The Community Effect on Security

Apr  23 
Author Picture 
Scott Domach  Vice President, Digital Channels 

Networks provide powerful weapon in fight against fraud

The networks that connect financial services and enhance speed and convenience for consumers also can do the same for fraudsters across multiple institutions. In today's market, an attack on one financial institution is an attack on all.

The examples are plentiful. For instance, Fiserv recently used a cross-institution analysis of clients to uncover a fraud ring that included more than 80 different accounts.

That goes to the heart of what financial institutions are up against every day. Fraudsters, whether sharing data or buying personally identifiable information on the dark web, have their own network to help them attack institutions. 

Safeguarding against thoseattacks has grown more complicated. Security and digital experience leaders at institutions have to maintain high levels of protection while reducing friction for consumers. Too many false positives damage the consumer experience.

On top of that, the prevalence of data breaches has scattered sensitive consumer information across the dark web, hindering the effectiveness of knowledge-based authentication. It's become far easier to create synthetic identities to get fraudsters through the digital front door.

And if an attack works once, it's a safe bet it will happen again unless institutions find ways to pool their collective knowledge and mount a unified defense. It's a strength-in-numbers response to the constantly evolving threat posed by fraudsters.

Finding Strength in the Network

Details about fraud incidents tend to spread widely only when there is a major breach at a large business or institution. Certainly, those incidents help the industry learn about new attack vectors and new ways to protect systems. 

However, just think about how much stronger financial institutions would be if they could regularly use their networks to access more granular data about multiple incidents. Information is the best armor against fraud, and the networks connecting financial institutions can effectively move that information. 

Still, acting on that knowledge requires a foundational shift from the way financial institutions have traditionally viewed their security strategy. Security, in general, is private, and institutions don't want to talk about fraud incidents for a variety of reasons, including concerns over damaging the brand. 

Reluctance to share data about attacks makes sense, but it also can create an environment of not knowing what might happen tomorrow. If institutions don't pass along information, it allows for the attacks to propagate from one institution to the next, letting others fall victim to the same fraud.

Maintaining Privacy, Strengthening Security

So how do institutions maintain their privacy while staying ahead of potential attacks? 

First, understand you're not alone in the fight against fraud. All financial institutions face the threat of fraud, including account takeovers.

The key is to find ways to help everyone get smarter in the fight against fraud. That starts with networks and community platforms that enable financial institutions to access anonymous but useful fraud incident data. 

Through those networks, institutions provide general information that identify attacks and attack vectors without revealing private account or accountholder data. As the number of network participants grows and the platform gathers more data, it becomes stronger, smarter and more able to stop attacks before they even get started.

That community effect on security can extend beyond financial institutions. Say someone bids on an auction site but never pays. The incident can be flagged anonymously through a network, arming members with knowledge of potential trouble. And if someone commits fraud but is now using a different device, there still are data-driven similarities that can be detected.

If an attack on one institution is an attack on all, then inoculating one can help protect the entire network.

The Wisdom of the Crowd

Proactive institutions that want to advance the conversation of service realize they all are trying to defend against the same thing. They also realize that financial services is ultimately a network, one that fraudsters can use for attacks and institutions can use as a powerful defense.

Security is private. But there are tools that can make you stronger than a single-point entity. And there are ways to protect consumer information and the brand while also preventing the spread of attacks from one institution to the next.

At the heart of that defense is combining the wisdom of the crowd with a system that can learn from each new piece of data. Your next-door neighbor might be your competitor and your best ally.