Your browser is obsolete!

The page may not load correctly.

The rules of ”basic hygiene”

Правила гигиены

Other issues in this category (54)
  • add to favourites
    Add to Bookmarks

Anti-fraud: Effective, but not invincible

Read: 272 Comments: 2 Rating: 6

Major Russian banks, such as Sberbank or Alfa-Bank, process more than a million transactions per day. Even four years ago, Visa was processing 150 million transactions per day.

https://xakep.ru/2016/01/19/how-antifraud-works

Of course, it’s impossible to manually track each transaction for fraud, considering these huge numbers. That’s why, banks use a Fraud Detection System—specialised anti-fraud software systems that verify financial transactions.

Federal Law № 161-FZ “On the National Payment System” furthered the spread of anti-fraud systems. In accordance with its Article 9: “the money transfer operator is obligated to refund the amount of money that has been transferred without the client’s consent to the client”, in case of fraud. For this reason, almost all banks have deployed anti-fraud systems.

What specifically do anti-fraud systems do? Strangely enough, they very much resemble the proactive protection that helps make up an anti-virus—they also search for abnormal operations.

Despite the various algorithms implemented by different vendors in each of their products, the general principles upon which the anti-fraud system operates remain unchanged. Above all, it is the search for anomalies (unusual events, actions, accounting entries) in frequent operations with a large array of data.

#drweb

Over 85% of an employee’s actions are circularly repeated every day

http://www.securitylab.ru/blog/personal/Informacionnaya_bezopasnost_v_detalyah/339929.php

So, here are three conclusions.

First: the key feature of this system is its training ability. An anti-fraud installed in a bank collects operating statistics related to a selected client—the time operations typically occur, typical amounts, typical addresses, etc.—and on the basis of this data, it builds behavioral models of selected clients of the bank.

Second: in connection with the presence of the behavioral models mentioned above, an anti-fraud successfully prevents the data of corporate clients from being leaked. But it does not work so well when it comes to individuals: there are too few operations to be able to determine which of them is abnormal. As a result, the percentage of money refunded to individuals is critically low.

Third and most important: put your trust in the anti-fraud, but stay on guard. For example, anti-fraud systems can notify a bank’s clients about suspicious transactions. But criminals can intercept those notifications.

Social-engineering techniques facilitate the vast majority of money thefts (over 90%) occurring via remote service channels. No special tools are required: victims transfer money themselves or give their bank card information, checking information, etc. to criminals.

http://www.securitylab.ru/blog/personal/Informacionnaya_bezopasnost_v_detalyah/339929.php

Since anti-fraud systems for individuals do not operate the way we expect, banks supplement them with various restrictions related to:

  • the number of purchases made with one card or by one customer for a specific period of time;
  • the maximum amount for a one-time purchase made with one card or by one customer for a specific period of time;
  • the number of bank cards used by a single user in a specific period of time;
  • the number of clients who use a specific card;
  • the purchase history by bank card and by user (so-called “blacklists” or “whitelists”)

http://www.securitylab.ru/blog/personal/Informacionnaya_bezopasnost_v_detalyah/339929.php

But let’s return to anti-fraud operation algorithms.

On the basis of the analysis, the following “labels” are assigned to transaction processing methods:

  • “Green” — marks transactions with a low probability that a fraudulent operation has occurred.
  • “Yellow” — marks transactions with an above-normal probability that a fraudulent operation has occurred, denoting that this transaction requires more attention.
  • “Red” — marks transactions that are most likely to be fraudulent, and such transactions require documents confirming that the person is the holder of the bank card.

#drweb

http://www.securitylab.ru/blog/personal/Informacionnaya_bezopasnost_v_detalyah/339929.php

The main signs of fraudulent payments:

  • one card — many IP addresses, and the opposite: one IP address and many bank cards;
  • one card — many purchases/unsuccessful attempts;
  • one client — many cards (especially, when they are issued by different banks);
  • one client — many postal codes, email addresses;
  • the client name does not match the name of the account owner on the merchant’s website (if any);
  • the country of the client does not match the country of the account owner on the merchant’s website (if any);
  • a payment is made at night (client’s local time).

https://habrahabr.ru/post/253731/

Read more about anti-fraud systems (or even try to create one of your own) here: https://habrahabr.ru/post/254037 и https://habrahabr.ru/post/254683

We have considered only some of the anti-fraud’s features; it can identify many more fraudulent transactions.

#technologies #online_banking #security

Dr.Web recommends

An anti-fraud is an effective solution, but it is not invincible. Therefore:

  • don’t let strangers and children get hold of your bank card,
  • don’t use your bank card to withdraw money, and don’t pay with it in suspicious places,
  • if you engage in online banking, be sure to use an anti-virus, and update it every time you are getting ready to do online banking.

Rate this issue and receive Dr.Weblings! (1 vote = 1 Dr.Webling)

Sign in and get 10 Dr.Weblings for sharing the link to this issue via social media.

[Twitter]

Unfortunately, due to Facebook's technical limitations, Dr.Weblings cannot be awarded. However, you can share this link with your friends for free.

Tell us what you think

Leave your comment on the day of publication and get 10 Dr.Weblings, or get 1 Dr.Webling for a comment posted any other day. Comments are published automatically and are reviewed by a moderator. Rules for leaving comments about Doctor Web news items.

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.

Comments