Since many banking and payment transactions have moved into the field of informatization, fraud in this area has been actively developing. Due to the increasing attacks on banking systems, interest in anti-fraud systems in the banking sector (antifraud) and the detection of attempts to commit fraudulent transactions in remote banking systems has increased. Such systems can detect and prevent fraudulent activities using machine learning technologies, digital profiles of devices and users, etc.

How do hackers break into your bank account?

Attackers make attacks on interbank transfer systems, card processing, ATM management, Internet banking and payment gateways. According to the Positive Technologies report, attackers use a simple scenario to carry out an attack, which consists of 5 consecutive stages:

  1. Preliminary reconnaissance and preparatory work;
  2. Penetration into the internal network;
  3. Fixation in the internal network and development of the attack;
  4. Compromise of banking systems and theft of funds;
  5. Concealment of footprints.

These stages are relevant for phishing, infecting a victim’s computer or smartphone with a previously known malware, conducting man-in-the-middle attacks, using keyloggers, and even zero-day vulnerabilities. Experts identified 7 common schemes for stealing money during attacks on remote banking systems: social engineering;

  • card-to-card transfers;
  • transfers through online banking;
  • interception of access to mobile banking;
  • fake mobile banking;
  • purchases with Apple Pay and Google Pay;
  • theft through SMS banking.

Positive Pay counteracts bank fraud

The main tool of anti-banking fraud is Positive Pay. It is an automated cash-management service employed to avoid check fraud. It is offered by most banks. In simple words, it is a service that matches the account number, check number and amount of each check written against a list of checks previously issued by the company. If a check does not have a “match” in the file, it is considered an “exception item”. The bank sends a fax or an image of this suspicious item to the client who reviews it and informs the bank whether to pay or return the check.

Most banks charge a fee for Positive Pay, although some banks today offer this service for free. This cash-management service system helps avoid check fraud losses and liability.

Findings

Banking fraud continues to progress every year. Therefore, the market for anti-banking fraud systems is growing. The United States are leaders in this area. When choosing a system to combat fraud, you must first determine what tasks it should perform. In most cases, in order to protect the bank from fraud, it will require the use of several classes of antifraud systems, including Positive Pay. This cash-management service system helps avoid check fraud losses and liability. At the same time, when choosing a general analytic platform, you should pay attention to the complexity of implementation and ease of use.