At the recent FIS International Client Conference in Vienna, I spoke in two sessions, one on cybersecurity analytics and the other fraud analytics. Interestingly, there were notable differences between the two conversations.
At the cybersecurity session, it was clear that many banks now view cybersecurity not as an IT function, but rather as a financial risk (like fraud) that rolls up to the CRO. I reviewed several FICO streaming analytics technologies, which work together to monitor the network for early signs of hacker or malware reconnaissance. These analytics include transaction profiles of client and server IPs that monitor FLOWS, DNS, DHCP and Websecurity events, as well as FICO’s multi-layered self-calibrating analytic models and adaptive models that produce a score from 1-999 to rank-order cybersecurity threats.
Many in the cybersecurity session were unaware that the fraud sides of their businesses had been using FICO’s real-time self-learning analytics for years. They were still a long way from using such advanced analytics in the cyber domain, where signature-based rules and firewalls are the main technologies used to try to build walls around the organization. It was clear that these walls are riddled with holes, and particularly vulnerable to sophisticated targeted attacks, such as spear-phishing of key executives.
Today’s the cybersecurity area reminds me of the credit fraud space in the late 1980s and early 1990s. At that time, banks used rules-based technology, as well as swarms of analysts who struggled with huge numbers of false positives/alarms that prevented them from addressing true fraud cases. Those in the audience responsible for cybersecurity were worried, and they should be.
By contrast, the fraud session was relatively calm. The majority of banks have had success controlling fraud with analytic solutions such as FICO® Falcon® Fraud Manager. And they are looking with delight at the US moving to chip and signature cards as a way to stem the cross-border fraud caused by the continued use of magnetic stripe technology in the US.
I emphasized that with these changes, issuers should expect new threats. Fraud will shift – to other countries that continue to utilize magnetic stripe, to increased card-not-present (CNP) fraud, to first-party fraud, or perhaps away from cards and much more heavily into the retail banking space, attacking customers’ bank accounts. Fraudsters will attack the easiest channels, and they won’t give up, so I asked the fraud managers in the room to hold onto their hats. Fraudsters are well aware of the shift to chip & signature in the US, and you better believe they have their backup fraud channels – likely fueled by all the personally identifiable information (PII) breaches of late.
So while cybersecurity chiefs are dealing with an out-of-control problem, change in the form of analytic solutions should soon make their lives easier. Fraud chiefs are also looking forward to something positive in terms of EMV shifts, but should evaluate whether all financial channels are protected as well as their payment cards are with analytics.
It’s no wonder there’s a convergence of responsibilities between the cybersecurity, fraud and IT teams that previously fought separate battles in separate ways. The links between these areas are more evident than ever, with one fueling another. Analytic technologies are converging too in the battle of cybersecurity/fraud, with a bumpy road ahead for banks. Hang onto your hat!
Scott Zoldi is a Vice President of Analytic Science at FICO responsible for the analytic development of FICO’s transaction analytics products and solutions, including the FICO® Falcon® Fraud Manager product which protects about two thirds of the world’s payment card transactions from fraud.