Studying behavioural patterns to protect users from cyber frauds

In 2019, the global cyber security market was valued at $149.69bn by Allied Marked Research. That market is expected to boom to $304.91bn in 2027. The ongoing pandemic, remote working protocols, and overall decentralized working structures have only necessitated more robust protections against cybersecurity threats.

Here in the UAE, cybersecurity has become a top priority for businesses. In December, Kaspersky estimated a 177 per cent rise in the number of brute force attacks on remote desktop protocols (RDP) in the UAE. It reflected not only the brazenness of these attacks but the increasing sophistication of them.

Kaspersky detected 1.66 million unique malicious files that were spread under the guise of popular messenger and online conference applications, typically used for work. Once installed, these files would primarily load Adware – programs that flooded victims’ devices with unwanted advertising and gathered their personal data for third-party use.

Some of the most common businesses that are vulnerable to fraud include the banking, financial services, insurance and manufacturing sectors.

While certain precautions can be taken at the end-user level, more often than not, the organisation itself must work to prevent unauthorised access to business and personal data.

IT services company, Comarch, has therefore developed a Cyber Threat Protection (CTP) anti-fraud system, engineered to counter these attacks.

Available for both desktop and mobile devices, it is designed to protect the identity of the end-user and to verify their credibility.

It could have wide-ranging benefits in banking or loyalty programmes where it is absolutely critical to verify the user’s identity.

To this end, the system offers features including device reputation, behavioural biometrics, and identity cloning, among others.

At the device reputation stage, which is at the very beginning of a user experience when a customer attempts to log into an app or website, the system analyzes the device being used. It compares it with other ones used by the same user previously – and checks whether that specific device is linked to any known cases of fraud. If historical data is not yet available, the module relies on tamper detection and other alternative identification methods.

Device reputation can also be established based on a fingerprint feature. This approach is focused on the web browser and can be used on both desktops and mobiles.

As for malware detection, it checks whether a website has been infected with malware and supports its integrity using an obfuscation mechanism. CTP works within Continuous Authentication paradigm and is able to detect suspicious artefacts.

The behavioural biometrics element of the CTP system analyses and checks typical user activities such as taps, touches, clicks and presses. It can distinguish between those made by a person as opposed to a machine and can even identify an individual based on that pattern. Owing to this, it ensures continuous authentication mechanism is in place at all times.

The identity cloning feature meanwhile allows for detecting temporary email addresses, telephone numbers, or credit cards – which are often used by fraudsters. The module can also detect whether a specific email address is already registered in a database regardless of how it’s spelt. The module is based on syntax rules characteristic of widely known e-mail providers – with an option to customize it even further, says Comarch.

Based on different parameters collected by the mentioned modules, the transaction scoring is calculated. If scoring is within defined threshold, then the customer can continue to gain access to the banking site or the loyalty programme, etc.

If scoring is low user can be asked to perform two-factor authentication or in predefined cases access to the system can be denied.

Comarch says that among the biggest benefits of its CTP is not only the ease with which businesses can use it, but that it also does not complicate or hinder a seamless user experience while maintaining a high level of protection.

Comarch’s Threat Protection therefore attempts to achieve the objective of lending a superior level of security to the customers using their online and mobile services, without compromising user experience at any stage.

To learn how to guard your firm against online frauds, hear our webinar