Data Protection, Cyber Security and Insurance

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

11

For example, says Singh, AML checks can be much more efficient and accurate through authentication technology. Not only do they process documents and information much more quickly when they become digitised, but they are also more effective at AML compliance and requirements.

Time and place

There are certain areas in the world where we see a larger amount of fraud than others. Ayling points out that RSA sees major differences in how each geography treats issues such as privacy and security. For example, the Nordics boast very low rates of fraud, which is largely attributed to the standardised use of two- factor authentication.

In the UK, consumers demand convenience and accessibility even if that is inherently unsafe. The authentication methods have consequently become more lax to accommodate this need. This has, in his opinion, allowed fraud to thrive in certain aspects. It is interesting to note that RSA cites a Nordic bank that opted for a less demanding UK-type authentication process, and saw a 20% growth in customers.

The GDPR will be key to managing and safeguarding procedures for sharing data

“

The numerous points of access and the ability to overcome low-security authentication processes through the information widely available digitally are some of the main reasons fraud rates are rising. Sundeep Tengur, banking fraud solutions and financial crime specialist at SAS, used the example of fraudsters being able to obtain personal information from social media to bypass security questions. Some criminals set up fake identities for themselves, using this method of stalking. Again, big data is a double-edged sword and can be a threat if the necessary precautions are not taken.

In fact, in the UK, phishing and malware campaigns have also been prominent methods for fraudsters to acquire their victims’ details. While these attacks were traditionally carried out by the lone- wolf-type criminal, highly opportunistic in their attacks, the current waves of attacks are executed by organised gangs. According to Tengur, there are images of police raids that reveal call-centre-like facilities, from where these groups launch very systematic attacks with sophisticated

Sundeep Tengur: Big data is a double-edged sword

modus operandi and strategies. In the UK, most of these gangs come from the Eastern bloc and set up their operations here.

The data solution

With massive regulatory pressure ahead, this issue should be a priority. Tengur said the General Data Protection Regulation (GDPR), (see page 24) due to become law next year, will be key to managing and safeguarding procedures around sharing personal data.

For Ayling, PSD2 is one of the most exciting things happening in the industry, but it may present some hurdles in the management of information. Human-not- present interactions, the Internet of Things (IoT)

Tim Ayling: PSD2 may present challenges in the management of information

and the ubiquity of personal data through social media make a very comfortable swamp for fraudsters to be swimming in. This chunk of regulation has no previous precedent regarding scale, potential, and ambition, so it is hard to accurately predict what will follow it, particularly with the lack of specification at the moment.

For RSA, the ability to gather information is key to combat fraud. In fact, RSA has set up an e-fraud network able to detect deviations from normal behaviour through big data and analytics.

Ayling commented: “We use analytics across our product set, as well as machine learning. One key piece of analytics we do that others don’t is the product ‘Web Threat Detection’. The reason this is different is that other solutions are only focused on login and transactions, as those are the points where fraud happens. However, proper analytics will look at the history, but more importantly, the behaviour that builds up to the fraud. There are hundreds of indicators that occur before fraud transpires. This is an area that we are alone in offering.

“Regarding artificial intelligence (AI), we’re doing a lot of work around automation of handling fraud cases and prioritising potential fraud cases for analysis. It isn’t all about detecting fraud – it’s about the balance of allowing transactions to flow and fraud detection. By using AI to lower operational costs in detecting fraud, our customers are in a better position to do exactly that.”

Tengur said that the modern fraud prevention methods need to be proactive in the way they fight criminals. This is why we need to embrace data, be it through behavioural analysis, customer profiling, or other methods. The number of fraud attempts taking place means that we cannot have a reactive approach any more, but have to keep one step ahead of the fraudsters.

www.ibsintelligence.com | © IBS Intelligence 2017

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11