2 Weeks Instead of 2 Years For Fraud Detection System Deployment? With Us, It Is Possible

3.2.2020 TM Services

Afraid of a lengthy project when implementing an online fraud prevention solution? There is no reason for it. To be one (or more) step ahead of fraudsters, banks need to be exceptionally flexible in adopting new protective technologies. However, in some cases, if not in most of them, adopting a complex system such as an anti-fraud solution might be profoundly challenging from the resource’s perspective. Implementing an anti-fraud solution might take months, sometimes even years, not mentioning the significant price spent on even initialization of the testing phase of the project. Read about Threatmark’s revolutionary approach to the lengthy implementation with a unique data collection approach and cut down deployment time to a bare minimum.

Usual Suspect – Lengthy Implementation

Let’s imagine a bank that has already chosen an anti-fraud solution covering online channels from a vendor. What usually follows are pitfalls and issues with the actual implementation of the solution. Based on interviews with our customers, banks confirmed that the deployment process took them an average of 18 to 36 months to deploy a fraud detection system which means a significant time span, creating a potential security gap to be misused by a fraudster, leaving the customer in total darkness. One of our customers even spent more than a year deploying and configuring their system to find out that it doesn’t work (as expected).

Number of months on average spent on the deployment of FDS.
Number of months on average spent on the deployment of FDS.

Why is this happening? Often there is a problem with data exchange between the bank and the adopted solution. Even in the Proof of Concept stage, there must be an established method for sending information between the bank’s front-end system and the anti-fraud solution’s service provided by a vendor. Usually, as an exchange data channel, the integration via an API is chosen. Using this method requires and extra coordination efforts between both teams. Often, this involves the dedicated team assigned to the project from a bank and a significant amount of time, overcoming numbers of formal obstructions and a great deal of patience. As a result of all of this, the final cost for having just a Proof of Concept started might be a showstopper and an initial enthusiasm might disappear leaving the bank and its clients unprotected.

Speed up a Bit – Welcome ThreatMark unique Front-End Integration

One of ThreatMark’s “philosophical” pillars is to save the resources of the Bank. Therefore, from the very beginning, we were finding a way how to overcome lengthy implementations. We came up with a surprisingly straightforward technique of HTML extractors. This technology allows our solution to extract and analyze information presented in the bank application’s front-end, at every HTML page. Basically, any page when rendered in the client’s browser can be processed by our JavaScript probe and information from it can be easily scraped and categorized, having every element, every inputted value on every page readable to our ThreatMark AFS solution.

HTML extractors allow us to analyze information presented in the application’s front-end

It goes without saying that all heavy lifting while creating and maintaining the code is performed by ThreatMark, without the additional effort put on the Bank.

Within a few weeks, the Bank can have a full solution up and running and ready to be placed in production. And what really is exceptional – without any limitation regarding capabilities or number of protecting users. Results are then presented in the form of a comprehensive rich analytical web interface and the solution along with all of its components are fully active. All detections and granular information are visible (e.g. Dashboard, Case Management, Details of all events, Timeline of the attack, etc.). Moreover, the crucial component for addressing specific business scenarios, the WYSIWYG Rule engine, is also available and fully functional.

Comprehensive Rule Engine is available after a few weeks

Soon the bank can engage the whole machine-learning power, providing banks’ Fraud Analysts with a strong weapon for investigating and fighting cybercrime.

Furthermore, the bank later decides to integrate the system via automated APIs (e.g. for engagement of Risk-Based Adaptive Authentication, PSD2 regulation, …), there is no need to start from scratch. Front-end data extractors are anyway the initial step for the full deployment of a possible quick-fix for being compliant with legislation.

To wrap it up, using the data extractors instead of the API integration brings obvious benefits:

  • First of all, it reduces significantly the requirements and costs for the implementation.
  • There is no need for an overcomplicated integration with the banking back-end system.
  • All system findings are visible from the very beginning. You will not miss any of these detection types: fraudulent transactions, account takeovers, malware detections, phishing detections, behavioral profiling, scripted access and much more.  
  • Having the detection log in the system might be a quick fix for being compliant with PSD2 legislation.

Let us know your needs and we can show you how fast we can be. Arrange a meeting with us and together we will discuss your use cases and possible solution. You might be only a few weeks away from having the most complex state-of-the-art anti-fraud suite up and running, saving money, time, all while providing you a powerful tool to deal with sophisticated cyber threats.

Lukáš Jakubíček
Lukáš Jakubíček  

Pre-Sales Consultant

Working for ThreatMark allows me to use my diverse set of technical and interpersonal skills I have developed for over 10 years working in the IT & Online Marketing Industry. Writing about cyber threats is only one of my duties, most of the time my colleagues and I assist and help our clients to find new and better ways on how to efficiently fight against the online fraud.

Connect me on LinkedIn Send me an e-mail