How Risk Analytics and Adaptive Authentication Help Prevent Account Takeover Fraud: Experience a Real-world Scenario

David Gaudio,

Since 2013, 14.7 billion data records have been breached by cybercriminals. Those records are now available for sale on the Dark Web. This has resulted in greater numbers of credential stuffing attacks in which criminals use automated software to test acquired credentials against hundreds of thousands of online properties in the hopes of finding a match.

Financial institutions (FIs) need a combination of sophisticated risk analytics and adaptive authentication to more effectively combat these threats. Risk analytics solutions typically use AI and machine learning to analyze a vast quantity of data in real time. This analysis enables FIs to generate a high-fidelity risk score for each individual transaction. Once a risk score is calculated, pre-determined workflows such as step-up authentication can be triggered to immediately respond to high-risk transactions.

During an account takeover attack, in which a cybercriminal has gained entry into a user’s bank account, risk analytics can identify the aberrant behavior with a high risk score, and trigger a step-up authentication to stop the attack before damage is done. The scenario below illustrates the plausible steps in such an attack and how risk analytics and adaptive authentication would help to prevent this from happening.

The Scenario: New Activity vs Past Behavior

To demonstrate how risk analytics and adaptive authentication technologies work together to provide a stronger defense against fraud, we will take a common real-life scenario and see how OneSpan’s Intelligent Adaptive Authentication solution responds to high-risk behavior.

Two years ago, Jon opened a new savings account at his preferred financial institution. Since then, he has logged into the online banking portal once a quarter and makes a consistent deposit amount each time. Thus far, he has not used the account to make any fund transfers or withdrawals.

This is all relevant information, because OneSpan Risk Analytics has been building a profile for the account based on Jon’s behavior. By doing so, the risk engine has determined what would be considered Jon’s “average” or baseline behavior.

When new activity deviates from this behavior, Risk Analytics can immediate recognize something has changed and respond accordingly. Using machine learning, Risk Analytics can assess, in real time, any suspicious activity that could indicate an account takeover attack or fraud attempt.

Risk Scoring and New Activity

One day, the Risk Analytics notices that Jon has logged into his account and wants to conduct an external wire transfer.

While this is new activity for the account, a wire transfer is a normal digital service offered through the online banking portal. Jon provides an electronic signature using click-to-sign functionality to authorize the transaction to proceed. However, Jon designates to wire $10,000 to an account number that Risk Analytics does not recognize.

While this could be a genuine action from Jon, it is also a high-risk transaction that could be indicative of an account takeover. Risk Analytics analyzes the behavior to generate a risk score. Once determined, Risk Analytics triggers a pre-determined workflow, based on the risk score, that automatically requires a step-up authentication action. The elevated authentication challenge could take the form of a one-time password (OTP), fingerprint, facial scan, or another biometric authentication method. In this particular scenario, Jon is asked to scan a colored cryptogram code using his smartphone, which in turn prompts a biometric facial recognition request.

If it truly is Jon, then he would be able to satisfy the facial authentication requirement and verify his identity. This would allow the wire transfer to process normally.

However, if our suspicions are correct and this is a fraudster who has hijacked Jon’s account, the fraudster will be unable to complete the new authentication requirement. If this is the case, OneSpan’s Intelligent Adaptive Authentication solution will not allow the external wire transfer and the fraudster will be forced to abandon their attempt.

Balancing Digital Fraud and Customer Experience

Recognizing fraud and stepping in to stop it is only one half of the equation. Financial institutions must be able to fight fraud while still delivering an exceptional customer experience. That is truly what makes AI and machine learning so powerful. By leveraging this technology, financial institutions can generate faster, more accurate risk scores, and apply the precise level of security only on the risker transactions that warrant increased scrutiny. By doing so, banks can reduce the number of fraudulent transactions or level of false positives associated with risker transactions, while allowing customers to fulfill their banking needs with minimal friction. This scenario illustrates how convenient a customer experience can be, while ensuring security for each and every transaction in the digital customer journey.

Adaptive Authentication

Adaptive Authentication: Superior User Experience and Growth through Intelligent Security

Download this paper and achieve the twin goals of reducing fraud and delighting the customer.

Download Now

David Gaudio is the Senior Content Writer for all things security and e-signature at OneSpan with nearly ten years’ experience in digital marketing and content creation. David earned his BA in Publishing and Creative Writing and has since worn almost every hat in the digital marketing closet.