As much as the digital shift has given a boost to new and existing online ventures and processes, this rising tide has also increased the number of “surfaces” that cybercriminals have to work with, despite our collective best efforts to stop them.
“The fraud just seems to have gotten worse,” Refinitiv Global Head of Digital Identity and Fraud Solutions James Mirfin told Karen Webster, on the launch of its newly combined and streamlined risk and fraud solution following its GIACT acquisition last November. “We’re trying to make the protection capabilities as broad as possible through a single point of integration.”
The goal of this new integrated, end-to-end application programming interface (API) security solution, he said, is to simply make life easier for customers.
“Whether you’re thinking about identity, payments, account takeover, fraud, or compliance or regulatory risks, [we are] bringing those together in one easy way for customers to use through a single integration,” he said.
Obviously, with fraud on the rise, the timing is right and the need is strong. Mirfin noted that no one else is doing what Refinitiv is doing, for one simple reason: “It’s really hard to do.”
“I think where we’ve been very fortunate is that we’ve brought together two businesses that are all about managing huge amounts of disparate data, and trying to bring that together in a way that a customer can use intelligently and easily,” he said.
The New Challenge
Waiting two or three days for a payment to clear is a pain, but it does create an opportunity for checks and balances, including clawing back a payment. Compare that to the ever-present pressure to move money faster, and the opportunities for fraudsters become clear.
Taking on that challenge in an increasingly active environment — and delivering an end-to-end solution that manages risk throughout the customer lifecycle — has been a priority for Refinitiv since it announced its acquisition of GIACT late last year. The goal, said Mirfin, has been to combine its dual competencies to create an end-to-end fraud and risk platform that the market sorely lacks, particularly for smaller players.
For larger banks with billion-dollar tech teams, handling a broad set of compliance and risk issues might be a manageable, albeit increasingly expensive, challenge to take on. However, for smaller organizations or emerging startups, figuring out all of these practices and combining the different capabilities is comparatively much more difficult.
“We want to allow our customers to more confidently go into these new business areas, because they can protect themselves along the way,” Mirfin said. “Whether their customers are opening accounts, adding new beneficiaries, making payments or making account changes, we can help [the organization manage the fraud-related risks inherent in those activities].” The goal is to enable their clients to offer new services to their customers with protection baked in.
Busting Insecure Silos
Continuing with the status quo won’t cut it. For any organization that operates and transacts digitally — whether a financial institution, business, government entity or nonprofit — Mirfin noted, there must be rethinking and replacing of siloed approaches to fraud and risk prevention.
That’s because silos create a fertile breeding ground for fraudsters who profit from exploiting the blind spots.
Phishing scams aren’t new; they are a well-known security risk. But of late, said Mirfin, fraudsters have taken business email compromise (BEC) scams via phishing to “another level,” compromising accounts into six- and seven-figure paydays simply by exploiting gaps created by a siloed approach.
And they aren’t the kinds of attacks that institutions can fend off with “green-screen” legacy tech, he said. However, as fraudsters get bolder, doing nothing isn’t an option, either.
“When you start to look at that, you realize you’ve got to [manage risk throughout the customer lifecycle and across functions — you need to apply a holistic approach.] Otherwise, the fraudsters will just have a field day. Every time it’s a siloed approach, [they will find gaps and exploit any possible vulnerability],” Mirfin told Webster.
You may also be interested in: FBI: Why AI And MFA Provide The Most Effective Fraud Defense