The financial eco-system is changing rapidly, introducing a new balancing act in compliancy, security and frictionless customer journeys. New technologies and regulations are driving us forward, such as cloud, AI, open banking and PSD2. Within the domain of fraud and misuse, new attack vectors will be found.
This creates the following new potential challenges:
- Fragmentation of people, processes and technology will lead to new gaps in the fraud kill chain.
- Loss of visibility on threats.
- Current mitigation measures won’t hold the forces ahead.
- A high learning curve is stretching the skill level of fraud teams, making it difficult to compete with fraudsters.
- Need for extremely fast decision making in terms of compliancy and customer experience.
In order to solve these challenges, organisations need to look carefully at how they organise their fraud kill chain. A pro-active approach focussing on early detection of fraudulent and malicious behaviour is needed.
DetACT™ is Fox-IT’s fraud management solution, delivering advanced 24/7 fraud detection, analytics and visibility capabilities for the financial domain. DetACT™ incorporates over a decade of expert knowledge and hands-on experience protecting banks reputation and protecting their customers from cyber criminals.
DetACT™ is designed as an on-premise, passive and non-intrusive solution which can be easily integrated in your infrastructure. DetACT™ is positioned directly behind the core load balancer and SSL offloader, invisible to fraudsters. It captures raw TCP/IP traffic from a network tap and
reconstructs all customer activity on your online channels for real-time detection and analysis. Detection capabilities can be enriched by including Client Side Detection and external risk scoring data in traffic.
DetACT™ can automatically push alerts for suspicious events to backend systems in the core banking infrastructure, to allow for real-time intervention (e.g. block transactions or step-up authentication). Alerts are fully
customizable and support multiple formats, including JSON and e-mail. DetACT™ APIs facilitate smooth integration with the other systems and sources in your fraud chain.
DetACT™ Analysis team is specialized in financial fraud on online channels. Having over 10 years of experience in investigating phishing, malware and account takeover attacks, they know all the ways fraudsters operate. Every day they are protecting financial institutions across Europe against attacks on their customers. They combine the knowledge of multiple organisations and insight of the threat landscape.
- Time to respond – DetACT™ differentiates from most vendors with the capability to alert customers way before a transaction is entered.
- Learning time – DetACT™ is delivered with over 100 detection rules that work out-of-the-box and require no learning time; fraud detection works as soon as DetACT™ is turned on.
- User profiling becomes more accurate over time and starts providing useful signals after 48 hours
- Invisible to fraudsters – The zero-touch architecture results in no performance impact and makes DetACT™ invisible to cybercriminals
- Extended fraud team – DetACT™ has a best in class analysis team, enabling you to create synergy with your anti-fraud team.
- Real time visibility – DetACT™ enables analysts to follow the criminals live.
- Agility – DetACT™ is agile in its DNA. The realtime building of rules and logic enables direct implementations of needed mitigations.
- Rule federation – DetACT™ operates globally enabling sharing of knowledge of modus operandi and specific attacks, creating safety for the full customer base anonymously.
- Phishing sites; real-time identification of phishing URLs before the launch of an attack.
- Phishing site visitors; real-time identification of potential victims that accessed a phishing sites.
- Account takeover; real-time detection of fraudsters logging in on the account of their victims.
- WebInject malware; real-time detection of man-in-the-browser attacks.
- WebFake malware; real-time detection of traffic redirection to spoofed websites.
- Business logic abuse; real-time detection of website and mobile application misuse.
- Attack preparation; real-time detection of phishing and malware preparation.