"INFIGO Fraud Monitoring" je vlastiti INFIGO IS proizvod namijenjen detekciji i sprječavanju prijevara u bankarskom poslovanju. Rješenje je bazirano na Splunk programskom paketu, a između ostaloga odlikuje se modernom arhitekturom, visokom pouzdanošću, naprednim web sučeljem za upravljanje sustavom te skalabilnošću.
Today, any payment card, ATM, Internet, phone or simple bank transaction leaves a corresponding electronic footprint. This also applies for loans, deposits, trades or any other banking products. Although banking systems inherently store all this data, there is barely any information available for fraud detection in real time, or at least in a timely manner.
Therefore, although having all the data, without adequate real-time detective mechanisms in place, Banking institutions are commonly forced to rely only on post-hoc response which is quite often too late to recover financial losses.
INFIGO Fraud Monitoring is a modern, comprehensive solution for fraud detection and prevention in banking systems. By being able to detect and prevent fraud as it happens, INFIGO FM actually decreases losses induced by fraud, returning investment almost instantly, and helping banking institutions to maintain or increase profit. Having an advanced fraud monitoring solution in place also decreases regulatory risks or expenses.
Real time monitoring of all activities in core banking systems allows prompt detection of any potentially suspicious or fraudulent activities triggered externally or by insiders.
Adaptable and configurable alerting system allows automatic prioritization and grouping of suspicious activities.
Web GUI based alarm console with user friendly navigation and integration with external information has been designed to allow prompt incident review and save time for fraud analysts.
Modular design and modern architecture allows integration with any technology, architecture or banking system vendor with horizontal and vertical scaling depending on number of transactions.
High-availability is a native capability of INFIGO FM, allowing partial system outages without any loss of functionality.
INFIGO FM consists of almost 80 out-of-the-box fraud detection rules covering all the aspects of a banking system. The fraud detection rules are divided into the following groups:
Internal and external transaction monitoring (real time and scheduled)
Cashless deposits between the amount of X and Y to accounts opened within last Z days
Loan and deposit monitoring
Customer was provided with two loan offers where different employer was listed, within X days
Total amount of deposits/withdrawals from a client to an employee of the bank through any transaction channel, during last X days, exceeds the average amount of deposits/withdrawals.
Internet banking fraud monitoring (real time and scheduled)
Internet banking transaction from the account inactive for X days larger than Y.
A user logged in with a different browser and from a different ISP than the one he typically logs in from.
Each group of fraud detection rules consists of 5 to 15 configurable threshold rules. Thresholds can be modified in real time through a GUI web rule editor (more information further below). Additionally, arbitrary weight scores can be added to rules to create arbitrary rule groups. Rule groups will trigger alerts only when the score is met or exceeded. This way the amount of false positive alerts is decreased.
Thresholds for rules can be static as defined by a fraud analyst or dynamic, related to average values of input parameters (i.e. a transaction is 50% or more higher than the user’s average transaction value in last 6 months). This allows for detection of non-pattern based fraud and anomalies in client’s behaviour.
Finally, all rules can be extended with arbitrary black or white lists. The lists used can be easily managed by fraud analysts through a GUI interface.
Anti money laundry
INFIGO FM extends intelligence to support anti-money laundering laws and regulations. INFIGO FM provides easy compliance with currency transaction reporting (CTR) requirements. It also provides capability for integration with different black list providers and customer identity management. Finally, it expands its core functionality to additionally track suspicious activity and provide suspicious activity reporting (SAR). The SAR capability is provided with an additional rule set which is divided into the following groups:
Related cash and non-cash transactions
Core banking interface - put all data in
Core banking interface is a vital component of the INFIGO Fraud Monitoring. INFIGO Fraud Monitoring is a flexible product that can consume data in any format from core banking. By default a JDBC/ODBC connector is used which allows configuration through a rich GUI interface. Specific information, if required, is collected through special external connectors that can collect to databases, web services or even digest data from flat files. The system collects data about transactions, system deposits and users (clients) as well as web log data in order to track Internet banking fraud,
Data enrichment - leverage fraud detection
INFIGO Fraud Monitoring has capability to consume data from external sources such as public corporate registers and other national or global data sources leveraging fraud detection capabilities even more. Combining suspicious activities with additional information provides fraud analysts with a single console which provides all the information required for case investigations.
Alert console - see fraud attempts as they occur
Alert console provides unique interface for alert management. Every alert triggered shows within alert console available for analyst review.
Within alert console analysts can investigate alerts – see additional historic or additional information on potentially compromised accounts. The alert console can be customized as requested and is by default divided per rule groups.
Depending on investigation, a built-in workflow enables analysts to close each or multiple alerts with status of false positive detection or confirmed compromise. The analysts can also e-mail one or more alerts to their colleagues, if they need to do so.
Alerts can be classified with a single click of a mouse – the analyst can select multiple alerts and close them all at once. The system stores all audit data and information about performed activities on alerts. This allows for generation of reports about fraud analysts’ activities.
The alert console is further enriched with external data. The INFIGO Fraud Monitoring system can collect virtually any external data – by default the system can be integrated with external company registry services in order to give an analyst a full picture about any account owned by a company.
Easy to use real time alert notification
Data drill-down for analysts
Fraud case workflow
Alert history and stats
Rule editor - fine tune your rules
Rule editor enables analysts to review the fraud rule-set, turn on and off the rules and to adjust or fine tune thresholds. All the actions are performed via a user friendly GUI.
List/filter fraud detection rules
Edit rule thresholds
Turn on/of fraud detection rules
Proactive blocking - leverage detection and prevention
Depending on the alerts, the system can proactively block or delay transactions. By default, INFIGO Fraud Monitoring can call external web services or execute any program when an alert has been detected.
Data warehousing - keep data in
All collected data can be kept in the system available for instant analysis for indefinite period of time. Data aging, backup and off-line archival are configurable. Thanks to Splunk’s supreme indexing and searching engine used by INFIGO Fraud Monitoring, statistical calculations can be performed on large data sets.
Redundancy and high availability - running 24/7/365
Redundant, high availability deployment is possible with at no additional cost. High availability options such as data replication factor (denotes number of redundant data copies) or search factor (denotes number of redundant fraud interfaces) are configurable.
Modern web based GUI
INFIGO Fraud Monitoring system is a web application that only requires a web browser to run on fraud analysts’ machines. The system can be integrated with any other authentication system, including 2FA authentication.