By: Saeed Ahmad, Managing Director, Middle East and North Africa, Indicative
Significant new frauds and cyberattacks are commonplace in today’s world and have been for some time. The target is the only thing that seems to constantly vary. In the United Arab Emirates, Abu Dhabi police have returned 21 million dirhams to victims of financial fraud, including phone scams and other cybercrimes over the past year.
Headlines that once ranted about traditional financial services such as insurance companies for being breached are now sounding the alarm over huge sums of money being routinely stolen from newer services consumers are using, such as crypto exchanges and Buy-Now-Pay-Later services.
The painful and infuriating reality is that fraudsters still employ the same proven strategies, even though their targets have changed. Even though techniques such as account takeover and authorized push payment (APP) fraud have been around for years, they continue to plague these often digital-native markets.
Because scammers rely on volume, their attacks frequently target the most popular consumer services, which is why they have turned their attention to platforms like exchanges and so far they have shown no signs of slow-down.
Therefore, the question is: why are these new financial services repeating the same mistakes that conventional financial services made more than a decade ago, and what is the source of this failure?
Symptoms of a more serious problem
With the help of technology, it seems like new financial opportunities are unlocking daily; users can now access financial markets and exchanges in a variety of new and exciting ways. However, with each new advance, new attack vectors emerge, such as Buy-Now-Pay-Later services, crypto exchange attacks, and NFT schemes.
Additionally, since automated tools are readily available to cybercriminals on the dark web, crooks can focus on launching large-scale attacks simultaneously to cause as much havoc as possible.
Fraudsters then tend to seek out the weakest link in the system and target it, usually with a combination of username, password and device access – commonly used authentication methods that are insecure and easy to infiltrate.
The bad news is that the widespread use of bots, malware, and other traditional types of cybercrime that are prevalent on modern financial services platforms is likely to persist. The truth is that these forms of fraud have remained effective due to a fundamental, unfixed flaw in our digital identity system – a flaw that has yet to be fixed.
The death of digital trust?
There is currently no universally accepted approach to identifying genuine users online. One-time passcodes, for example, are still widely used, albeit insecure, and have contributed significantly to the growth of cybercrime.
Since most companies lack the ability to unequivocally verify that someone is who they claim to be online, we lose our sense of digital trust. Users’ trust in people, technology and processes to build a secure digital world is called “digital trust”. This foundation of online trust is the cornerstone of the entire e-commerce industry.
Digital trust must be earned, just like trust in traditional contexts. Governments and businesses earn the trust of users by demonstrating that they can ensure data safety, privacy, security, reliability and ethics when delivering services online. Additionally, digital trust is built over time, each time a user interacts with an online service, it builds their digital trust in that business or organization.
Therefore, as cyber fraud continues to increase, it rapidly undermines user confidence in the system. If enough people lose faith in the digital world, significant facets of our global civilization will begin to crumble. Modern financial services platforms need to move quickly to regain their users’ digital trust, and behavioral biometrics can play a role in this.
Digital solutions for digital times
Behavioral biometrics, unlike many digitized analog techniques currently used by financial platforms, is a true digital solution. This means that unlike a one-time password, which relies on the untrusted layer of SMS messages, behavioral biometrics authenticates users based solely on their behavior.
Behavioral biometrics are meticulously tailored to the individual from the start, learning and evolving with the customer as their relationship with the business progresses. The distinctive patterns that each individual displays are stored as a kind of digital DNA. Therefore, the technology can be used to add additional layers of protection without the need for time-consuming actions that degrade the user experience.
Behavioral biometrics is device independent and relies solely on user behavior patterns to authenticate users, making it less complex and more affordable than many other authentication solutions. Therefore, it is more secure, especially when companies add behavioral biometrics to passwords, location information, device information, and threat detection. Therefore, whenever people access goods and services online, their experience is always smooth and streamlined.
The public’s digital trust will continue to decline without these kinds of proactive improvements, and we will all suffer the consequences. Therefore, it is the duty of every organization that engages with online users to do its part to restore trust in digital identity, if not for the good of the wider ecosystem, then for their own. financial health.