Machine learning: using customer behaviour against fraudsters

Banking customers are increasingly falling victim to social engineering attacks. In these types of attacks, fraudsters impersonate the bank to persuade unwitting customers to give away their financial credentials - or even to transfer their money directly into a criminal’s account.

Phishing, vishing and smishing: how fraudsters gain access to customer accounts

Phishing: social engineering attack through fraudulent emails

Email phishing is the most commonly known method for social engineering attacks. In a phishing attack, fraudulent emails are used to either deploy malicious software onto a customer’s computer (such as spyware or key loggers) or provide a link to a false website (which looks genuine) that asks the customer to submit private information, such as log-in details.

Vishing: social engineering attack through phone calls

A fraudster calls a customer claiming to be from the bank and apparently seeking to check on recent account activity. The fraudster will typically claim they have noticed suspicious activity on the account, lulling the customer into a false sense of security that their account is being monitored for fraud. The fraudulent caller will trick the customer into verifying their identity, which provides the fraudster with sensitive personal information – or may even convince the customer to move money out of their account into a fraudulent account during the call.

Smishing: social engineering attack through text messages (SMS)

Scam texts are sent to a target mobile phone, masquerading as a trusted organisation such as a bank or a customer’s insurance provider. The text will often claim that urgent action is required to protect personal information and may contain a hyperlink leading to a fraudulent web page. The fraudster may then use this information to perform a password reset or any other form of authentication. With mobiles becoming a common device for online shopping and banking services, it’s not uncommon for these links to provide a form of virus, that then sits on your mobile and collates and sends data to the fraudster.

How can banks tackle social engineering fraud?

Social engineering attacks are highly challenging to detect in real time, as the customer has provided the fraudster with the information they need to access the account in a seemingly legitimate way. For all intents and purposes, the individual accessing the account appears genuine – or it may even be the genuine customer, acting under duress.

It’s all about understanding behaviour

To detect this type of fraud as it happens, banks need to be constantly analysing subtle changes in individual account behaviour, across all customer touchpoints with the bank.

The latest machine learning technology, which uses adaptive behavioural analytics, is making this possible. Using this unique approach, banks and payments providers can quickly and accurately build a deep understanding of each individual customer’s normal behaviour and detect the significance of anomalies when that behaviour changes.

Spotting subtle changes in behaviour

User authentication involves more than simply entering a password. Customers’ digital interactions with a bank typically involve drop-down menus and multiple screens within the online banking system or mobile app. By monitoring all these actions holistically in real-time, machine learning fraud detection systems understand the sequence and timing of actions that customers normally take and establish a behavioural model for each customer.
When a subtle change in customer behaviour is detected, for example when setting up a new account beneficiary, machine learning fraud systems identify – quickly and accurately – that a customer is acting out of character, even if the credentials appear genuine.

At this point, the bank is alerted and can intervene to prevent fraud in real-time, before funds are transferred out of the account.

Helping banks spot and block social engineering fraud

Understanding customer behaviour is key to catching fraudsters in the act. With the power of real-time machine learning fraud systems in their hands, banks are turning the tables on financial criminals, spotting and stopping crime as it happens.

About Sean Neary:

Sean Neary joined Featurespace from the banking industry as a Financial Services Subject Matter Expert in 2016. Sean has worked in financial services fraud operations for over a decade, beginning his career in the operational environment as a Fraud Analyst at Barclaycard, where he worked his way through the operational sectors, from complex fraud to special investigations & management.

From there, Sean moved to managing fraud strategy and analytics, with responsibility for assessing new fraud trends and technologies. His role included three years leading the global fraud technology team at Barclaycard, covering issuing, acquiring and commercial.

As a Subject Matter Expert at Featurespace, Sean applies his industry expertise and knowledge to ensure that Featurespace’s ARIC platform development meets the needs and expectations of the banking and payments industry.

Feauturespace is a company that brings new insights through new ways of treating data. The company’s technology is deployed on-premise or via secure cloud in over 180 countries. Their ARIC (adaptive, real-time, individual, change-identification) platform uses Bayesian statistics to model and predict individual behaviour in real-time. This machine learning allows computers to understand when an individual customer’s behaviour is out of character and automatically evaluate risk.