"In 2009 smart and targeted attacks aimed at online business banking accounts increased dramatically, resulting in widely reported six figure fraud attacks. Unprecedented warnings of the dangers of online banking were issued from the FDIC, the FBI, Gartner and other industry experts," said Terry Austin, CEO, Guardian Analytics. "Unless financial institutions take a new approach to detecting and preventing fraud, we anticipate 2010 will yield losses of even greater magnitude. With FraudMAP for Business Banking, financial institutions can start proactively protecting themselves and their business customers from these bold attacks."
FraudMAP for Business Banking speeds the detection and investigation of online account takeover in the multi-user business banking environment, whether attacks occur across multiple logins, or happen as "once-and-done" style attacks. Guardian Analytics' proven predictive analytics-based Risk Engine and real-time Risk Application have been enhanced to specifically address the unique characteristics of business banking and to address the growing challenge of securing the online channel, at a time when being more competitive requires continually adding new online products. With FraudMAP for business banking, financial institutions can effectively protect their existing services and have the confidence necessary to offer more.
FraudMAP Risk Engine - Designed to Detect Sophisticated Attacks
FraudMAP for Business Banking helps financial institutions proactively defend against all threats including ACH money mule schemes which use large networks of mules to transfer money through the ACH network, and Man-in-the-Browser attacks which install malware in the browser to help fraudsters carry out transactions through online banking accounts. Through these attacks, criminals have successfully demonstrated they can 1) easily bypass strong authentication by stealing credentials hijacking sessions, 2)navigate complex banking platforms, 3) work around company approval processes, even when dual controls are in place and 4) transfer large sums of money through wire and ACH networks.
"Fraudsters have definitely proven that strong two-factor authentication methods that communicate through user browsers can be defeated, and that the criminals can also figure out how to defeat out-of-band, telephony-based authentication and transaction verification using social-engineering techniques," said Avivah Litan, vice president and distinguished analyst, Gartner. "Organizations with high-risk applications and sensitive customer data must look for vendors and technology that can fend off increasingly sophisticated and unpredictable attacks, such as the current round of man-in-the-browser attacks."
FraudMAP's Risk Engine maximizes detection and minimizes alerts, identifying online account compromise through:
-- Dynamic Account Modeling(TM) , Guardian Analytics' proprietary technology, which understands each user's legitimate behavior and uses predictive analytics to differentiate between normal and suspicious activity for each session -- Holistic company and user risk evaluation that examines all activities - from login to logout, including the transaction - that occur individually and across all users in a single business banking account -- High risk activity monitoring that watches specifically for online activities linked to the exploitation of business banking approval processes - including adding users, changing controls processes, changing approval limits, and creating new payees - that lead to the transaction of large sums of money through ACH, wire or other payments networks
FraudMAP Risk Application - Proactively Preventing Fraud
Financial institutions need timely information about the highest priority threats to proactively stop fraud attacks and prevent the fraudulent movement of money via fast-moving ACH or wire transactions. Using the risk score generated for each session by the Risk Engine, FraudMAP's real-time Risk Application provides:
-- An intelligent visual analytics interface that highlights the risk level for each company and risk level across all users on a single screen -- Session-specific context and detailed user-by-user activity history necessary to speed forensics and investigation and take action internally and with customers -- Cross-account event correlation enables fraud analysts to proactively identify attacks impacting multiple business banking customers
FraudMAP for Business Banking is available immediately and is priced based on the number of online business accounts. It can be purchased as a standalone solution or as a package with FraudMAP for Retail Banking.
About Guardian Analytics
Headquartered in Los Altos, Calif., Guardian Analytics is focused on the prevention of online account fraud. The company's real-time risk management approach to fraud detection, forensics and risk monitoring is built on strong analytics and predictive models of individual behavior. Leading financial services institutions rely on Guardian Analytics to protect individual account assets and the integrity of their online channels. Founded in 2005, Guardian Analytics is privately held with venture funding from Foundation Capital. For more information, please visit www.guardiananalytics.com.