Andras is a Vice President and Principal Analyst serving Security & Risk Professionals for Forrester Research. He is a leading expert on identity management, access management, user account provisioning, entitlement management, federation, privileged identity management, and role design and management.
See his full bio here: https://www.forrester.com/Andras-Cser
Question 1: What are the components of an ideal fraud management architecture?
There are a few main components that comprise fraud management architecture. Without a doubt you’ll need identity verification which is to ensure that the approaching user is who they claim to be. Even if properly identified, a user can still be fraudulent so you’ll require web fraud management/risk-based authentication to detect any unusual activity (e.g. implausible velocity of activity) at the time of login. Once they’re “in-the-door”, you’ll require transactional monitoring to understand the content of their transactions and risk score them. And perhaps last but not least, behavioral biometrics (understanding screen pointer movement, typing speed, etc.) will also be very helpful to augment fraud management. Taken together, there is infrastructure needed at each step.
Question 2: What infrastructure challenges do you tend to see for enterprises (e.g., financial services, banks, payment providers) that need to combat fraud and manage risk?
We see financial institutions (FIs) encounter a combination of challenges. First on that list is lack of resources as it is increasingly hard to hire investigative and data scientists with the skill sets and experience needed for the industry. The next challenge is dealing with the complexity of all the tools, rules, and algorithms that are needed for fraud management. Understanding and managing interaction between them is getting harder and harder. Data integration between fraud management tools and transactional databases is needed for the fraud tools to work effectively, but this integration poses a significant challenge. While it is easier now than it was a few years ago, getting transactional data into the fraud management solution is still hard because of discrepancies between database schemas and the speed of transactional data.
Question 3: Given an ideal fraud management architecture and the challenges posed to financial services, banking, and payment providers, what recommendations would you make to them?
Organizations should set operational guidelines and requirements and be determined to catch at least as much fraud as before as rates of fraud are accelerating. They should test any new fraud management solution in parallel with any existing process or tool and see the differences in detection rates and false positives. And lastly, they should ensure they understand any and all risk-scoring algorithms, and learn how to tune them in six months, or ideally much, much less time.
Question 4: At a conceptual level, given the amount and sophistication of fraud, what should firms be employing to combat it?
Conceptually, risk management and risk scoring hinge on the accuracy, tunability, and throughput of the risk-scoring algorithm. FIs can only get optimal results if they use rule-based risk scoring to provide tactical solutions to any flash fraud activity (e.g. a transaction from a certain ZIP code should have a high risk score). FIs should also employ both supervised and unsupervised machine-learning algorithms. It’s important to understand the reason codes for why a transaction was deemed to be risky and be able to convey to customers in case of a dispute or audit finding.
Question 5: What role does the database play?
Databases allow end user organizations to use consortium information (whitelists, blacklists, etc.) in a straightforward, low-cost manner. Databases also allow organizations to rethink their data governance and protection policies by encrypting and otherwise protecting personally identifiable information in the solution. They also provide high availability for the fraud management solution by relying on database replication and backup and disaster recovery schemes.
To learn even more, hear Andras in our webinar: