WESTBURY, N.Y.-When two members from NEFCU here recently logged in to their online accounts from Germany, Texas and Illinois, the CU sat up and took notice-only to discover that the log-ins actually were by criminals who could have committed $65,000 of identity fraud.
"The inquiry activity was out of pattern with both of these members," said CIO John De Ieso. "We reached out to the members to find it wasn't them making the inquiries and then prevented any unauthorized transfers."
The odd behavior probably would have gone unnoticed if not for FraudMAP, NEFCU's behavior analytics software, deployed in October, De Ieso said. The solution is hosted "in-the-cloud" from Los Altos-based Guardian Analytics, an online account fraud-prevention provider.
Monitoring online member behavior and transaction activity is new to NEFCU, said De Ieso. "We've gone from basic fraud prevention, such as multi-factor authentication, enrollment procedures and verifying PIN changes, to a point where we have online fraud prevention covered."
Good News For Members
Preventing $65,000 in fraud loss makes NEFCU happy, but perhaps equally satisfying is telling members Internet banking is as secure as possible and telling regulators that Red Flag requirements are met, De Ieso suggested.
The "gravy" is that FraudMAP paid for itself for two years just in blocking these two recent incidents of potential fraud, he added.
If FraudMAP hadn't helped prevent fraud in these two incidents, NEFCU would have also lost more than 100 hours of time spent on addressing insurance claims, filling out paperwork, interacting with the victims of any fradulant activity and other remediation steps, De Ieso said.
Each time a member initiates an Internet banking session, FraudMAP compares an up-to-the-day history of the member's online behavior to current session behavior explained Tiffany Riley, VP-marketing, Guardian Analytics. The software identifies behavior anomalies and assigns a risk score of high, medium or low to the session.
Suspicious online behavior could include variations in login times; computers; Internet Protocol addresses; ease of login; non-transactional activity; amount or type of transaction; or payee.
High-Risk Behavior Alerts
FraudMAP alerts NEFCU of high-risk behavior according to thresholds the CU sets, De Ieso continued. The $1.5-billion credit union spends about one hour per day investigating a dozen of the alerts that indicate the highest-risk behavior. With FraudMAP's graphic-rich interface, it's easy for NEFCU to click-down into alerts to investigate what happened during a high-risk session, he said.
Although FraudMAP is designed to monitor Internet and mobile banking usage by members of the credit union, suspicious activity alerts may spur NEFCU to further investigate other channels, such as debit cards or checks, for related activity, De Ieso said.
"If Guardian Analytics were able to extend the automated behavioral analytics approach across all channels, that would be wonderful," De Ieso told Credit Union Journal.
