fraud team analyst overwhelmed by false positives

Online banking fraud has become a massive industry for cybercriminals because it’s a low-risk, high-reward endeavor. Fraud teams at banks and other financial institutions are overwhelmed by the sheer number of fraud alerts they receive. It’s a situation only made worse by the volume of false positives and negatives that arise from traditional anti-fraud solutions. A new approach is urgently needed to save fraud teams time and money.

Reducing False Positives and Negatives for Fraud Teams

One of the leading causes of high fraud operational costs – and a key burden for fraud teams – is dealing with numerous false negatives and false positives. When inundated with fraud alerts, analysts must prioritize them based on their risk level. This process is naturally time-consuming since analysts must first determine which threats to escalate and what actions to take against these threats.

Examples of False Positive and False Negative Alerts for Account TakeOver Fraud

False positive and negative alerts occur for several reasons. One example is an account takeover (ATO) perpetrated by a friend or family member. For example, let’s say Robert logs into his grandfather’s online bank account to help him check his bank balance. Because Robert used his own device to perform the balance check, the anti-fraud system flags the transaction as a possible fraud. This is despite no malicious activity occurring.

On the other hand, let’s say Ollie has less honorable intentions when he commandeers his grandmother’s smartphone. Ollie logs into his grandmother’s bank account and uses her payment card to make expensive purchases, such as shoes, jewelry, electronics, and more. He has them delivered to his grandparent’s address. In this case, since the items were paid for with the grandmother’s card and delivered to her address, a false negative occurs, and the transaction is approved. Ollie’s grandmother doesn’t realize her card was used to pay for the expensive items until it’s too late.

Fraud teams are often overwhelmed with alerts from family fraud circumstances. For example, recent data found 17% of family fraud victims had their personal information used to open a checking account. Meanwhile, 15% said their personally identifiable information (PII) was used to open a new credit card. This means fraud teams will lose time and resources investigating each type of family fraud circumstance.

Financial institutions need to invest in a solution that treats anomalies detected when friends or family are helping account owners as low risk – and when others are taking advantage of their loved ones. This avoids the friction caused by false positives and frees up fraud analysts to focus on high-risk threats.

Banks Should Analyze Individuals, not Cohorts

Another reason for the high volume of false positives and negatives is how traditional online fraud prevention methods approach looking for bad actors. Typical approaches group users into “clusters” of good or bad actors.

This type of profiling requires fraud prevention solutions to comb through massive databases containing millions of bad or good actor attributes to find a match. This process can also classify many new users as unclassified – neither good nor bad. And it is unclassified bad actors who are responsible for the majority of online fraud. 

Instead of using this profiling approach, banks need a new way to analyze users that examines each user on an individual, more granular level, including analyzing their current behavior compared with their past behavior. 

This approach analyzes the risk of every user interaction by continuously examining their behavior combined with device and network assessments and allows financial institutions to build “cyber profiles” for every user. These cyber profiles act like digital fingerprints using continuous behavioral biometric analysis to evolve with time and operate “behind the scenes” without disrupting the user experience. 

Focusing on recognizing each individual user and forming a digital profile greatly reduces the number of false positives and negatives. This approach dramatically reduces fraud losses and the costs of online fraud prevention operations. It also reduces the burden on fraud teams.

Automating Fraud Response

Fraud teams are better served with tools that allow them to be proactive instead of relying on just detection and alerting processes. The most efficient way to prevent fraud losses is to allow fraud teams to configure automated responses that prevent attacks and block known bad actors. This minimizes analysts’ workloads and stops fraud.

More importantly, fraud teams can adjust the level of response depending on the risk, maintaining complete control over the online fraud prevention process.

For example, a team could configure lower-risk fraud alerts to achieve an automatic step-up in authentication, such as sending an OTP to the user’s phone.

Financial institutions can implement a proactive mindset to prevent fraud through a strategy centered around active defense, which takes the pressure off fraud teams. In cybersecurity, “active defense” refers to deploying actions that make it more complex and costly for cyber adversaries to attack.

These actions confuse attackers with traps and advanced forensics. They often provide an automated incident response to increase the work required for the attackers and decrease the work for the defenders.

Using an Active Defense to fight online fraud is a game-changer. Automating the handling of most types of alerts can automatically and proactively prevent fraud losses, allowing fraud teams to focus on the more complicated and most crucial investigations.

Fraudsters Automate – Banks Should Too

Fraud teams at banks and financial institutions often feel as if they are stuck between a rock and a hard place. On the one hand, online fraud is ever-increasing in scope, sophistication, and frequency. On the other, fraud teams are in short supply and overworked – inundated with a constant flood of fraud alerts and notifications.

Fortunately, the modern technological advances which have helped online attackers can also benefit the defenders. With the advent of new tools specifically designed to support fraud teams, through methods such as automation, behavioral biometrics, and Know Your User, fraud analysts are now well-equipped to effectively and efficiently deal with the ever-evolving landscape of online banking and financial fraud.

If you are looking for a fraud solution that reduces the burden on your bank’s fraud teams by really getting to know your users from day one, schedule a demo with us today.