SUNNYVALE, Calif. -- With one of the highest assets-per-member ratios in the business and a high penetration rate for its online banking channel, Star One Credit Union would seem to be a prime target for fraudsters.
In response, the $3.5 billion, 75,000-member CU uses an array of defenses to protect its network and users and has now bolstered that posture with the adoption of a new solution that specializes in specifically protecting online banking accounts.
The FraudMap solution from Silicon Valley startup Guardian Analytics aims to provide real-time, comprehensive online channel risk management without generating large numbers of false alerts due to challenged logins that take up staff time to authenticate or reject.
It does that by automatically analyzing alerts using predictive models of individual behavior without requiring new fraud rules development or algorithm training, the company said.
The result has been the thwarting fraud losses of potentially more than $500,000 since early last year from confirmed case of compromised credentials result in attempted account takeovers, the credit union and company said.
Despite Star One's use of industry-standard solutions such as TriCypher authentication tools, RSA Security anti-phishing protection and the safeguards built into its Digital Insight online banking and XP Solutions core platforms, fraudsters continue to innovate and find new ways to attack online accounts.
The credit union said vulnerabilities remained that made the credit union dependent on members themselves reporting unusual activity within their accounts to identify possible fraud or identity theft attacks.
"We can have all the tools in place but still face one of the biggest challenges in the industry, and that's education," said Margarete Mucker, Star One's vice president of remote services and assistant security officer. "If you give up information to something logging your keystrokes or to phishing, that's not something we can really protect against, because if you give it away, you give it away.
"But that's where the beauty of Guardian Analytics comes in. For instance, we did have a member give it away. He got a Trojan that our system alerted us to and we told him about it. He said, 'No, it couldn't be me. I know what I'm doing.'
"But we made him change his login right away and he went back to his work PC and checked, and he did have a Trojan horse on it. He called us and thanked us.
"If it weren't for that, we would have never known about it until funds were taken from his account and he came to us saying, 'Hey, I didn't do that transaction. I want to be reimbursed.'"
Craig Priess, vice president of marketing and co-founder of Los Altos-based Guardian Analytics, said one key differentiator of his company's product is "our core technology--dynamic account modeling. What it does is use very rich dynamic prediction models of each account holder's behavior to detect suspicious activity.
"It works in real time and the result is a solution that automatically detects new fraud threats, looking for anomalies in behavior without requiring new rules. The result is you get a very low number of false alerts. Just because a login is challenged is not necessarily a good indicator of potential fraud. There's more to it."
The FraudMap system allows the institution to determine the level of threat at which human intervention is required, and also learns individual member behavior to add to that as it goes along.
"We can see that some of the members travel to Europe and log in there, and there's a high concentration of Lockheed Martin employees in Colorado. As the system learns more about these members, the number of alerts they generate when they log in goes down," Mucker said.
Guardian Analytics was founded in 2005 and just announced the general availability of FraudMap in December.
"We've essentially been in stealth mode, but we now have around 10 credit unions, retail banks and business banks in various stages of production," Priess said.
At Star One, the system is producing 20 high-and medium-scored alerts per day of suspicious access to online accounts, and also is used to help investigate suspicious wire transfers, call center activity, and faxes, although the solution's primary focus remains on the login to the online banking account.
"There was one piece missing in all our protections and that was the login information. Before, everything we looked at was after the fact. Guardian is now making us alert at the time of login, and that makes us feel more secure," Mucker said.