Financial institutions today are in an arms race with well-organized, technologically savvy fraudsters. These fraudsters build sophisticated malware and control vast networks of compromised computers. They use these tools for a wide range of nefarious activities, including accessing bank accounts in order to steal money.

Banks across the globe lose large sums to fraudsters like this each year. In addition to direct financial loss, they may suffer costly reputational damage and customer attrition as a result of the fraud.

How to Prevent Fraud

Fortunately, there are steps banks can take to help harden their virtual front doors against this type of attack. First, they can implement robust access control policies that assess the risk of each user session and require the appropriate level of authentication based on that level of risk. For example, a user accessing an account from a new browser in an unusual location can be asked to provide a stronger form of authentication.

Conversely, a user checking an account balance from a known device might not have to authenticate further until later in the session when initiating a funds transfer. With this kind of risk-based access system, banks can keep criminals out without introducing unnecessary hassles for their customers.

Second, banks can deploy fraud protection technology. These solutions leverage research into the latest malware and fraud techniques to help detect fraud patterns through Web and mobile channels in real time. Once fraud is detected, the bank can take action to prevent the losses and reputational damage that result from the activity.

Finally, banks need a way for their antifraud teams to monitor which customers have fallen victim to fraud. With proper monitoring that consolidates inputs from across systems, a bank can alert affected customers and help them take steps to remove the source of the fraudulent activity on their accounts.

Integrating Identity and Access Management Tools

Each of these components adds value individually. However, integration across access control, fraud protection and monitoring solutions unlocks far greater total value. Integration allows the access management system to act as a fraud protection gateway. Indicators of fraudulent activity can be used as context to adjust the risk of a particular user session.

If suspicious activity is detected, a risk-based access management platform can then require stronger authentication — a one-time password, for example — or disable certain functions entirely, such as adding a new payment receiver to the account. At the same time, a monitoring system can integrate information from both the access management and fraud prevention solutions so that fraud analysts can get a complete picture of the user and the suspicious activity before contacting the affected customers.

Read the white paper: Accelerating growth and digital adoption with seamless identity trust

More from Banking & Finance

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today