You don't need a gun to rob a bank any more. Now a bank
robber's most powerful weapon is a computer and an internet
connection. As internet trading increases, so does the threat of
organised and automatedfraud. No longer does the fraudster
need to be present or make a phone call to commit a
crime.
To reduce the risks, banks themselves are using more
sophisticated technologies. The Royal Bank of Scotland (RBS), for
example, has signed up to a new peer-to-peer
fraud-reduction network from
Ethoca.
Ethoca collects customer details from online merchants and
banks, such as card details, IP addresses and email addresses.
Merchants and banks cannot see details of each other's customers,
but can assess the level of risk in their transactions, say, if a
credit card fraudster is continually using the same IP address.
Banks can automate uploading data to Ethoca in real time, using
Soap and XML, from their own transaction systems. Smaller banks
and merchant can upload in batches, or ad hoc, by hand.
RBS will offer Ethoca's data-sharing service to its global list
of e-commerce customers. Merchants already using
PaymentTrust for payment or
fraud management-related services will have access to the service
through their existing integration. By expanding its
fraud-management offering, RBS expects to attract more merchants to
its growing customer base.
Andre Edelbrock, Ethoca's president and chief executive, says
that as well as reducing
fraud, the network is intended to reduce the number of
transactions abandoned needlessly because of suspicion of fraud,
and to reduce the cost of fraud management.
While Ethoca and its partners create an inter-bank and merchant
network to combat fraud, the core of fraud management is still an
internal process. For example, global bank HSBC has worked with
analytics software firm SAS to create
SAS Fraud Management, a real-time, card fraud detection
system.
Now implemented to monitor the use of 30 million cards in the
US, the system will be rolled out in the UK before the end of the
year. It is also being used by the
Halifax Bank of Scotland (HBOS).
Using SAS Fraud Management in the US, HSBC has improved fraud
detection, false positive rates and fraud case handling
efficiencies. Benefits include an 87% increase in the number of
data items processed, including card transactions and customer
information, with a corresponding reduction of 12% in the mainframe
processing overhead. This has resulted in a 53% decrease in
mainframe processing cost per data item, says HSBC.
Bart Patrick, head of risk at SAS, says the processing power
required for fraud checks has usually meant only about 25% of
transactions are checked. But with a new mathematical model
employed by SAS, 100% of transactions can be checked, he adds. The
system uses algorithms to model normal card usage per customer and
spot anomalous behaviour, helping to prevent fraud.
Derek Wylde, head of group fraud risk at HSBC, says, "Our
success with this partnership and with SAS Fraud Management helps
us keep ahead of the criminals."