Group-IB introduces Fraud Protection — intelligence-driven solutions for smart anti-fraud protection on a global market

Group-IB offers a solution to prevent crimes with early fraud detection

Group-IB, an international company specializing in preventing cyberattacks, introduces Fraud Protection to the international market. Secure Bank is a product catered to financial institutions that aims to prevent client-side fraud and attacks across sessions, platforms, devices, channels, and entities. Fraud Protection leverages Group-IB’s experience in threat intelligence, signature, behavioral, and cross-channel analytics to detect threats invisible to traditional transactional anti-fraud-systems.

Financial services had the highest annualized cost of cybercrime in 2017 at $18.28M. The average cost of cybersecurity incidents involving online banking services accounts is $1.75M. Banks will likely continue as a primary target for cybercriminals, therefore, banking institutions must focus efforts on detecting blended attacks that combine phishing, malware, and fraud across multiple channels.

Group-IB’s Fraud Protection is equipped with a full stack of anti-fraud technologies which protects banks and its customers across all layers while identifying fraud at the preparation stage. Complementing other anti-fraud systems, Fraud Protection can block thefts in real time and detect attacker’s logins, social engineering scams, botnets, money laundering, and the possible infection or compromise of a user’s device.

Data intelligence and behavior analysis

Extensive expertise in computer forensics, threat intelligence, and detection enables Group-IB to aggregate a broad spectrum of data: «smart» behavior analytics, anomaly detection data, daily updates of rules and signatures, as well as 100,000+ threat actor profiles. This allows banks to be on alert for new attacks and fraud schemes unknown to any other anti-fraud systems.

Fraud Protection continuously processes 9.5 mln sessions a day. This is accomplished by analyzing and comparing the typical actions of both real users and those of fraudsters during the sessions. By using a number of bio-chronometrics parameters (velocity and navigation, mouse movements, keystrokes, typing cadence, delays, etc.), Secure Bank uses behavioral analytics to identify if a legitimate user or fraudster is logged in, reducing false positives by 79%.

Smart analysis for cross-banking fraud and end-user attack prevention

Group-IB developers particularly focused on protection against Android Trojans. The number of thefts involving this type of Trojan has been increasing constantly and will continue to grow in 2018. Fraud Protection extends the range of analyzed channels to mobile devices in order to protect bank payments on smartphones, tablets, and other iOS and Android devices. Secure Bank’s unique adaptive logic makes it possible to correlate users’ behavior on their devices as they interact with their bank through various channels, as well as their behavior across different banks to prevent cross-banking fraud. Machine learning algorithms and advanced rule engines allow the system to detect unusual or suspicious activity initiated by a criminal impersonating a real user.

With recent regulatory initiatives such as Payment Service Directive [PSD2], which creates new points of interaction between banks and fintech services, cross-channel analysis and entity linking become crucial for financial institutions.

The Fraud Protection module can either be loaded alongside bank pages on the end-client’s device or as an SDK in mobile banking applications. While traditional anti-fraud systems analyze transactions, they do not have the ability to detect possible malware infections on the user’s device nor any suspicious activities which could have taken place on the device before the transactions occurred.

Group-IB’s Fraud Protection is already trusted by Russia’s leading banks and e-commerce portals. For instance, it is used to protect tens of millions of users, both private individuals and legal entities, of Sberbank Online and Sberbank Business Online. Secure Bank has also been tested by several European banks.

Fraud Protection enables a bank to ensure the highest standards of customer protection possible by detecting fraud before it actually takes place. It significantly enhances the security of banking transactions, both for individuals and legal entities. We have created a „smart“ product that incorporates unique Group-IB technologies, such as an extra system of identification for customer devices (device fingerprinting), a number of patented methods of detecting remote connections, and in-house methods of machine learning. Fraud Protection is already used commercially by several banks to prevent client-side fraud and attacks across sessions, platforms, and devices.

Pavel Krylov
Pavel Krylov

Head of Fraud Protection / Fraud Protection

About Group-IB

Group-IB, with its headquarters in Singapore, is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property. The company’s Threat Intelligence and Research Centers are located in the Middle East (Dubai), the Asia-Pacific (Singapore), and Europe (Amsterdam).

Group-IB’s Unified Risk Platform is an ecosystem of solutions that understands each organization’s threat profile and tailors defenses against them in real-time from a single interface. The Unified Risk Platform provides complete coverage of the cyber response chain. Group-IB’s products and services consolidated in Group-IB’s Unified Risk Platform include Group-IB’s Threat IntelligenceManaged XDRDigital Risk ProtectionFraud ProtectionAttack Surface ManagementBusiness Email ProtectionAudit & ConsultingEducation & TrainingDigital Forensics & Incident ResponseManaged Detection & Response, and Cyber Investigations.

Group-IB’s technological leadership and R&D capabilities are built on the company’s 19 years of hands-on experience in cybercrime investigations worldwide and more than 70,000 hours of cybersecurity incident response accumulated in our leading DFIR Laboratory, High-Tech Crime Investigations Department, and round-the-clock CERT-GIB.

Group-IB is an active partner in global investigations led by international law enforcement organizations such as Europol and INTERPOL. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security, which was created to foster closer cooperation between Europol and its leading non-law enforcement partners.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to protect its clients in cyberspace every day by creating and leveraging innovative solutions and services.

Group-IB’s experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB’s mission is to fight high-tech crime while protecting our clients in cyberspace and helping them achieve their goals. To do so, we analyze cyber threats, develop our infrastructure to monitor them, respond to incidents, investigate complex high-tech crimes, and design unique technologies, solutions, and services to counteract adversaries.