Digital fraud has risen exponentially as the world has digitised, but some countries have been hit harder than others. Canada is one of these unfortunate victims as the fraud levels have risen at double the rate of the global average. However, not all hope is lost. Duality Technologies, a provider of privacy-enhanced data collaboration solutions, has announced the publication of a report authored by financial services advisory firm Aite-Novarica, entitled ‘Inter-Bank Privacy-Enhanced Information Sharing: Fraud Detection and Prevention’.
The report analyses how Canadian financial institutions can engage in information sharing based on Privacy-Enhancing Technologies (PETs) to mitigate the rapid rise in digital fraud, in order to reverse this growing crisis. The research estimates that such fraud-focused collaboration could collectively save the top seven Canadian banks hundreds of millions of dollars per year at the very least, and possibly more than CA$1billion.
Fraud is a long-standing scourge in Canada (and globally), but grew exponentially during the pandemic as the expansion of ‘faceless’ digital banking services provided an ideal camouflage for fraudsters. The rate of suspected digital fraud attempts against Canadian financial services companies increased by 218 per cent in the first four months of 2021 over the last four months of 2020. As of 2019, the estimated cost of fraud to Canadian financial services firms is an alarming CA$2.96billion, and this number only takes into account known fraud, indicating the true cost of fraud may be much higher.
For years, banks have been acquiring solutions to help them deal with growing fraud challenges, fueling a market for fraud detection and prevention products estimated in 2020 at CA$8.62billion. However, the report determines that currently, banks are primarily investing in internal approaches to address a shared problem that is best solved by working together. It concludes that in an interconnected banking ecosystem, collaborating on account and transaction data is the only effective way to detect and prevent fraud which is often perpetrated across multiple banks using compromised identity information. Analysing this type of data is ideal for detecting various types of fraud, such as synthetic identity, bust-out, and ATO (account takeover) fraud, and can be executed in order to help uncover attempts to prey on customers of multiple financial institutions.
The report highlights the use of information sharing solutions based on Homomorphic Encryption (HE) for privacy protection, as a key enabler of inter-bank collaboration for fighting fraud. Using HE, banks can encrypt data and share it with peer institutions for analysis and querying, while protecting banks’ and customers’ interests and remaining compliant with strict privacy regulations.
Canada’s banks are subject to PIPEDA, which allows data sharing to protect the public interest – in particular for fraud prevention. By using PETs to secure sensitive information and Personally Identifiable Information (PII), information sharing can help banks gain the upper hand in the fight against fraud while overcoming their hesitance to share their most guarded information while mitigating legal, business, and data privacy concerns.
Alongside an evolving fraud landscape, the shift toward open banking and payment modernisation has led financial services executives to recognise the need for modernising their fraud detection and prevention programs in a comprehensive manner. Increased competition in the banking sector has been squeezing profit margins, making it more difficult for banks to absorb losses from fraud as a cost of doing business and accelerating the need to develop fraud prevention initiatives. As part of the report, Aite-Novarica surveyed anti-fraud executives at Canadian financial services companies and found that the overwhelming majority of these executives are either ‘likely’ or ‘very likely’ to seek to transform their capacity to mitigate risk over the next 1-2 years.
“Privacy-protected information sharing enables Canadian banks to move beyond inward-focused approaches and tackle the country’s skyrocketing fraud problem collectively,” said Dr. Alon Kaufman, CEO and Co-Founder, Duality Technologies. “If banks continue with business as usual by only processing fraud-related data internally behind lock and key, they risk significant reputational and financial damage as fraud continues to grow. Adapting innovative, collaborative, fraud-fighting processes as soon as possible will immediately impact the effectiveness of their anti-fraud efforts while ensuring regulatory compliance and preserving their customers’ privacy.”
“Banks must have access to a broader array of customer data to analyse patterns, behaviors, and incidents of fraud; to score risk properly and to detect fraud occurring at their bank as well as others,” said Tari Schreider, Strategic Advisor – Cybersecurity Practice, Aite-Novarica Group. “In the world of open banking, new threat vectors will emerge, which will require banks to expand their risk horizon across account and device data held by other banks.”