Control Over Where And How much Access Allowed

  HOME » SOLUTIONS » Case Studies

Case Studies

Financial Services

Dealing with Cyber robbery of banking credentials by Scammers and Phisers
The Challenge:

Many of the banks now a days face cyber robbery more frequetly than actual robber going to bank to rob cash. Scammers and phisers trick account holders or install malware and obtain user's account credentials. Also relatives, children and potentially colleagues seemed to be able to routinely guess usernames and passwords, (or find them written down) to gain access to online accounts. Once they had access, they would transfer funds out of the account. Transfers the legitimate account holder would eventually dispute. It is a crime of 'opportunity'.

The banks have difficulty handling disputed transactions and account transfers when the access seemed to be legitimate while the actual account holder was adamant that it was not they who had used the account. Individually, the amounts were not that substantial and often did not meet the threshold for an ISP subpoena and legal prosecution. Collectively, however, the losses were mounting. Something had to be done to thwart "opportunists" besides simply repaying the dissenting account holder.

The Solution:

GEOACL can be consulted to implement location based authentication solution. An automated location verification process would be triggered by online fund transfers, ATM cash withdrawal attempt, Cash withdrawal at branch and other banking actions. even with low dollar amounts - amount being user configurable same or separately for each given location. Location from where request was made (online or at branch or at ATM) and amount of the request are validated by GEOACL Server, prior to submitting the transaction to the backend for final processing. Users have choice to select valid banking locations and threshold for each location. The cost of deploying GEOACL is significantly lower than hard dollars being repaid to accounts and the lost productivity in the customer service department.

Being tokenless and easy to configure and deploy, losses from cyberthefts would decrease for both bank and customer.