Fraud Prevention

The cyber criminals are ready – are the banks?

Attempts to defraud banks are a question of “when” and not “if”, says Joël Winteregg, CEO of NetGuardians. He identifies the greatest risks for Swiss banks and provides insights into protection solutions based on artificial intelligence.

Text: Sara Wyss, 12 December 2018

Is my bank account still safe?

Well, which bank you are with? Just kidding. Most banks cooperate with IT partners on security issues. They take comprehensive security precautions and use the most secure data centres in Switzerland. And this is essential. Because the fact is that fraud attempts are increasing massively. From inside the bank as well as from outside. Whether your account is safe depends on how quickly your bank detects and blocks the attacks. That is because it must discover the fraud attempt before the fraud actually occurs.

Do fraud attempts from within the bank really play a decisive role here?

Yes, and that is often surprising. Globally, the costs caused by fraud amount to around 70 billion US dollars per year. And 70 percent of fraud is committed by employees. At the beginning of this year, for example, a former wealth manager of a Swiss private bank was indicted in Geneva. He is accused of having stolen a total of 3 million Swiss francs from his customers' accounts over a period of two years.

And what types of external fraud attempts are currently on the rise?

Externally speaking, malware attacks, phishing and social engineering are the most prominent. Currently, the most aggressive malware in Switzerland and Austria is "Retefe". It has been in circulation since 2013, but it is so sophisticated that it still diverts up to 90 e-banking sessions a day to fake sites throughout Switzerland. The online banking Trojan is distributed via e-mail. If the attachment is opened, the malware is launched. But phishing is also still a problem: In 2017 alone, over 4500 phishing sites were reported in Switzerland.

How does social engineering work?

With social engineering, criminals use information that they collect, for example, via social media profiles of their victims. They use this information to call their victims and pretend to be officials in order to check supposedly personal information. With the information received, they generate possible passwords to attack online accounts. At the same time, criminals can steal victims' identities in order to apply for and misuse financial products.

MELANI is also increasingly reporting bill swap - what exactly is that?

This is fraud based on swapping invoices. Criminals search hacked e-mail accounts for electronic invoices. They copy invoices they find and delete them from the mail account. After that, they manipulate payee information on the PDF and send the adjusted invoice again. The mail address of the invoicing party is used as sender, so the whole thing is difficult to detect.

You said at the beginning that it was crucial to detect the fraud attempt quickly. Now, however, new and increasingly sophisticated scams are being added all the time. Can banks still be fast enough?

That is precisely the challenge! Sometimes they use samples, pre-defined statistical rules and manual controls. However, these methods allow the efficient detection of only known types of fraud. They are very expensive and, at the same time, lead to a high number of false hits. The decisive disadvantage, however, is that the fraud is detected too late - i.e. when the money has already been transferred to the wrong account. Your trust as a customer is then naturally gone, and the reputation of the bank is ruined.

Joël Winteregg, CEO of NetGuardians

Joël Winteregg, CEO of NetGuardians

Is proactive detection of fraud attempts possible at all?

Yes, definitely - and this is becoming more and more important in view of the increasing cyber risks. This is where profiling and machine learning technologies come in. Your bank uses profiling to analyse which transactions you normally carry out. Your profile contains other information, such as where you usually spend time, the language you use in e-banking, the resolution of your screen, the method you use to identify yourself, or the currency you transfer. Attempted transactions that are made from your account and do not match your profile are stopped immediately. And this also applies to previously unknown fraud methods.

That means in an exceptional situation, I could make an urgent transaction during my business trip to the USA, but it would be prevented according to this scheme.

Exactly. If just one variable – in your case the location – was taken into account, that would result in an incorrect hit, and the transaction would be blocked unnecessarily. That's why NetGuardians combines a large number of variables in its in-house solution. The transaction would therefore be blocked only if, in addition to being made in the USA, it were also in an unusual currency or sent to an unusual recipient. By the way, our solution reduces false hits by over 80%.

This is impressive, but it also means that manual intervention is still not entirely superfluous. Are there other points where solutions based on artificial intelligence (AI) reach their limits?

Technology must always be combined with human intelligence. This is known as "augmented intelligence". After all, people ultimately make decisions regarding operational risks or fraud. However, machine learning technologies help to make better decisions.

AI solutions require a large amount of data. What does the bank need to consider with regard to data collection and storage in order to be able to use appropriate solutions?

The data required for machine learning solutions is already available at the banks. Banks usually have a mountain of data but don't use it. Our technology also relies on existing data from the bank's core and peripheral systems. For the machine learning algorithms, we use bank data that is between one and two years old.

Let's finish now by taking a look at the future: what further progress can be expected in AI-based fraud prevention solutions?

The algorithms will become even better in the future. One approach, for example, is to enrich them with so-called Markov chains. This makes it possible to better predict the future behaviour of a customer, even if I know only a very limited amount of past behaviour. Forecasts of future behaviour are therefore more accurate.

At the same time, it can be assumed that the algorithms will be fed with additional data sources, for example, from social networks. Another exciting approach is behaviour-based biometrics. Instead of using physical biometric information such as fingerprints or iris scans, behaviour-based biometrics uses the way someone types on the keypad or moves the computer mouse, for example.

The race against the scammers remains exciting!

Joël Winteregg

is CEO of NetGuardians. He founded the company in 2010 together with Raffael Maio and developed an anti-fraud software based on machine learning. In 2017, NetGuardians and Swisscom entered into a partnership to jointly launch “Fraud Prevention Service” (FPS). FPS is based on NetGuardians' AI technology and the Trusted Services from Swisscom.

The solution is offered in the “as a Service” model and is available to Swiss banks whose core banking systems are operated by Swisscom. It helps banks prevent fraud via digital channels. Since the launch of FPS in November 2017, 6 banks have already been acquired as customers. Analyses show that the solution enables the banks concerned to handle their fraud management much more efficiently and accurately.

> to the video about NetGuardians

More on the topic