These days more than ever, protecting your members against fraud is a major challenge. Between the pandemic hurriedly forcing all transactions online and the pressure for financial institutions to undergo a full “digital transformation” (whether or not they and their customers are prepared), banks and credit unions have experienced a sharp increase in fraudulent activity, according to the annual True Cost of Fraud report from Lexis Nexis.
Unfortunately, fraudsters tend to digitally evolve faster than their target organizations, leaving FIs and their members vulnerable to an ever-changing slew of aggressive and increasingly complex schemes. So what’s a bank or credit union to do to protect their institution against these bad actors? We spoke with Justin Davis, CFE of Point Predictive about what makes for a strong anti-fraud strategy, and put Project Finance to the test. To view the full interview in which we discuss fraud in the credit union space, click here.
According to Davis, a layered digital strategy is essential. This comes down to a strong KYC (Know Your Customer) approach in three key touch points of the customer journey: onboarding/ application, authentication and transaction. Let’s dig in:
1. How does Project Finance identify who we (and our bank or credit union partners) are doing business with?
At account origination, it’s essential that the FI partners with an onboarding vendor that takes fraud seriously. With these vendors, banks and credit unions can implement a number of tactics in these crucial beginning stages, including various identity features, device recognition and ACH verification to ensure account funding is secure.
While OTP (one-time passcode) / MFA (multi-factor authentication) is certainly critical to detect fraudulent activity at login, Project Finance has partnered with TransUnion to investigate the identity of the user even before OTP is triggered. At login, Project Finance sends TransUnion a series of metadata about the user and device (IP address, device type, etc.); TransUnion then responds with a risk score based on geolocation anomalies, data inconsistencies, and other signals. If the risk score returned by TransUnion indicates that we do not recognize this specific user/ device combination, for example, the platform will either deny or flag for review. If the user passes the initial TransUnion review, they then complete OTP.
OTP is also an important tool in preventing account takeover, or ATO, as we know fraudsters will attempt to take over an account by obtaining login credentials through these reset flows. As a result, these processes require information beyond just the customer’s email, and OTP is mandated.
2. How does Project Finance determine if the person logging on is the person with whom we and our FI partners originally contracted?
To ensure the user is indeed the true owner of the account, Project Finance has partnered with Verafin to evaluate whether the user’s behavior is consistent with their previous history. Through machine learning and artificial intelligence, Verafin detects a wide range of suspicious online account activity, including abnormal access times and usage patterns, login failures, login from unusual IP addresses, ISPs, browsers and more. To ensure members and FIs are protected at the transaction level, Project Finance sends Verafin all transaction data in real time for review.
With most providers, this is typically a batch upload process that results in a delay from the time of detection to the fraudulent behavior being reported. Project Finance is the first digital banking provider to have a direct API integration with Verafin that allows for suspicious activity to be flagged immediately, saving our FI partners valuable time, resources and money down the road.
3. What other measures does Project Finance take to prevent or mitigate the impact of fraud?
For more content from our fraud series, make sure to check out the following, or email us at firstname.lastname@example.org to learn more:
- Interview with Justin Davis, CFE of Point Predictive (video)
- Fraud Terminology (resource)
- TransUnion Weighs in on Credit Unions’ Battle Against Fraud