Businesses around the world are going through a digital transformation to build more efficient digital channels. But in doing so, they are potentially exposing themselves to new risks of fraud. As professional cybercriminals adapt to catch up with the best fraud detection models, businesses have no choice but to strengthen their fraud and risk management strategies.
“The question is, how in the world do you protect against this ever-increasingly capable technology? And the answer — as it almost always is — is with more technology,” said Stephen Ritter, CTO of Mitek Systems, a software company that specializes in digital identity verification and mobile capture built on artificial intelligence (AI) algorithms.
Social Engineered Deep Fakes and Biometrics
As Ritter explains, deep fakes are essentially videos created by AI, which were initially designed as a testing and development tool for machine learning engineers building neural networks to help identify the mistakes of other neural networks. However, as the tool popularized, it created a space for fraudsters to simply download software kits from the internet to create custom deep fakes for scamming. Coupled with social engineering, the threat can be devastating, with the ability to flawlessly replicate the identity of a person or business.
“They’re trying to replicate a biometric, replicate some aspect of what makes us who we are, whether it’s our face, voice, fingerprints or eyes …. and then are using that replicated example to get through security mechanisms, whether it’s a human or technology security mechanism,” explained Ritter.
He said a significant challenge with biometrics security is the trade-off between effectiveness and usability or convenience, adding that retina scanning is currently the most secure and technologically advanced. Still, it requires special hardware with a specific enrollment process, making it inefficient to use for digital channels and banking.
See also: Social Engineering Attacks: What You Need to Know
Integrating Liveness Detection Into Anti-Spoofing Techniques
Mitek Systems focuses on biometrics that provide good defense and accuracy, but are also easy to capture from a mobile device or desktop computer. They rely on facial recognition technology that can be used to match a selfie to the face on a government-issued identity document. Mitek Systems recently acquired ID R&D, a company with expertise in liveness detection, intending to lead the fight against identity fraud. Automated linked and layered technologies are combined with forensic expertsise to rapidly detect identity fraud and verify customers faster and more accurately.
“It is an arms race, just like cybersecurity — and thankfully, our solution has been very successful. We’re able to help a lot of companies protect against these attacks, while also witnessing what the bad guys are doing, and that’s fascinating,” said Ritter.
Related news: Down But Not Out: Paper Checks Are Still Catnip for Fraudsters
Concerns Regarding Data Storage
Data privacy is a key concern for consumers and businesses alike. Ritter says Mitek Systems treats its data with the utmost sensitivity.
“At Mitek, we believe that data belongs to the consumer. There’s also a lot of good that can be done with the data — as long as you treat it, store it and get rid of it in the way that you should, according to your contracts with the consumer,” he said.
Read also: Bank Customers Are More Trusting When FIs Use ‘Zero Data’ Approach
Market Convergence
Consumer identity theft and fraud are widely addressed in the industry. Big Tech companies like Amazon, Apple and Google have set up sophisticated infrastructures to manage the security of their employees and partners — but others on the enterprise side are starting to realize that they need similar capabilities to protect the identity and security of their customers and consumers. As a result, Ritter said the market is seeing a convergence of the enterprise and consumer sides.
“You see these two worlds coming together, and it’s interesting because the tactics the fraudsters take on each side are slightly different, but there is a lot of common ground,” he said. “I hope that all the hard work the cybersecurity industry has done for the last several decades to help secure enterprises [will] positively impact our experience as consumers.”