate and fraudulent transactions. Meanwhile, AI can be used to improve the accuracy of automated fraud response workflows, such as automatically determining whether to challenge, notify, alert, or block a transaction or log-in attempt based on the available data.

What is a typical fraud management system in banking?

Robust real-time fraud detection in banking relies on synergy between automated fraud detection tools and human fraud analysts.

Typically, automated tools will handle fraud detection responsibilities by leveraging behavioural biometrics, device fingerprinting, and transaction monitoring techniques.

Fraud detection data will then be passed to a fraud analysis or log management tool for anomaly detection.

When anomalies are detected these will be run through an automated rule-set, triggering different responses depending on the amount of fraud risk present.

In a highly effective fraud management system in banking, analysts typically initiate a response and make decisions based on comprehensive groundwork laid by automated real-time fraud detection tools.

Let’s dive into the step-by-step details of a typical fraud management system in the banking industry:

  1. Data collection and ingestion. Digital banking fraud detection begins with the collection and ingestion of a stream of behaviour and device data.
  2. Data preprocessing. Collected data is automatically cleaned and formatted to ensure consistency and accuracy.
  3. Automated behavioural analysis. The collected data is compared against typical patterns in real-time to identify anomalies.
  4. Rule-based monitoring. Predefined rules and thresholds are applied to this real-time fraud detection data to flag user sessions or transactions which meet the criteria for fraud risk.
  5. Automated fraud response. In some cases, data may reach the threshold for an automated fraud response, such as immediately blocking a transaction or challenging the user to use an additional authentication factor, such as SMS.
  6. Alerting analysts. In other cases, transactions or user sessions may be flagged for manual analyst review. This typically occurs in situations where automated systems cannot make a clear determination on whether a transaction is legitimate or fraudulent. Alerts are typically prioritised based on potential severity.
  7. Customer communication. In some cases, analysts may contact customers to gather more information and check whether a given transaction was authorised.
  8. Decision-making. Analysts combine data from real-time fraud detection tools with their own research to make a determination on the legitimacy of a transaction. They may decide to approve, decline, or withhold a transaction or account for review.
  9. Blocking and freezing accounts and payments where necessary. Where fraud is confirmed, analysts may decide to block or freeze certain accounts or payments.
  10. Documentation and case management. Detailed records of the investigation, actions taken, and must be documented in a case management system. This documentation is essential for compliance and reporting.
  11. Reporting. Individual fraud cases are tracked as part of reporting by fraud managers. These reports summarise fraud trends, the effectiveness of fraud prevention at the bank, and the impact of fraud on the bank.
  12. Feedback loop. Analysts provide feedback to improve fraud detection rules and algorithms, helping to reduce false positives and enhance fraud detection accuracy.

Where to next?

If you'd like to improve your behavioural analytics or device fingerprinting capabilities, we suggest using Antifraud to gather dozens of fraud telemetry signals and ship them to your chosen analysis platform.

We can also help you to establish or uplift your fraud analysis workflows based on the experience we've gained optimising workflows at many major banks.

Feel free to reach out to us a for a brief chat about your use case and to understand how we may be able to help.

Whether you're establishing fraud detection workflows at a new bank or FinTech, or improving your existing workflows, we hope this article has helped you gain a better understanding of fraud detection best practices in the banking sector in 2023.

References

¹ https://bankingjournal.aba.com/2022/01/study-banks-see-rise-in-fraud-attempts-associated-costs-in-2021/

² https://acfepublic.s3.us-west-2.amazonaws.com/2022+Report+to+the+Nations.pdf

³ https://www.computerweekly.com/news/252509367/Scale-of-crime-as-a-service-economy-a-growing-concern-say-researchers

⁴ https://www.theguardian.com/money/2023/apr/22/robo-texts-scams-bank-accounts

⁵ https://www.forbes.com/sites/johnkoetsier/2019/11/14/consumers-35x-more-likely-to-see-brands-texts-vs-emails/?sh=285b8c40445a