Financial institutions want to simplify a customer's online experience with an emphasis on ease-of-use. After all, the easier it is to make deposits and transfer money, the more satisfied customers are with their ability to manage their accounts 24/7 .
On the surface, this would appear to be a win-win situation. And in many ways, it is. However, in a recent American Banker article, “Rise in Digital Banking Heightens Fraud Risk, Bankers Say,” making it easier to bank online has its downsides.
According to Aaron Glover, senior analyst for fraud risk management at SunTrust Banks in Atlanta, meeting customers’ banking demands can potentially expose their networks to more cyberattacks.
"In the banking industry, we compete on how easy it is for new customers to find us and make deposits with us, to switch from their previous financial institution to our bank. By making it easier for our customers, we may be inadvertently making it easier for fraudsters."
The problem with making it easier to bank online is it can give criminals a better understanding of their environment. Knowing the various methods that financial institutions and other online businesses use to identify customers and determine the risk of the transaction -- such as asking personally identifiable questions (PII) -- allows crooks to analyze and dissect the authentication process.
A good analogy is a blueprint. Studying a blueprint of a building, for example, provides critical information about a building's infrastructure, including any potential gaps or vulnerabilities within the structure. Knowing a network’s every point of access, and what security tools they use to authenticate users would work the same way, and would be extremely valuable information for fraudsters.
When cybercriminals have knowledge about a bank’s security practices, they can work on ways to defeat those solutions, particularly if those tools rely on PII to identify customers. That's why using device reputation technology as another line of defense is so critical to fraud prevention. This technology doesn't rely on PII to identifty high risk transactions.
Device reputation technology automatically analyzes every device the moment a user tries to access a website. Leveraging real time device intelligence enables fraud management teams to instantly act on information based on their own unique business rules. It also reduces fraud rates and pulls false positives from review queues to save valuable time and improve overall efficiency. Best of all, doing this behind the scenes gives financial institutions the upper hand on fraud, and simplifies the authentication process for a better, more secure customer experience.