The Federal Bank is one of India’s largest private sector commercial banks that serves a customer base of more than 10 million. The Bank does over 600,000 debit card transactions every day. It has more than 2,800 touchpoints (over 1,200 branches and over 1,600 ATMs), spread across the country. The bank is a leading technology adopter and was one of the first Indian banks to computerize all its branches. With an increase in fraudulent transactions in the industry, Federal Bank was proactively looking for a counter-fraud solution for both its cardholders and merchants, with real-time and near real-time facilities and mission-critical features that are easy to deploy, responsive and reduce the financial impacts of fraud.
The fraud landscape in India is evolving at a very rapid rate, with fraudsters finding new and innovative ways to game the system and trick banking officials and customers. Customer awareness is also low.
In an email interview with CISO MAG, Shalini Warrier, Executive Director, Federal Bank said, “We have noticed that a lot of frauds are of the vishing type, where customers are tricked by fraudsters and end up sharing their secured credentials to fraudsters over the phone. The fraudsters are becoming increasingly sophisticated in their methodologies, and sometimes, even educated individuals fall prey to their attacks.”
According to RBI data (India’s banking regulator), from October to December 2019, debit card fraud alone reached 11,058 cases involving INR 94.5 crore (approximately US$12.4 million). While traditional rules-only fraud detection systems are adequate at detecting known threats, they are not as effective or efficient at uncovering new criminal fraud strategies or zero-day attacks, putting banks and their customers at risk.
“Our core challenge was the absence of a robust online real-time capability to prevent frauds on debit card transactions,” said Warrier. “We had the capability for post facto analysis, based on which we could make changes for the future. However, that is akin to closing the stable door after the horse has bolted! Further, our overall debit card spends were increasing courtesy the changes we made on the business front. Hence, in order to ensure our risk mitigation strategies kept pace with changes in the environment and the demands of the business, we really needed an effective online real-time monitoring system.”
To address the evolving threat of fraud and offer additional security for digital transactions, Federal Bank sought to deploy a rules-based solution with real-time monitoring for deterring, detecting and blocking fraud.
“The first criteria for us was the ability to handle volumes in a robust, resilient, consistent, and stable manner. Further, we were looking for a system that could provide a high level of flexibility and agility so that changes in rules could be made dynamically, as and when required. Of course, with the increasing use of online digital channels, we needed to ensure that the solution had an ability to interact, seamlessly, with online channels,” said Warrier.
Federal Bank opted for ACI Worldwide’s customized fraud and risk management solution at two action levels: cards and merchants. After deploying UP Payments Risk Management for real-time monitoring of card transactions, the bank saw a considerable drop in fraudulent transactions, including vishing fraud. In addition to alerting customers of risks, the solution also includes automated alerts that have helped the bank recognize and decline potential fraudulent transactions on more than 2,700 cards over a recent six-month period.
“Our Debit Card Switch is an ACI product, and we have worked effectively with ACI over the last 10 – 15 years. After taking all the above criteria into account and evaluating various solutions, we concluded that ACI’s PRM (Proactive Risk Manager) would be the best suited for our requirement. It also enabled us to ensure seamless integration without Debit Card Switch,” added Warrier.
Through ACI’s solution, the bank can enhance fraud detection capabilities with insights into real-time status of card transactions based on pre-defined parameters, empowering the bank to provide better customer experience and security.
Warrier informs that the initial solution was deployed in March, 2015. However, several enhancements and upgrades were made in the last few years. The most recent upgrade was done in December 2019.
“Our objective was to equip Federal Bank with real-time reactivity and adaptation to emerging fraud trends, enabling faster decision-making,” said Kaushik Roy, Vice President and Country Leader – South Asia, ACI Worldwide.
Warrier informs us that the solution gives the business the ability to confidently market debit card products, knowing that there is an effective risk management tool that can ensure minimal fraud. The PRM solution enables businesses to grow with full assurance of risk mitigation. She acknowledges that the bank has realized a return on investment.
Going forward, Federal Bank wants to make continual investments in upgrades and enhancements. Its plans include:
- Usage of past data in identifying suspicious transactions with the help of an analytical engine using AI-ML.
- Real-time step-up authentication mechanism for highly suspicious transactions.
- Ability to make use of customer profile data and customer device profile in transaction authorization.
ACI Worldwide is a Universal Payments (UP) company that powers electronic payments for more than 6,000 organizations around the world. More than 1,000 of the largest financial institutions and intermediaries, as well as thousands of global merchants, rely on ACI to execute $14 trillion each day in payments and securities. In addition, myriad organizations utilize its electronic bill presentment and payment services.
CISO MAG did not evaluate/test the products mentioned in this article, nor does it endorse any of the claims made by the Bank or the Solution provider. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same. CISO MAG does not guarantee the satisfactory performance of the products mentioned in this article.