Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


05:29 PM
Connect Directly

KeyCorp Building Analytic Tools to Prevent Fraud

Starting a two-year project to create analytics that will find and address fraud in real time, before transactions are completed.

"Fraud, unfortunately, is a part of our world and fraudsters have great resolve," observes Douglas Twining, director of fraud service for Cleveland-based KeyCorp ($95 billion in assets), who spoke to us this week about the bank's recent investments in fraud-fighting technology. "Organized crime has become more sophisticated in the last couple of years, criminals are leveraging technology more than we've seen in the last couple of years, and we've seen an incident rate associated with sophisticated phishing, malware, and man-in-the-middle attacks. When that occurs, it's not only an attempt to exploit the financial institution, but it calls into question the integrity of the product and the channel."

KeyCorp has purchased fraud detection software from Actimize to be proactive and to "view risk in a holistic instead of a silted manner," Twining says. "Detecting fraud is not the goal in and of itself, the real goal is to be able to respond in a timely fashion." The real-time nature of the software KeyCorp has purchased is designed to let it catch suspicious transactions before they're completed, so that the customer can be called or the transaction blocked before fraud actually takes place.

The bank is in the process of building applications on the Actimize platform — this is expected to take about two years. Twining plans to focus first on remote banking delivery channels, although he notes that the bank already has anti-fraud controls and processes in place and it conducts webinars and client discussions about safe online banking. "What we're really investing in is the ability to use behavioral analytics to enhance the investment we've made in authentication technology," he says. "We are leveraging information about transactions and account activity changes and determining whether or not to pend transactions, to have one of our fraud analysts review the activity, to contact the client, or to approve and potentially look at it later." Clients want to be educated, but also want the bank to help and protect them, Twining relates. "Working with them and helping protect them is good for us."

The Actimize software compares incoming transactions against existing bank data, scoring them based on such risk factors as familiarity of the IP address and consistency with a customer's past behavior. Rules can be set to identify suspicious activity.

The bank will need to feed information from its online banking, mobile banking, ATM and other applications into the Actimize software, making this a large integration project.

"My mantra is data, data, data," Twining says. "It's important to get that perspective in order to be timely and quickly prevent or detect aberrant behavior." But this approach will let him build a flexible platform, he says. "We won't be solving all fraud risks through this mechanism tomorrow, but we'll build onto it over the next few years to incorporate more of a holistic approach," he says.

Small businesses have been particularly hard hit by fraud in the past year, particularly by incidents in which malware lets a criminal hijack a computer and send wire transfers. Twining says the Actimize software can detect and prevent such activity. However, he says, "we believe that it's a shared obligation. We did a webinar recently with small businesses and we gave them some very practical suggestions to consider to help them manage the risk."

KeyCorp also plans to offer clients other fraud prevention measures such as text alerts for suspicious activity, keystroke measuring tools, and biometrics. It plans to provide some with no fee, others with a small fee. "Everybody has a different risk tolerance, we want them to be able to protect themselves in a way that makes them comfortable with their relationship with Key, instead of telling them, this is all we offer," Twining says. The bank provides digital certificates and offers authentication tokens, again, based on customer preference. "There's a lot of concern in our society around banks' ability to protect their clients," he says.

Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.