Group-IB offers a solution to prevent crimes with early fraud detection
Group-IB, an international company specializing in preventing cyberattacks, introduces Fraud Protection to the international market. Secure Bank is a product catered to financial institutions that aims to prevent client-side fraud and attacks across sessions, platforms, devices, channels, and entities. Fraud Protection leverages Group-IB’s experience in threat intelligence, signature, behavioral, and cross-channel analytics to detect threats invisible to traditional transactional anti-fraud-systems.
Financial services had the highest annualized cost of cybercrime in 2017 at $18.28M. The average cost of cybersecurity incidents involving online banking services accounts is $1.75M. Banks will likely continue as a primary target for cybercriminals, therefore, banking institutions must focus efforts on detecting blended attacks that combine phishing, malware, and fraud across multiple channels.
Group-IB’s Fraud Protection is equipped with a full stack of anti-fraud technologies which protects banks and its customers across all layers while identifying fraud at the preparation stage. Complementing other anti-fraud systems, Fraud Protection can block thefts in real time and detect attacker’s logins, social engineering scams, botnets, money laundering, and the possible infection or compromise of a user’s device.
Data intelligence and behavior analysis
Extensive expertise in computer forensics, threat intelligence, and detection enables Group-IB to aggregate a broad spectrum of data: «smart» behavior analytics, anomaly detection data, daily updates of rules and signatures, as well as 100,000+ threat actor profiles. This allows banks to be on alert for new attacks and fraud schemes unknown to any other anti-fraud systems.
Fraud Protection continuously processes 9.5 mln sessions a day. This is accomplished by analyzing and comparing the typical actions of both real users and those of fraudsters during the sessions. By using a number of bio-chronometrics parameters (velocity and navigation, mouse movements, keystrokes, typing cadence, delays, etc.), Secure Bank uses behavioral analytics to identify if a legitimate user or fraudster is logged in, reducing false positives by 79%.
Smart analysis for cross-banking fraud and end-user attack prevention
Group-IB developers particularly focused on protection against Android Trojans. The number of thefts involving this type of Trojan has been increasing constantly and will continue to grow in 2018. Fraud Protection extends the range of analyzed channels to mobile devices in order to protect bank payments on smartphones, tablets, and other iOS and Android devices. Secure Bank’s unique adaptive logic makes it possible to correlate users’ behavior on their devices as they interact with their bank through various channels, as well as their behavior across different banks to prevent cross-banking fraud. Machine learning algorithms and advanced rule engines allow the system to detect unusual or suspicious activity initiated by a criminal impersonating a real user.
With recent regulatory initiatives such as Payment Service Directive [PSD2], which creates new points of interaction between banks and fintech services, cross-channel analysis and entity linking become crucial for financial institutions.
The Fraud Protection module can either be loaded alongside bank pages on the end-client’s device or as an SDK in mobile banking applications. While traditional anti-fraud systems analyze transactions, they do not have the ability to detect possible malware infections on the user’s device nor any suspicious activities which could have taken place on the device before the transactions occurred.
Group-IB’s Fraud Protection is already trusted by Russia’s leading banks and e-commerce portals. For instance, it is used to protect tens of millions of users, both private individuals and legal entities, of Sberbank Online and Sberbank Business Online. Secure Bank has also been tested by several European banks.
Fraud Protection enables a bank to ensure the highest standards of customer protection possible by detecting fraud before it actually takes place. It significantly enhances the security of banking transactions, both for individuals and legal entities. We have created a „smart“ product that incorporates unique Group-IB technologies, such as an extra system of identification for customer devices (device fingerprinting), a number of patented methods of detecting remote connections, and in-house methods of machine learning. Fraud Protection is already used commercially by several banks to prevent client-side fraud and attacks across sessions, platforms, and devices.
Head of Fraud Protection / Fraud Protection