Connect with us

Technology

HOW TECHNOLOGY CAN HELP DETECT AND PREVENT IDENTITY FRAUD

By Charlie Roberts, Head of Business Development, UK, Ireland & EU at IDnow

 

As technology continues to change the way people do business, the world is seeing heightened security risks. In particular, in the area of identity fraud. Current estimations suggest this type of fraud has doubled in the past year.

In 2015, damage caused by internet fraud amounted to $3 trillion worldwide. Latest predictions say it will be $6 trillion in 2021. This makes cyber fraud one of the biggest threats in our economy and the fastest growing crime. It is becoming far more profitable than the global trade of illegal drugs.

Enterprises all over the world need to focus on this cost-intensive problem. With over 1.9 billion websites and counting, there is a huge possibility for fraud to be committed – a serious problem that must be slowed down.

 

The most common identity fraud methods

Of all fraud methods, social engineering is the biggest issue for companies. It has become the most common fraud method in 2019, accounting for 73% of all attempted attacks, according to our own research. It lures unsuspecting users into providing or using their confidential data and is increasingly popular with fraudsters, being efficient and difficult to recognise.

Fraudsters trick innocent people into registering for a service using their own valid ID. The account they open is then overtaken by the fraudster and used to generate value by withdrawing money or making online transfers.

They mainly look for their victims on online portals where people search for jobs, buying – and selling things, or connecting with other people. In most of the cases, the fraudsters use fake job ads, app testing offers, cheap loan offers, or fake IT support to lure their victims. People are contacted on channels like eBay Classifieds, job search engines and Facebook.

Charlie Roberts

Fraudsters are also creating sophisticated architecture to boost the credibility of these cover stories which includes fake corporate email addresses, fake ads, and fake websites.

In addition, we are seeing more applicants being coached, either by messenger or video call, on what to say during the identity process. Specifically, they are instructed to say that they were not prompted to open the account by a third party but are doing so by choice.

 

How to fight social engineering

If organisations are to consistently stay ahead of the latest fraud methods and protect their customers, they need to have the right technology in place to be able to track fraudulent activity, react quickly and be flexible in reengineering the security system.

 

Crucially, it requires a mix of technical and ‘personal’ mechanisms. Some methods include:

  • Device binding – to make sure that only the person who can use an app – and the account behind it – is the person who is entitled to do so, the device binding feature is highly effective. From the moment a customer signs up for a service, the specific app binds with their used device (a mobile phone for example) and, as soon as another device is used, the customer needs to verify themselves again.
  • Psychological questions – to detect social engineering, even if it is well disguised, trained staff are an additional safety net that should be applied – and in addition to the standard checks at the start of the verification process. They ask a customer an advanced set of questions once an elevated risk of a social engineering attack is detected. These questions are constantly updated as new attack patterns emerge.
  • Takedown service – with every attack, organisations can learn. This means constantly checking new methods and tricks to identify websites which fraudsters are using to lure in innocent people. And, by working with an identity verification provider that has good connections to the most used web hosts and a very engaged research team, they are able to take hundreds of these websites offline.

However, social engineering isn’t the only common type of identity fraud. Organisations should be aware of fake ID fraud. Our research indicates fake IDs are available on the dark web for as little as €50 and some of them are so realistic they can often fool human passport agents. The most commonly faked documents are national ID cards, followed by passports in second place. Other documents include residence permits and driving licenses.

The quality of these fake IDs is increasing too. Where in the past fraudsters used simple colour copies of ID cards, now they are switching to more advanced, and more costly falsifications that even include holographs.

Biometric security is extremely effective at fighting this kind of fraud. It can check and detect holograms and other features like optical variable inks just by moving the ID in front of the camera. Machine learning algorithms can also be used for dynamic visual detection.

Similarity fraud is another method used by fraudsters, although it’s not as common thanks to the development of easier and more efficient ways (like social engineering). This method sees a fraudster use a genuine, stolen, government-issued ID that belongs to a person with similar facial features.

To fight similarity fraud, biometric checks and liveness checks used together are very effective – and they are much more precise and accurate than a human could ever be without the help of state-of-the-art security technology.

The biometric checks scan all the characteristics in the customer’s face and compares it to the picture on their ID card or passport. If the technology confirms all of the important features in both pictures, it hands over to the liveness check. This is a liveness detection program to verify the customer’s presence. It builds a 3D model of their face by taking different angled photos while the customer moves according to instructions.

The biometric check itself could be tricked with a photo but, in combination with the liveness check, it proves there is a real person in front of the camera.

 

Fighting back

The threat of identity fraud is not going away and, as fraudsters become more and more sophisticated, so too must technology. With the right investment in advanced technology measures, organisations will be in a much stronger position to stop fraudsters in their tracks and protect their customers from the risk of identity fraud.

 

Technology

PASSWORDS, BIOMETRICS AND BEYOND

By: Hicham Bouali, Pre-Sales Director EMEA of One Identity, a specialist in identity and access management

 

At any given moment, millions of acts of authentication are performed around the world. Most often, by entering a password. More and more, however, are performed with biometrics or with the help of a unique object, specific to the user. And it’s not only humans who authenticate themselves: machines are doing it on a massive scale, too.

 

How did it all start? And where does it lead us?

In its simplest form, authentication is about proving a user’s identity. And the easiest way to do this is, of course, to agree on a “secret” shared between the user and the machine. This is the principle on which the good old password is based on, and the technique that was implemented by the first multi-user machines installed in universities (the first microcomputers, considered as single-user, obviously did not need this).

But quickly, the password showed its limitations. What happens when it is stolen? How can we be sure it cannot be easily guessed? Why do we do when users choose weak passwords or forget them?

To overcome these limitations, a whole market of dedicated tools has developed, from the password safe (which allows to store passwords on one’s computer in a secure way) to HSMs (electronic boxes that generate highly random passwords), through SSO (connecting to different applications with a single password). Organisations started adopting these tools and developed their own policies around passwords.

As long as this remained limited to the walls of the company, it was still possible to manage a wide range of support solutions. But when the Web opened the floodgates, things became more complex: millions of users were able to access tens of thousands of online services asking for a password. Databases containing several million passwords could be stolen and identities could be usurped. And criminals were very quick at realising that, for the sake of convenience, Internet users sometimes reuse the same identifier, which accentuates the problem.

In short, the Internet has clearly shown that the reign of the password is coming to an end.

The end, really? Not exactly… Because the password still maintains two great advantage: the ease of use and its relative ease of implementation.

However, the Internet ecosystem has started to look for alternatives. With the advent of social networks, a few web giants have notably tried to propose a common authentication standard, which would allow anyone with an account on a social network to authenticate on other websited (the principle of federating identities using standards such as OAuth). It doesn’t quite solve the problem, but it does benefit ease of use.

At the same time, multi-factor authentication, which is still considered one of the most effective means of strengthening passwords, has emerged. By sending the user a very short-lived validation code (OTP : One time Password), by SMS for example, we ensure that even if the password has been stolen, the attacker will not have access to the associated phone and will therefore be unable to complete the authentication process. This worked until we realised that text messages were never designed for this, and the industry now turns almost exclusively to validation codes based on time synchronization with the server, generated on a hardware device such as RSA SecurID or a software device via a smartphone application.

Smartphone manufacturers have also (finally) managed to make biometrics authentication available and usable by anyone by introducing fingerprint and face recognition. This made it possible to equip a large part of the population with a second, truly powerful authentication factor. The password is thus still present, but solidly reinforced by biometric authentication or a single-use validation code. Progress has been made…

But in all this history, the industry has mostly adapted on a case-by-case basis, trying to overcome the weaknesses of the password. What is still missing is a true modern authentication standard that is easy to use, reliable and accessible to all. This standard could well be FIDO (Fast Identity Online), developed since 2012 by a consortium of tech giants including Amazon, Google, Facebook, Paypal, as well as Visa and Wells Fargo.

FIDO’s objective is not to make the password disappear (it is understood that it will always be useful) but to raise the other means of authentication to the same level of simplicity of deployment, in order to allow easy switching from one to the other. FIDO supports the use of passwords as well as biometrics (facial and digital), voice recognition and physical keys. Today, FIDO solutions enable strong authentication on a website or application at the touch of a button on a USB key inserted on the computer, while at the same time authenticating the service itself to protect users against phishing attacks.

Why is it so important to make all other authentication methods as easy to deploy as the password? Because during all this time, things were changing incredibly rapidly: applications were increasingly migrating to the Public Cloud, the perimeter was gradually disappearing, employees were increasingly working from unsecured networks with unsecured devices… So, it no longer makes sense to have to choose a single authentication method. Companies must be able to adapt dynamically to the authentication context (by taking into account the user’s identity in a broader risk analysis) in order to choose the right method at the right time.

The future of authentication is no longer in the methods themselves: the industry has made peace with the good old password and no longer intends to make it disappear at all costs, provided they have the choice! Rather, the future lies in the dynamic management of identities and authentication processes at the enterprise level, in a pragmatic way. Because yes, the password still has its use).

And that’s a new frontier!

Continue Reading

Finance

DIGITAL FINANCE: UNLOCKING NEW CAPITAL IN DISRUPTED MARKETS

Krishnan Raghunathan, Head of Finance & Accounting Services at WNS, explores how a digitally transformed finance department can give enterprises the ability they need to improve cash flow and revenue through better use of data and improved analytics-driven visibility.  

Businesses everywhere are scrambling to recover lost revenues and protect cash flow. But as countries globally grapple with a dreaded second wave of the pandemic, imposing far more stringent localised lockdowns and new restrictions, it is set to be the hardest winter in living memory for many sectors.

The likelihood of winter peaks, so often the saviour of sectors such as travel and hospitality, benefitting businesses is diminishing rapidly. While many have pivoted to a greater or lesser degree, few have been able to offset the impact of falling revenues on cash flow. Even retail, riding an e-commerce boom in many regions, is finding itself in choppy waters, with 17 percent of consumers switching brands due to the economic pressures and changing priorities caused by the pandemic.

As one McKinsey article notes, “With some companies losing up to 75 percent of their revenues in a single quarter, cash isn’t just king – it’s now critical for survival”. Where then do businesses find new sources of cash to sustain their operations through the coming months?

 

Tapping Overlooked Cash Opportunities

Krishnan Raghunathan

For many, the answer could depend on whether they have digitally transformed their finance department. Why? Because many organisations are sitting on unidentified opportunities, funds that could be vital in shoring up businesses over the next few months or plugging the gap between operating costs and government bailouts. Yet those that have been slow to start their digital transformation journey are at a disadvantage;. At the same time, it is possible to identify these hidden seams in an analogue organisation, the process is time-consuming, manually intensive and, without the right digital tools, prone to human error.

Where deploying digital tools helps is by bringing speed, automation and reliable data to the fore. Connecting them with digital finance and accounting systems can give businesses clear insights into how money is being spent, where wastage is occurring, and where opportunities for optimisation exist.

It might be something as simple as automating the accuracy checking, issuing and chasing of invoices and late payments. This could reduce errors and invoice disputes and ultimately lead to faster payments. Accuracy and organisation are also important in billing – better records enable faster billing for work completed, and in turn, should deliver quicker payments.

It could also be around having the ability to review the supply chain and procurement data and identify where a supplier is subsidising a larger customer’s product line through drawn-out payment terms, or where a variety of vendors are on different terms across the business. Using that data and overall knowledge of the business to negotiate better terms that work for both supplier and customer can create new opportunities. It could even be to identify late-paying customers, determine the reason for late payments, and use that intelligence to develop products or financing solutions that continue to support those customers (and improve loyalty) without increasing the burden on the balance sheet.

 

Generating Reliable Insights for Faster Decision-making

To do any of these manually would take months, generating data slowly that would quickly go out of date. But digital finance departments have evidence they can trust to inform business decision-making. That’s because old, manual processes built around Order-to-Cash lack the flexibility and agility that businesses require in today’s markets. The fact is that even before the global pandemic crisis, the pace of digitisation across all sectors was demanding new approaches to finance and book balance.

The opportunities are significant – from cognitive credit and improved forecasting accuracy to enhanced customer analytics. All use similar tools, based on artificial intelligence and quality, trusted data. Cognitive credit can be deployed to quickly make decisions on whether to advance or restrict credit, based on individual company positions and available data. Doing so enables businesses to either capitalise on opportunities (for instance, agreeing credit for a supplier that has run out but is a supportive and integral partner) or avoid risk (in the cases where a business might be in administration).

With more accurate forecasts, businesses can better manage their currency purchases and deposits, selling currency that is not required or buying more where predictions identify an upcoming demand.

It is the same with customer analytics – with a greater understanding of customer needs, businesses can make decisions based on the right mix of the product (and how it meets demand) and supply chain suitability (such as production costs and location in relation to customers).

In many ways, the events of the past year have accelerated the process. In doing so, the problem is the pandemic has also accelerated the speed at which failure to act can lead to obsolescence. Therefore, it is vital that businesses, and more particularly their finance and accounting departments, kick start their digital transformation. This will enable them to deploy the tools and analytics that is needed to capture data, generate insights and drive fast, accurate decision-making to uncover previously untapped sources of cash and reverse revenue degradation.

 

The Importance of Digitally Enabled Finance Teams

Forward-thinking CFOs have already begun the process of digitising their departments, but for those that have been slow to start, now is the time to push forward. It is only through digital tools and analytics that finance leaders can identify both the internal and external opportunities to recover revenue and improve cash flow. Whether that’s releasing working capital, minimising revenue loss and accelerating revenue recovery, reducing total cost of ownership or enhancing customer retention – only digitally enabled finance teams will be in a position to capitalise and, ultimately, bolster business performance during what will be a trading period like no other.

 

 

About the author: Krishnan Raghunathan

Krishnan Raghunathan is the head of Finance & Accounting (F&A) practice and operations at WNS. He also leads the international delivery locations in China, Costa Rica,  Spain, Sri Lanka, Romania, The Philippines, Poland and USA.

Prior to this, Krishnan was Chief Capability Officer for WNS, in that role he headed Horizontal practices across Finance & Accounting, Customer Interaction Services and Research & Analytics, Transformation & Process Excellence, Program Management (Transitions) and Solutions development.

He has more than 27 years of experience across Finance & Accounting, Business Process Management, Sales Solutions and Capability functions including 7 years in Accounting practice.

Before joining WNS in 2013, Krishnan led several challenging roles at Genpact, supporting strategic deals and consultative selling. In addition, Krishnan was also the business leader for a number of industry verticals at Genpact, including hospitality, transportation, logistics, media and professional services

Krishnan is a Chartered Accountant, a Certified Six Sigma Green Belt and a trained Six Sigma Black Belt

 

Continue Reading

Magazine

Trending

Finance1 day ago

MASTER YOUR DATA: TACKLING CUSTOMER RETENTION CHALLENGES IN FINANCIAL SERVICES

Helena Schwenk, Market Intelligence Manager at Exasol   Customer retention has always been crucial to financial institutions (FSIs), with the majority...

Wealth Management1 day ago

HOW ALGORITHMS CAN BOOST YOUR TRADING PROFITS

Gabriele Musella is CEO and co-founder of Coinrule   Trading, whether for cryptocurrencies or stocks, is about buying and selling...

News2 days ago

BLACK FRIDAY WEEKEND SET TO SMASH ONLINE SALES RECORDS, ACCORDING TO ECOMMERCE EXPERT

The Black Friday weekend is anticipated to be the largest for online sales on record as the UK remains in lockdown, according...

News3 days ago

ONE IN FIVE INSURANCE CUSTOMERS SAW AN IMPROVEMENT IN CUSTOMER SERVICE OVER LOCKDOWN, RESEARCH SHOWS

SAS research reveals that insurers improved their customer experience during lockdown   One in five insurance customers noted an improvement...

Technology3 days ago

PASSWORDS, BIOMETRICS AND BEYOND

By: Hicham Bouali, Pre-Sales Director EMEA of One Identity, a specialist in identity and access management   At any given...

News3 days ago

AVATRADE NOW SUPPORTING DEPOSITS VIA PAYPAL AND RAPID TRANSFER

AvaTrade continues to grow its customer offering by adding PayPal and Rapid Transfer to its supported payment methods. AvaTrade’s customers...

Business4 days ago

GOING GLOBAL: 7 TIPS TO GET STARTED

The idea of selling your products or services to new markets across the globe is an attractive prospect for any...

News4 days ago

KASHFLOW AND YAPILY PARTNER TO SUPPORT SMES WITH DIGITAL BOOKKEEPING AND CASH FLOW MANAGEMENT

KashFlow continues its mission to provide SMEs and accountancy firms with software that keeps bookkeeping easy to understand and even...

Top 104 days ago

WHY HIGH NET WORTHS SHOULD BE LOOKING AT ANGEL INVESTING IN A NEGATIVE INTEREST RATE ENVIRONMENT

By Oliver Woolley, Envestors   As England gets through its second lockdown, Bank of England policymakers report the UK we...

News4 days ago

VIVA WALLET SUPPORTS E-COMMERCE GROWTH THROUGH ITS MARKETPLACE SOLUTION

Viva Wallet’s PSD2-compliant payment solution for online marketplaces removes the requirement for them to become licensed providers of regulated payment services. Viva Wallet is able to handle the streamlined processing of customer transactions through a PSD2-compliant escrow account...

Banking4 days ago

REDUCING FRICTION ONLINE HAS BECOME BUSINESS CRITICAL

Andrew Shikiar, Executive Director at the FIDO Alliance   The global pandemic has pushed the importance of remote access and authentication...

Wealth Management5 days ago

QUICK FIXES TO LOWER YOUR CAR INSURANCE

Car insurance is something we all have to pay for, no matter how much we despise it. However, it’s not...

Uncategorized5 days ago

ALL-SEASON TYRES AND HOW TECHNOLOGY IS CHANGING THE FUTURE OF TRANSPORT

Avid vehicle enthusiasts will likely know that summer and winter tyres are developed from different rubber compounds which work at...

Business5 days ago

EQUIPPING YOUR TEAM WITH THE SKILLS TO MANAGE THE CHANGING LANDSCAPE

By David Wharram, CEO of Coast Digital   For businesses to emerge from the COVID-19 pandemic stronger than ever, companies...

Banking5 days ago

BANKING ON THE FUTURE: WHY PAYMENTS TRANSFORMATION IS THE KEY TO SUCCESS

Simon Wilson, Co-Head, Payments at Icon Solutions   Standardisation, regulation and technological innovation means payments are well on the way...

Finance5 days ago

DIGITAL FINANCE: UNLOCKING NEW CAPITAL IN DISRUPTED MARKETS

Krishnan Raghunathan, Head of Finance & Accounting Services at WNS, explores how a digitally transformed finance department can give enterprises...

Technology6 days ago

DATA DILEMMAS IMPACTING ESGS

Mario Mantrisi, Chief Strategy and Knowledge Officer, Kneip   It’s been well documented over the past few months that the...

Technology1 week ago

SIX PILLARS FOR A SUCCESSFUL CLOUD

by Giuseppe Paternò, IT Infrastructure Architect, Security Expert, and Cloud Solution Guru   COVID-19 pandemic is pushing many companies to...

News1 week ago

MARQETA CONTINUES EUROPEAN GROWTH, SIGNING THREE NEW DIGITAL BANKING CUSTOMERS

Marqeta is supporting the development and launch of three new digital banks across the UK and Europe   Marqeta, the...

Technology1 week ago

TECHNOLOGY IS OUR FIRST DEFENCE AGAINST MONEY LAUNDERING

Jesse Chenard, CEO of MonetaGo Fraud is an age-old problem that has plagued every industry since businesses began trading. It...

Trending