ALEXANDER IVANYUK The platform can also be used to secure all types of financial service applications and provides an antifraud mobile application development tool suite for financial institutions to use
An antifraud platform, developed by international cyber security company Kaspersky Lab, verifies financial trans- actions in real time to prevent fraud and elec-tronic theft of money from financial institutions by cyber criminals, says Kaspersky Lab global business development director responsible for the Kaspersky Fraud Prevention platform Alexander Ivanyuk.
The platform comprises several different parts, including a server-side component that analyses transactions and transaction details in real time as the user communicates with the financial institution’s network, an antifraud mobile application development tool suite and antifraud programmes for user devices. All these components are assisted by the cloud-based infrastructure Kaspersky Security Network.
“Users are more easily attacked than financial institutions and banks, making the detection and prevention of fraudulent transactions much more difficult if a user’s machine has been com-promised, either through malware on the device or stolen login details entered from a different machine,” he says.
However, the platform analyses users’ habits and also checks for additional anomalies, such as the time of access, the Internet protocol (IP) address of the device used to connect to the institution and the speed with which details are entered, besides other criteria, and compare these to the user’s known behaviour when using the online transaction or banking system.
“An attack may skip certain crucial parts of a transaction or complete steps in a transaction process quickly, such as filling out the details of the account to be credited within seconds, while a user would spend more time entering and checking these details. This is an example of one of the criteria that the Kaspersky antifraud platform checks to determine whether an attack is taking place,” says Ivanyuk.
Further, the financial institution using the antifraud system can also customise how to manage such threats and attacks detected, for example, whether only the transaction in question would be terminated or the transaction terminated and the user profile locked following a detected attack.
The platform can also be used to secure all types of financial service applications, including Web-based and distributed applications, besides others. Kaspersky Lab is also approaching system integrators to deploy these systems for any applications that they provide and integrate into a financial institution’s systems.
A study by market research organisation B2B International and Kaspersky Lab found that 98% of users use online banking services or make online purchases, and 38% do so with their mobile devices. The widespread penetration of e-payments has made the theft of electronic money a profitable business for cyber criminals. The same study found that 62% of users had encountered cyber threats that targeted their accounts within the preceding 12-month period.
The individual platform components can function independently and collaboratively, complementing one other and providing multilayered protection at every stage of an online payment, concludes Ivanyuk.