Our anti-fraud expert Kjell Rune Vilhelmsen helps us look into the day-to-day anti-fraud benefits in a multi-tenant managed service setup.
It started off small, with a couple of fraudulent transactions alongside many genuine ones, but it soon grew in scale across several banks, geographies and card types (debit, credit, VISA and MasterCard). Within a short time, fraudulent transactions amounted to several hundred thousands of euros.
The merchant did support strong customer authentication methods, but since the misused data had been compromised by manipulation of cardholders, the cardholders’ security credentials were also compromised.
This case is by no means unique; we’ve seen many similar ones recently. And many actors working in the anti-fraud area see them every day. We have of course removed sensitive information from the description of the case, but be assured it is a genuine one. Anyway, the details of the case are less important.
What is at stake here is that even though this case had the potential to become a major fraud event, it was successfully mitigated and minimized – at least for customers of TietoEVRY’s managed service.
Only a few transactions slipped through before our experienced investigators as well as the transaction monitoring system at our monitoring center realized what was going on and immediately shifted to damage control mode.
Over a two-week period, repeated attempts were made to defraud our customers for hundreds of thousands of euros, but only 4% of the attempts were successful. The other 96% were unsuccessful because our fraud management platform detected them and prevented them from being processed.
However, we believe that other banks were more severely affected by this attack, because it lasted for around two weeks, and no business-minded fraudster would settle for a meagre 4% success rate after so much effort.
As the heading of this article implies, the more data available, the better the decision-making processes and the less the likelihood of attacks and incidents like the one described above. This applies to the volume of data on a single transaction or customer portfolio and to the number of uniquely different portfolios available. Having both depth and range in data makes it possible to see both the finer details and the big picture. This is one of the key benefits of a multi-tenant managed service.
Combined with the intelligence provided by our customers and partners, the aggregated knowledge about fraud and trends accumulated from studying both the details as well as the big picture is vital to us. It means our system and staff are far better equipped to deal with changes than those who only look inwards at their own data.
The benefits of large volumes of data apply to all risk mitigating processes across all areas of society, whether it be cybercrime prevention, public administration or health services. Of course, there is also the need for an organization and a system to process the data and make the right decisions, but the fundamental rule remains: the more data available to make good decisions, the better the decision-making processes will be.
This applies today but will apply even more so in the future as financial crime continuously evolves both in complexity and range and thereby increases the standards of expertise, knowledge, technology and cooperation required by actors like us in the anti-fraud industry.
On 6 May we will hosted a webinar on the benefits of our managed financial crime prevention service. In the webinar, you will learn more about how we help banks improve their financial crime prevention efforts by pooling their data to make better decisions.
Kjell-Rune has worked in fraud prevention for more than 17 years. In TietoEVRY's Financial Crime Prevention team, he has been involved in fraud analysis, product development and business development. Kjell-Rune is one of our most senior anti-fraud experts and a key driver for Financial Crime Prevention's innovation and market knowledge.