CS Mar-Apr 2024
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
iometric cybersecurity<br />
the previous year, making it the<br />
fastest-growing fraud category.<br />
How can banks effectively protect their<br />
clients from these kinds of financial losses<br />
and minimise losses for themselves, as<br />
obligatory fraud reimbursement regulations<br />
are being introduced in the UK and around<br />
the world? Traditional user authentication<br />
and fraud detection tools, deployed by<br />
many banks, typically use various device<br />
fingerprinting techniques that are quite<br />
effective against scams where the fraudster is<br />
in an unusual location or accesses the online<br />
banking application from a browser or device<br />
that is not recognised as the standard for a<br />
specific user. The problem is that when the<br />
user hands over the cursor and keyboard<br />
control to someone else who is remotely<br />
transacting in the victim's account on the<br />
victim's own device, through the usual<br />
browser, and from the usual IP address,<br />
device fingerprinting becomes completely<br />
useless in spotting the fraud.<br />
During a remote desktop session, the cursor<br />
movements and typing of the remote agent<br />
are instantly mirrored on the user's screen,<br />
and these cannot be differentiated by a<br />
human observer from the interactions of<br />
the user working locally on their own<br />
computer. A few years ago, there used to be<br />
a slight time lag and some skipping cursor<br />
movements, but the latest versions of the<br />
common remote desktop tools are free from<br />
these<br />
issues.<br />
Luckily, there are<br />
still some very subtle<br />
data patterns that can be<br />
detected by the most sophisticated AI<br />
systems, such as Cursor Insight's patentpending<br />
Remote Access Detection solution,<br />
which is part of the Graboxy Cybersecurity<br />
Platform.<br />
SUSPICIOUS ACTIVITY FLAGGED<br />
Cursor Insight has been for years at the<br />
forefront of innovation in the field of<br />
biometric cybersecurity, with the Graboxy<br />
Continuous Authentication tool winning<br />
prestigious awards, including the 'Cyber<br />
Product of the Year' at the National Cyber<br />
Awards and the 'Remote Monitoring Security<br />
Solution of the Year' at the Computing<br />
Security Awards in 2023. A fundamental<br />
feature of Graboxy is the continuous<br />
monitoring of user interactions and the<br />
use of AI to analyse data transmitted through<br />
the user's web browser.<br />
The data is only monitored and analysed on<br />
the server side, so nothing has to be installed<br />
by the client. The technology is capable of<br />
building accurate biometric profiles by<br />
finding behavioural patterns that can be<br />
associated with individual users.<br />
Graboxy can passively authenticate users<br />
in the background by comparing real-time<br />
interactions, including mouse movements,<br />
to the biometric profile belonging to the<br />
user. Suspicious sessions with a high<br />
likelihood of an ongoing account takeover<br />
or other types of unauthorised access can be<br />
quickly flagged for further security checks or<br />
additional re-authentication. This solution<br />
can be effectively used to detect a fraudster<br />
controlling the user account through a<br />
remote desktop session.<br />
The Graboxy Remote Access Detection<br />
Solution adds an additional security layer on<br />
top of passive continuous authentication. It is<br />
able to, within a few seconds and in real time<br />
identify any remote access session, which is<br />
almost always a sign of a scam attempt in<br />
online banking and payment applications.<br />
The unique advantage of this solution is that<br />
it uses predefined machine learning models<br />
trained specifically to differentiate between<br />
local and remote users. It means that no<br />
individual profiles need to be built over time,<br />
and no rule or algorithm calibration is<br />
required, unlike most AI-based solutions. It<br />
works straight out of the box and can easily<br />
be combined with already deployed fraud<br />
detection solutions through its API.<br />
WINNING THE BATTLE<br />
Fighting against cybercrime and online<br />
financial fraud is a dynamic race where both<br />
the attackers and the defenders tirelessly<br />
innovate and try to outsmart the other side.<br />
The stakes are high, especially with remote<br />
access scams, where, unlike with the most<br />
common types of scams, the hackers could<br />
potentially steal complete life savings in a<br />
matter of minutes. Educating banking clients<br />
not to hand over the control of their devices<br />
to strangers who are offering unwanted help<br />
during a phone call is, of course, essential;<br />
awareness can and should be raised to help<br />
people protect themselves.<br />
But, just like many customers still often<br />
voluntarily share their login credentials,<br />
PINs and SMS one-time passwords with<br />
scammers, the human factor remains<br />
the weakest link that fraudsters exploit in<br />
the case of remote access scams as well.<br />
Investing in technologies that offer protection<br />
from the latest forms of cyber fraud<br />
remains a necessary tool to win the fight.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Mar</strong>ch/<strong>Apr</strong>il <strong>2024</strong> computing security<br />
23
Change language