In a Nutshell: Financial crimes, including cyberattacks and data breaches are becoming commonplace as US consumers move toward new-age payment methods that some merchants aren’t properly equipped to handle. Online financial crime is on the rise across the globe, led by an explosion of card-not-present fraud. NICE Actimize mitigates financial services clients’ exposure to card fraud with a market-leading financial crime, risk, and compliance software platform. NICE Actimize’s introduction of ActimizeWatch in 2017 furthered its mission to automate the monitoring of analytics and provide real-time updates and response to anomalies within a cardholders actions.
A spate of cyber attacks and data breaches dominated financial news coverage in 2017. The Equifax breach alone exposed the personal information of as many as 143 million Americans to data thieves and sent terrified consumers running to freeze their credit profiles in fear of aftershocks.
Banks and card issuers have taken extreme security measures leading up to, and since, these attacks to give customers peace of mind. EMV chip cards are now the norm in most wallets. The tokenized payment method does not transmit account information and uses a scrambled code that is never repeated to conduct transactions, making any information obtained in a heist useless to fraudsters.
As a global innovator in detecting and protecting against card fraud, NICE Actimize provides a market-leading financial crime, risk, and compliance software platform to some of the largest financial institutions in the world.
The company’s solutions improve productivity while spotting anomalies in cardholder habits with the use of analytics and Robotic Process Automation (RPA). For Rivka Gewirtz Little, Senior Director of Product Marketing at NICE Actimize, the breaches of 2017 were business as usual.
“While we definitely helped our customers through this significant challenge, but we don’t see this as anything really different. It’s a continuation of a long history of breaches and attacks,” she said.
Little pointed to the recent explosion of the dark web black market as the driver for heightened fraudulent activity. On these anonymous internet platforms, personally identifiable information (PII) — like credit card numbers, Social Security numbers, and birth dates — can be purchased for as little as a dollar by criminals looking to steal identities.
NICE Actimize’s comprehensive financial crime solutions combine years of experience into a product that financial institutions of all sizes use to monitor card activity on their networks. NICE Actimize has offered fraud coverage for clients since 2012 and has a growing portfolio of prepaid card clients to an already vast number of credit and debit customers.
“We approach a card with the basic assumption that your card credentials and supporting PII are available and that fraudsters have it,” Little said. ”They’re using bots and other sophisticated approaches to continually hit all this data until they find one that works.”
NICE Actimize’s solutions operate in a real-time ecosystem that works to stop fraudsters from finding that vulnerable card.
Fighting the Growth of Card-Not-Present Fraud
The proliferation of EMV chip cards makes it difficult for fraudsters to duplicate cards for use at traditional merchant storefronts. That’s led many to adapt to card-not-present (CNP) fraud, which exploits telephone, internet, and mail order transactions that do not require a physical card to complete a sale.
CNP fraud growth has been astounding, with an increase in total fraud claims expected to increase from $3.1 billion in 2015 to $6.4 billion in 2018.
“Because we have very extensive digital and mobile fraud coverage, we became uniquely positioned to prepare for card-not-present fraud,” Little said. “We came out of the gate with digital coverage for card-not-present transactions online and also have very significant coverage for card-related mobile wallet transactions.”
While NICE Actimize works with clients from all over the world, CNP fraud is most prevalent in the US, where 77% of merchants sell online and are vulnerable to these attacks.
Traditional brick-and-mortar merchants can also be prone to certain forms of CNP fraud as US consumers shift their preferred payment methods to mobile wallets that include contactless payments and application-based payments that don’t require a physical card.
“I essentially see mobile wallet transactions at this point as mobile card-not-present, but we do have models that are specific to that as well,” Little said.
ActimizeWatch’s Cloud-Based Solutions Increase Productivity with Automation
Nice Actimize’s latest product may be its strongest offering yet.
Unveiled in April 2017, cloud-based ActimizeWatch uses machine learning to continually monitor transactional data pulled from client records to identify emerging threats.
“One of the things about fraud coverage, in general, is that analytics models can be self-learning and self-thinking, but at some point, there must be human intervention,” Little said. “There must be oversight to make sure the data is correct. ActimizeWatch automates all of that.”
ActimizeWatch’s ability to proactively monitor the performance of analytics cuts human time and effort down by more than 50% and allows clients to immediately know if there is degradation in the analytics performance.
“But more importantly it tells the client why the degradation is happening,” Little said.
The platform also provides clients with ongoing fraud intelligence and email advisories to keep them updated with emerging threat patterns, including information about targeted attacks against new faster payment types and digital channels.
Financial Crimes Happen to Institutions of All Sizes
Nice Actimize’s client base includes financial organizations of all sizes. The wealth of data the company collects from clients reveals that fraudsters do not take into account an organization’s profile or asset sizes when seeking out targets.
“Fraudsters will hit any card they can hit and find money on,” Little said. “They’re doing it in an automated way, which means they hit multiple accounts all at once until they find one that works. That may be a small community bank card or it may be from a top global institution.”
Little said the main factor that differentiates the security of small and large financial institutions is the amount of time and money each invests in fraud detection and prevention. But she pointed to issues she feels every size financial institution needs to address regarding the way credit card transactions are processed and filed on company software.
“The biggest issue we regularly see is that card transactions inside of a bank are often kept in a silo from other non-card transactions,” she said. “Most financial institutions can look at one place in your account profile and see a full list of everything you’ve ever done with your account inside and outside of a branch, but quite often your card transactions are listed separately in that file.”
The data separation helps fraudsters gain access and, at times, get away with their crimes. Little said many larger institutions are working toward fixing the problem, but some smaller companies may be less proactive with a solution.
“Fraudsters will hit them all with equal opportunity, but smaller institutions are sometimes less prepared,” Little said.
Technology that Moves Faster than Fraudsters Operate
In less than six years, NICE Actimize has become a global leader in fraud coverage for financial institutions around the world. The company’s software offerings help clients mitigate risk and work toward eliminating fraudulent card activity before it happens.
“The very first thing we set out to do, other than detection, is to help our institutions really gain a holistic view of entities in order to establish a normal behavior and identify risks,” Little said.
By zeroing in on each cardholder, NICE Actimize allows clients to pinpoint fraud much faster than previously possible.
“Everything we do in fraud detection revolves around using analytics to establish profiles of entities that tell us their normal behavior so we can begin to spot anomalies that raise a red flag for fraud,” Little said.
The company looks at card transactions, along with transactions across all channels, to learn a cardholder’s habitual behavior within a cardholder’s behavior. When something out of the ordinary arises, the issue is immediately brought to the issuer’s attention.
“It’s really about understanding relationships between users and their cards as well as the devices assigned to these cards,” Little said. “If they’re using something like a mobile wallet, you want to be able to understand their typical ways of use. You want to develop an image of a user and their card so you can begin to see when something is going wrong.”
All of this happens in a matter of milliseconds within the Actimize software. Analytics adjustment that once took nine months to one year to complete can now be done in days or weeks. The goal is to decrease the time spent detecting fraud while increasing the pressure on fraudsters.
“We’ve finally gotten to the point where we are so proactive and automated that our analytics are faster than the fraudsters,” Little said.