Security firms have evolved their techniques to meet mounting threats on a digital front, as such banks must change too.
At NICE Actimize, a cybersecurity and compliance firm established in 1999, Mary Ann Miller, senior director and fraud executive advisor, told Bank Innovation that within banks, departments have merged to better address threats.
“Banks are starting ‘fusion teams’ where security and fraud teams work together to disrupt attacks,” said Miller. “Mobile and online banking is becoming the norm, it changes the nature of how banks need to think about protecting accounts.”
Miller suggests banks not only change the way digital and fraud teams work, but begin to implement security measures sooner.
“Having adequate fraud controls allows for business enablement,” said Miller. “If you don’t have realtime transaction monitoring for digital payments in place, for example, it’s a show stopper.”
Factoring in security sooner and reinventing FIs to work more collaboratively on security are some of the things banks must keep in mind. Banks must also acknowledge that their customer has changed.
A New Approach to Thin Files and Compromised Data
AI-enabled cybersecurity startup Socure, established in 2016, noted that thin-file customers who lack more traditional financial data can be a bank’s greatest asset, provided banks know how to authenticate and secure this customer type.
“Individuals whose behavioral patterns have fundamentally changed are no longer resolvable by the bureaus,” Sunhil Madhu, CEO and founder of Socure, told Bank Innovation. “The combination of thin-file and data leaks means that traditional evaluation of equality test just doesn’t work.
Madhu explained that traditional financial data bureaus work by making sure that information in their system is equal to what’s been presented to a financial institution. But the problem with this is multi-faceted. Not only are bureaus verifying consumers against corrupted data that has been breached, such as the consumer data involved in the Equifax breach last year in which 147 million consumers’ data was exposed, many consumers lack sufficient financial data to check against.
Socure works with three of the top 10 banks in the US, among other FIs, these institutions have given tremendous insight into the issue of credentialing and verifying consumers. For instance, Madhu said 46% of consumers trying to open a bank account get rejected.
“The bank is able to improve soft-end revenue from each account it allows people to open up, without risk, that’s new value for the bank,” said Madhu.
The SaaS, which works by verifying 300 plus data sources and pairing them with offline identity profiles to verify customers in about one second, that Socure offers have positively affected bank’s bottom lines.
The True Cost of a Breach
“The bank is reducing fraud losses, and I’m not talking about one or two basis points, I’m talking 60%-80% improvement in fraud loss reduction,” said Madhu.
The self-reported stats were gained by analysis of information provided by the banks that Socure works with.
“On average, a customer of ours gained over 10 times ROI, we have already shown very large FIs for a $2 million annual recurring spend, they’re saving in excess of $60 million losses and also in gains of revenue,” said Madhu.
A July 2018, study conducted by IBM found that “mega breaches,” ranging from 1 million to 50 million records lost, cost companies between $40 million and $350 million respectively.