A large multinational bank was evaluating new ways to further their digital first ambition and improve their overall customer satisfaction, and they began looking at frictionless security solutions to improve their banking platform. Their digital clients were under constant attacks by banking trojans and fraudsters using social engineering techniques to bypass the existing device- and token-based security. This highlighted the urgent need to verify online sessions by identifying the actual customers rather than their devices.
In evaluating fraud detection solutions, they selected BehavioSec for its enterprise grade capabilities to be deployed on-premise, integrate with existing legacy risk management systems, and unique ability to ensure that online transactions originate from the correct person every time.
Full-service bank supporting over 5 million digital identities and billions of annual transactions.
THE CHALLENGE – BEFORE BEHAVIOSEC
Digital fraud attempts were on the rise by banking trojans, sophisticated social engineering, and credential stuffing attacks by criminal networks obtaining breached login credentials. Legacy authentication and anti-fraud risk engine tools didn’t provide enough visibility to detect fraud when it came from the legitimate customers’ devices and proved unsuccessful at reducing the new fast-growing threat vectors.
The bank tried other solutions, such as requiring two-factor authentication and token step ups from customers in order to verify their digital identity, but these methods were having an adverse impact on customer satisfaction as it introduced further friction to the digital experience and added increased maintenance and customer support costs.
Additional tools for verifying digital identities were needed and an array of vendors delivering Behavioral Biometrics and other technologies were evaluated.
THE SOLUTION – AFTER BEHAVIOSEC
BehavioSec’s Behavioral Biometrics solution was selected to aid real-time detection of fraudulent activity. The software-only solution outperformed all vendors in the market in authentication accuracy, feature capabilities, and ease-of-integration, as it contains the enterprise grade features required to integrate into the bank’s existing fraud response workflows.
The solution improved overall authentication accuracy and aided the bank’s adoption of the Payment Service Directive 2 (PSD2), including compliance with its Strong Customer Authentication (SCA) requirement.
The solution was able to easily exceed both mobile and web channels scaling requirements to accurately support the bank’s billions of digital interactions. By layering BehavioSec with existing infrastructure, the bank was able to detect and stop almost all of the bank’s potential fraud loss events.
BehavioSec’s solution has been deployed at the bank for over half a decade and has become an integral part of its authentication and
anti-fraud tech stack, supporting their digital first banking at scale, and drastically reducing both account takeovers and banking malware attacks.
The additional telemetry harnessed in web and mobile applications and the shift from device-based to behavioral-based identity has proven to be a highly effective way of achieving PSD2’s SCA without adverse effects on the digital experience.
Fraud attacks and losses have been drastically reduced through the adoption of behavioral biometrics and the resulting cost savings alone continue to easily justify partnering with BehavioSec.