The ongoing COVID-19 pandemic and its associated social distancing and stay-at-home orders have pushed untold services online for easier consumer access, with banking serving as a prime example. PYMNTS’ recent Leveraging The Digital Banking Shift Report found that 46 percent of bank customers have used digital banking services more often than before the pandemic began, with 74 percent of recent online users planning to stick with these services once the pandemic has ended.
This surge in digital activity opens vast new opportunities for fraudsters, however. Without in-person interactions with bank staff, account takeovers (ATOs) and customer impersonations are much easier for fraudsters to accomplish. One of the key ways in which banks can counter this threat is through ironclad authentication processes, according to Sameer Shetty, head of digital banking at the Mumbai, India-based Axis Bank.
“The major cybersecurity issues that will continue to increase as digital becomes more prominent is fraudsters managing to get control of customers’ accounts,” he said. “We’ll see more and more [of this] action as digital [banking] progresses.”
Shetty recently offered PYMNTS insights into the financial crime threats that banks like Axis face on a regular basis and how video authentication and AI can significantly reduce the scope of these hazards.
Fraud Threats To Digital Banking
ATOs are among the biggest threats that digital banking regularly confronts, according to Shetty. These attacks involve hackers gaining access to bank customers’ accounts and doing as they please with them, whether transferring funds to the hackers’ own accounts or pilfering personal data like passwords or U.S. Social Security numbers.
“[ATOs mostly] happen through social engineering,” he said. “[Fraudsters] will call up customers pretending to be bank employees and ask the customers to share their passwords, debit card details, PINs, et cetera. And then they’ll take that [information] and use the accounts.”
Another threat is identity fraud, in which bad actors will either steal an individual’s identity or forge a new one, and then use it to open new accounts or apply for fraudulent loans they have no intention of paying back. Identity fraud accounted for $16.9 billion in losses in 2019, according to a recent study, although it has declined from $20 billion in 2013.
A major factor in this decline has been the rise of improved authentication and security systems at banks like Axis. Shetty even stated that Axis has had no digital banking identity fraud incidents, thanks to a multilayered defense system that incorporates video customer authentication and artificial intelligence (AI).
Leveraging Video-based Onboarding, AI To Prevent Identity Fraud
One of the most important steps in preventing ATOs and identity fraud, according to Shetty, is an ironclad authentication process at the point of entry. Axis Bank harnesses a video-based account opening system that allows customers to open their accounts without visiting a bank branch, a feature that has come in handy, especially as the COVID-19 pandemic makes such visits risky.
“Last quarter, more than 75 percent of our deposits were conducted fully digitally, as well as 40 [percent] to 50 percent of our loans and credit cards,” said Shetty.
Axis’ onboarding system cross-references customers’ identifying information with India’s national identification number system, the world’s largest biometric identity program. Axis verifies that the number the customer presents is the same as what they have in the national database in order to confirm their identity.
“It’s like the Social Security number in the U.S.,” Shetty explained. “Customers provide their national identity number and their tax number as well, and then there is a video call. That process takes between seven and 10 minutes, and at the end of this process, they are onboarded onto the bank, and then can open a savings account.”
This system is augmented with a facial recognition system that compares the applicant’s face with the one on file on government servers. Any mismatch between the number and the biometric system is a surefire indicator of identity fraud.
“When you’re doing your onboarding, an AI algorithm [conducts] a face match between your real-life face and the picture that has come from the central authority,” Shetty said. “It’s very difficult to do an impersonation unless you can find a way to kind of change the photograph in the central database itself.”
This instant verification system has made synthetic identity fraud nearly impossible, as the instant cross-referencing with government databases means that any made-up identification number will be discovered immediately.
This does not mean that just one layer of security is sufficient for fraud prevention, however. The onboarding system is supplemented by an AI platform that looks for signs of account takeovers, like mismatched location data or unusual transactions.
“Say you are a customer of ours, and you’ve been doing transactions [that] are less than a hundred dollars,” Shetty said. “Suddenly one day you do a transaction worth $5,000. That transaction will likely get screened by the system, and then somebody will call you to check if genuinely you have done this.”
Either of these systems individually could have weak points, as fraudsters are constantly innovating and looking for new ways to circumvent crime prevention measures. Banks that deploy multilayered systems in tandem, however, can present such a hard target that fraudsters may steer clear in favor of easier prey altogether.