As banks have increasingly moved online in response to COVID-19, there has been a parallel proliferation of cyberattacks that attempt to damage, disrupt or gain unauthorised access to the computer systems of banks and other financial institutions. So while banks are looking for ways to streamline the onboarding process, they must ensure that they build in the necessary safeguards to thwart these types of attacks.
Here are just six of the countless cyber threats that banks must now contend with and how having a smart account onboarding process can help.
1. New Account Fraud
What it is: New account fraud isn’t new, but it’s fast becoming one of the biggest problems in the digital banking era, costing the financial services industry billions each year.
How smart onboarding can help: Requiring a bank customer to capture a picture of a government-issued ID and a corroborating selfie has a chilling effect on attempted fraud. The simple requirement of a selfie can deter as much as 90% of fraudulent attempts since it requires the scammer to capture and share their own likeness with the company they’re looking to defraud.
2. Sleeper Fraud
What it is: Also known as bust-out fraud, sleeper fraud is a type of credit card fraud where an individual applies for a credit card, establishes a normal usage pattern and solid repayment history, and then maxes out the card with no intention of paying the bill.
How smart onboarding can help: By requiring a picture of a government-issued ID and a corroborating selfie, and not just relying on self-reported information, banks can thwart sleeper fraud and other forms of first-party fraud. Banks should also leverage analytics to help set a behavioural baseline and remove suspicious accounts from the collection workflow so that they can be properly analysed.
3. Account Takeover
What it is: Criminals gain access to someone’s bank account to make unauthorised withdrawals and purchases. Sometimes, the fraudsters will change login details to the account. In many cases, con artists engage in phishing activities as part of the scheme.
How smart onboarding can help: If a remote user is required to provide some type of biometric when they initiate a high-risk transaction such as a password reset or wire transfer, the account takeover threat is largely eradicated. ATO preys upon websites that rely exclusively on a simple username and password (or some basic form of knowledge-based authentication).
4. Synthetic Fraud
What it is: Fraudsters can also carefully hoard a cache of stolen bank account data and other details to cobble together realistic-looking identities to perpetrate identity theft, new account fraud and gain entry to other platforms.
How smart onboarding can help: Synthetic identity theft is one of the most difficult types of fraud to detect. Filters employed by financial institutions may not be sophisticated enough to catch it. Jumio’s Face Lookup feature is able to flag potentially fraudulent activity when spotting the same face being used across multiple identity verification attempts. Offering state-of-the-art accuracy, Face Lookup specifically targets fraud rings and repeat offenders.
5. Social Engineering
What it is: Criminals are increasingly sharing resources and information and reinvesting their illicit profits into the development of new, even more destructive capabilities. In fact, over 82% of surveyed financial institutions said cybercriminals have become more sophisticated, leveraging highly targeted social engineering attacks and advanced TTPs for hiding malicious activity (Source: VMware Carbon Black, May 2020).
How smart onboarding can help: Protecting online accounts and systems with a simple username and password is a recipe for disaster. Banks need to move beyond password-based and knowledge-based authentication paradigms to better defend against social engineering exploits. Creating a biometric template of the customer at enrollment helps defend against downstream account takeovers.
6. Wire fraud
What it is: With most wire fraud scams, cybercriminals use spear-phishing emails designed to gather email account details. Armed with account access, fraudsters wait patiently and obtain intimate details about a transaction and the participants involved. This makes all other parties involved in the deal targets.
How smart onboarding can help: The quickest way to defend against wire fraud is by requiring more than just a username and password to initiate a wire transfer. If a bank creates a biometric template of the customer at enrollment, they can request a new selfie, generate a new biometric template and compare the two templates to ensure that the user requesting the wire transfer is the actual account owner.
Want to learn more? This guide provides an in-depth look at the principles and technologies that result in a seamless customer onboarding experience that optimises new account conversions while also defending against emerging fraud tactics and meeting ever-evolving compliance mandates.
