One in four banks worldwide struggle with the identification of their customers while delivering digital and online banking services, according to the latest Financial Institutions Security Risks survey.
As more than half of banks (59 percent) anticipate growing financial losses due to fraud in the next three years, the user verification needs to be at the forefront of the cybersecurity strategies of financial institutions, Kaspersky Lab warns.
Online banking leaves users vulnerable to cyber frauds
While online banking may be convenient, it often leaves users vulnerable to cyber frauds. According to the research, in 2016, 30 percent of banks have had security incidents affecting banking services delivered via the Internet — with phishing against customers, and using customer credentials for fraudulent activities, as the top contributing factor leading to the attacks.
Banks find themselves in need of security technologies that do not undermine the customer experience: 38 percent of the organizations surveyed confirm that balancing prevention techniques and customer convenience is one of their specific concerns.
“While thinking of different approaches to secure digital and mobile channels, banks naturally avoid putting too much pressure on customers. Online banking should preserve its main benefits: as a convenient way of making financial transactions in seconds. That is why we are working on technologies that help to protect both banks and their customers without adding an extra security routine to the user’s experience.” said Alexander Ermakovich, Head of Fraud Prevention at Kaspersky Lab.
So, besides the two-factor authentication and other security procedures used by banks, Kaspersky Lab recommends implementing dedicated solutions that can help to identify whether a person is authorized, without requiring additional actions from the user.
Analysis of user behaviour
The Kaspersky Fraud Prevention platform accumulates and analyzes user behavior, device, environment and session information as anonymized and depersonalized big data in the cloud. Risk Based Authentication (RBA) assesses possible risks before a user’s login, while Continuous Session Anomaly Detection identifies account takeover, money laundering, automated tools or any suspicious processes during the session.
As a result, the platform provides protection not only at the stage of login, but also during the session itself, while customers do not have extra authorization stages to pass through.
To learn more about the Kaspersky Fraud Prevention platform please visit the website.