Antifraud systems: description, features and principle of operation

How do banks and payment systems protect? A modern effective option is special antifraud systems. Russian law makes today their application not only desirable, but even mandatory. Hence the expansion of the spectrum of such systems, the increase in their market, the emergence of new types of services and software. Let's figure out together what it is, how such systems function, how they are regulated by law, what problems are associated with them.

What is fraud?

The English terms fraud, anti-fraud (fraud, antifraud) are quite popular today: they can be heard in the speech of ordinary people, and can be seen in specialized scientific publications. Most often, they accompany topics related to banks, electronic payment systems, financial institutions. And this is no accident. Fraud reached its heyday here.

So what is it? Fraud is a type of fraud. Actions related to the theft of another's property, asset or acquisition of rights to another's property, an asset through abuse of the victim’s trust or deception. The interpretation of the latter concept is also important. Deception here is a conscious distortion of true information (active deception) and silence about the true state of affairs (passive deception).

Now we turn to the definition of the criminal legislation of the Russian Federation. Fraud (Article 159 of the Criminal Code of Russia) - acts committed with the mercenary purpose of deceiving or violating the trust of the victim, the result of which is the unlawful seizure of property or property rights in favor of the guilty person or other persons who have caused harm to the owner of the property.

So what makes fraud different? All actions against the victim of crime are based on her deception. Since we are analyzing antifraud systems, we will give classic examples for the IT industry:

• Phishing - the creation of fraudulent sites by cybercriminals.
• Carding - all kinds of ways to fake payment cards.
• Wishing is an abuse of the confidence of a customer or customer.
• Farming - redirecting to malicious sites.
• Mobile fraud and other illegal activities related to social engineering.

Imagine now the definition of fraud in the narrow sense - specifically for financial organizations. This is the name of deliberate action or inaction of individuals and legal entities in order to obtain undue profit at the expense of another person, company, and / or to cause him (her) material or non-material damage.

Ways to Prevent Fraud

We come closer to antifraud systems. Fraud must be prevented already at the administrative level when it comes to financial institutions. Specialized software is not always involved for this. Classic countermeasures are as follows:

• Internal audit in the organization.
• Training employees in practical counteraction to fraud.
• Management of both logical and physical access to the system.
• Identification and control of conflicts of interest in the company.
• Procedures for coordination and authorization of employee actions.

But, as practice shows, such events are sometimes not enough. In the modern world, special antifraud systems are more effective. We will stop on them.

Antifraud systems - what is it?

The Fraud Detection System is the English name for our subject. The antifraud system for a bank is specific software / hardware-software systems that provide for monitoring the fraud, its detection, and controlling the level of danger. Designed primarily for banking institutions, payment systems, teleoperators.

I must say that the varieties of fraud change over time, progress. For example, a few years ago, the main threats to banks were carding, screaming (illegal use of devices that read information from the magnetic track of a bank card). Often in the press you can see messages about special bookmarks at ATMs that are installed to illegally read information from victims' cards.

Today, various services of remote banking services (remote banking services) are at risk . Special malicious programs for mobile devices are being developed to steal information. Specialized fraud in automated and banking systems is popular. It is also called internal or insider. Therefore, in the first place is the development of antifraud in the RB system. Let's move on to the next topic.

Legislative regulation

So, you see the message: "The operation is prohibited by the antifraud system." Why? Security software allows banks to block all suspicious (from their point of view) operations. This is done both for the safety of the client and for the profit of the bank itself. After all, if the transaction was completed without the consent of the account holder, the financial institution must fully compensate him for the damage. This is prescribed by Federal Law No. 161 “On the Financial National System” (Article 9).

Let us turn to a recent document of the Central Bank of the Russian Federation entitled "On Data Protection Requirements in Bank of Russia Payment Systems". He establishes that all domestic banks are obliged to report all kinds of fraud transactions (unauthorized transfers of funds through payment systems). Also, financial institutions are obliged to notify state authorities of suspicions about the occurrence (or even the possibility of occurrence) of incidents in segments of the network where the workplace for access to the payment system is located.

To date, the theft of large sums of money from customer accounts is already a matter of jurisdiction. But, unfortunately, fraudulent transactions related to the unlawful retention of the victim’s finances when paying with virtual stores are practically not investigated in the Russian Federation.

Under revision in the Russian Federation, a bill introducing strict liability for committing cybercrimes:

• Art. 158 of the Criminal Code of Russia will be supplemented by a clause on the theft of electronic money, amounts from bank accounts.
• Art. 183 of the Criminal Code of Russia will be supplemented by a clause on the illegal collection of personal data of a victim by abuse of her trust.

I am glad that today the Central Bank of the Russian Federation has decided on the concepts of crowdfunding regulation - one of the ways to collectively finance a project based on voluntary donations. The main risks: the use of crowdfunding to build financial pyramids, the opacity of financing instruments, the possibility of non-return of funds to sponsors in the event of a project failure.

Principles of action of protective systems

Antifraud systems in popular mobile trackers, in other complexes and devices perform two main tasks:

• Form a control environment.
• Prevent fraudulent transactions.

Let's see how bank antifraud works. The general principles of operation of such systems for all complexes so far remain unchanged. The process is preceded by the search for anomalies - atypical actions, operations, accounting entries in frequently repeated events that work with a lot of data. Most systems obviously have examples of atypical cases in their software that need to be adapted for each typical action.

So, what is the main recognition point for a new generation of antifraud systems? These are atypical actions and heterogeneous information. Indeed, according to statistics, 85% of the actions of each bank employee are cyclical and repeatable every day.

And then, as they say, a matter of technology:

• A snapshot of the standard employee day is formed.
• Configure automatic notification of its actions.
• According to the identified deviations, a picture is formed of the fraud possibly committed by him.

To understand how anti-fraud systems work, we will present the following algorithm:

1. Formation of a fraud pattern (template).
2. Identification of matches up to 80% of actions with this template.
3. Blocking the user until the reasons for his non-standard behavior are clarified.

According to statistics, the same scheme of fraudulent behavior in a particular company can work up to 4 times!

What about deviations? Practice shows that for the most part they are standard, repeatable beyond the individual characteristics of each client. Based on the main tasks of internal antifraud systems, the algorithm in this case is as follows:

1. Deviation patterning.
2. Matching 80% of the action.
3. Alert relevant government agencies about the possible causes of deviant behavior.

Information analyzed by the system

You can better understand the construction of an anti-fraud system, being aware of what information it operates on.

The data set will be different for each specific organization. First of all, it depends on its specifics: a bank, a telecommunications operator, a depository, a clearing center, etc. In general, information is collected from a variety of financially significant complexes. For example, from ABS for the banking sector, from transaction databases for payment systems.

The criteria for selecting data are also different. For SAP systems, the actions and operations that are displayed in the general ledger are more significant, for telecom operators, customer traffic and actions that can reduce the amount in his personal account.

System architecture

Briefly touch on the architecture of antifraud services. As a rule, they are oriented towards client-server construction. Technical features will largely depend on the design chosen by the specific developer, and the environment in which his product will be introduced.

But any of the systems will necessarily contain the following elements:

• The core of the whole system.
• Database.
• Management consoles.
• Special client modules.

If we turn to the review of mobile antifraud systems, then their content will be generally the same. We move on to a new topic.

Intelligent Systems

Naturally, in response to this innovation, fraudsters begin to look for new ways to bypass antifraud systems. To counter these attempts, developers are releasing increasingly sophisticated countermeasures.

One of the new products is an intelligent antifraud system. It is installed in industrial data centers or server rooms inside the IT structure of the organization itself. Its algorithms are built on mathematical models of a typical employee’s working day.

But that is not all. For modern antifraud systems, machine learning is also possible. The data for it is obtained from a voluminous array of information called BigData. Thus, private models of behavior for each employee are formed, “tailored” to the specifics of the client’s business.

What is good about self-learning data antifraud systems? This concept allows you to reduce the level of two common mistakes - false alarm and skipping real birds.

How to choose an antifraud system? Of course, consumers should pay attention to the possibility of self-learning. But do not think that the system will guarantee 100% security. Cybercriminals come up with new attack methods every day. And unfortunately, you can learn about them only after committing a crime.

There is another aspect against which even the most advanced anti-fraud systems are powerless today. This is the application of social engineering methods by criminals. In other words, those cases where the victim voluntarily transfers money to the attacker, discloses his personal information, provides classified information on bank cards, etc. Against such a "charm" fraudsters countermeasures have not yet been invented.

Using the system for online banking

Let's see what anti-fraud systems are for online banks and RBS services. First of all, to protect customers, restrictions on financial transactions and the use of a "second line of defense" are applied here. We list examples of fraud monitoring solutions:

• Restriction of purchases on one bank card or one client at certain intervals.
• Restrictions on the largest amount of a one-time purchase with one bank card or by one client in a certain period of time.
• Limit on the number of bank cards used by one owner in a certain period of time.
• Limit the number of users that can use one bank card.
• Accounting for purchase history: the formation of black and white lists.

So that the inscription “Payment is not completed: operation is prohibited by the antifraud system” does not appear before the cardholder at a crucial moment, a number of requirements are presented to it (the system). The most important of them: recognize the user by certain standards and algorithms.

Accordingly, the value of a particular antifraud system lies in its ability to quickly and accurately recognize where the actions of the owner and where are the operations performed by the fraudster. Another important function of fraud monitoring is to evaluate how a real cardholder behaves when making a payment, say, in an online store. The information that the client enters, the similarity of his behavior with the algorithm of typical actions, and so on, is checked.

How does the system work with mobile banks?

For the convenience of the reader, we present a visual algorithm of work:

1. First of all, the operation is checked, as we have already indicated above, for the correspondence of the behavior of the card user to the typical actions of its owner. The most important thing is the correctness of the input information, which should be known only to him. For example, a PIN code.
2. Based on the analysis of the actions of the face of the operation, a specific label is assigned.
3. Green A transaction with a low probability of fraudulent activity.
4. Yellow. Transactions for which the risk of fraud is above average. That is, increased attention is required to make such a payment.
5. Red It is very likely that the executed transaction is fraudulent. To make such a payment, you need documentary evidence of the identity of the card holder.

Additionally, the simplest ways to protect the client can be applied:

• Protection against selection of card number and its CVV-code.
• Analysis of the parameters of a particular card by type of product, owner, issuing banking organization, country of issue and geography of its use.
• Identification of the cardholder by the history of his purchases.
• Retrospective analysis of expenses on the card.
• Fingerprint detection of used equipment suspicious operations, etc.

We will return again to the above labels and their meaning:

• Greens. A person pays with a card issued by a Russian bank for a purchase in Russia. The invoice amount does not exceed the average for it. So the operation is assigned a green color. Then she will go for authorization using 3D-Secure (the card holder should enter the code that will come to the phone number attached to the card).
• Yellow. Such tags will, accordingly, be assigned to transactions with a check amount above the average for this holder. For example, when paying for the same purchases from online stores. In such cases, the bank card will automatically be sent to online validation or manual verification.
• Reds. These are operations that the system regards as fraudulent. To give an example: the card was issued in Russia, but with its help they paid in the USA, while the holder of the "plastic" is in Turkey.
  
  
  
  
  
  

System flaws

In conclusion, let's talk about the pros and cons of the antifraud system. The most important flaw: the inability to prove the fact of fraud. It rests on insufficient evidence base, lack of necessary technical details.

Let us give a “sick” example - the so-called friendly fraud, which banking portals have written about more than once. The fraudulent scheme here is something like this:

1. The card holder makes a purchase in the online store.
2. Then the cardholder applies to the issuing bank with a request to return financial funds to his account due to the failure to provide services or non-delivery of goods. That is, hold a chargeback.
3. If the store was unable to prove the unfairness of the claims of the card holder, the bank is obliged to write off this amount from the market account and return it to the account of the failed customer.

As a result, online stores suffer:

• From unscrupulous customers who knowingly provide false information for the purpose of non-payment or initiate a refund after receiving the goods or the actual provision of the service.
• From their own employees, for personal gain, using the personal information of the employer.
• From hackers and cybercriminals who illegally gained access to the store’s personal database.

Even the most advanced anti-fraud system today will not be able to withstand the human factor. If there is a collusion between bank employees and store employees, then the software is unrealistic to successfully resist it.

In addition, the use of such systems leads to its “production costs”. If the security software often rejects payments and transfers of bank customers due to the fact that they seem suspicious, the organization will lose its cardholders who are not satisfied with restrictions on their own finances.

If virtual stores implement the fraud monitoring system, then there will be problems with the protection of user data - both personal and payment. In addition, it is necessary to pass certification for compliance with PCI DSS requirements, as well as take into account Russian federal laws on the protection of personal information.

To summarize. Antifraud systems are special software capable of resisting cyber attacks, hackers and other types of fraud in banking and payment systems. The most advanced systems here today are intelligent systems capable of self-learning during work. However, fraud monitoring still has a number of annoying shortcomings: the probability of erroneous blocking of payments and transfers, the inability to confront the human factor.