Safeguarding customers with a dynamic cyber security strategy

Nick Wilson, Vice President, APAC, LexisNexis Risk Solutions.

As one of the fastest-growing economies in the world, the Indian government is taking steps to help its GDP exceed $5 trillion, earlier than expected. India has long been considered a global tech hub and many companies here are pushing towards a digital transformation to increase productivity and efficiency while lowering operations costs.

The number of digital payment transactions increased by 326.8% between 2017 and 2022. QR codes are ubiquitous, appearing everywhere from tickets to see performers on the road to paying barbers in shops. This code brings hundreds of millions of people to the instant payment system that has shaken up the economic ecosystem, which also creates a digital network that connects customers with businesses instantly.

Our latest research shows that QR code payments and peer-to-peer transfers have become the leading payment channels in India. On the flip side, convenience comes at a cost in the form of fraud. When was the last time you scanned a QR code without a second thought? This new payment channel attracts fraudsters to evolve their strategies, switch up their tactics to find vulnerabilities to exploit.

Online scams through QR codes are increasing across the Asia-Pacific region, according to our Global State of Fraud and Identity Report. However, this is only the tip of the iceberg. Cybercriminals are using a myriad of ways to launch complex attacks as digital transactions continue to grow, often targeting the weakest link in the customer journey.

The Status Quo

The Indian government has introduced a series of policies since enacting The Information Technology Act in 2000 to establish a better cybersecurity framework. The Digital India Act 2023 and the Digital Personal Data Protection Bill are expected to be in place later this year. The latter proposes a penalty of up to Rs 250 crore (approximately US$30 million) on firms that fail to “take reasonable security safeguards to prevent personal data breach”.

Nevertheless, the pandemic has accelerated the country’s digital transformation and the evolution of cybercrimes. With the rise of artificial intelligence (AI) and machine learning (ML), companies can detect fraud better by utilising data analytics.

Weaponization of Artificial Intelligence

AI chatbots or applications amaze us by boosting our productivity, but the cyber threats brought by technology are also beginning to surface. In today’s digital age, fraudsters have continued to evolve and become adept with the latest technology, creating a more sophisticated fraud ecosystem.

Fraudsters are using AI to pinpoint potential victims and craft phishing emails, design malicious software or ransomware and develop fake chatbots that mimic individuals or reputable organizations. They aim to deceive people into divulging sensitive information.

Taking Responsibility

Malware, ransomware and phishing are the most common cyber attacks. Businesses are especially vulnerable to these attacks which can lead to data breaches. Hackers who bypass firewall security and steal users’ information are using it for fraudulent or extortionist purposes or to sell it on the dark web. Companies not only face the risk of losing customers and damaging their reputations but may also be subjected to substantial penalties.

The motivations and approaches driving cyber attacks are varied and ever-changing and we have yet to realize long term potential for both physical and economic disruption. Cyber attacks can result in emotional responses such as anxiety, frustration, shame and anger. Companies have a responsibility to take appropriate measures to protect themselves and their customers from such attacks.

Road to Success

To combat fraud, businesses need effective strategies and solutions that safeguard data and customers, such as:

  • Deploying behavioural biometrics solutions – People have patterns that indicate their unique ways of browsing the web or using a mobile app. Different from traditional two-factor authentication, behavioural biometrics builds unique user profiles based on behavioural patterns with devices. It analyses how users hold devices, how much pressure they apply on the touchscreen and more. Behavioural biometrics enables businesses to verify users in the background while they are interacting with their devices by analysing data with machine learning.
  • Using a unified orchestration platform – Quickly onboarding a high volume of customers is not an easy task when it comes to transaction monitoring and risk scoring. Businesses can view and detect anomalies accurately in real time across the entire customer lifecycle with a single and unified risk orchestration platform. It covers the consumer journey from onboarding and screening to ongoing monitoring.
  • Implementing a multi-layered approach – A multi-layered approach can detect cybercrime and fraud on different levels and across multiple channels that are invisible to customers. Investing in a single holistic approach with multiple layers of complementing fraud defences is an effective way to lower fraud costs.
  • Utilizing digital intelligence – Businesses can detect high-risk events and take corresponding actions in real-time by adopting solutions that collect and process shared intelligence from millions of daily consumer interactions. Our recent local data centre launch in India shows how we value shared insights by enabling customers to gain additional risk signals across account openings, logins, and payments from the 1.4 billion recognised users across our network.

Endless Battles

Businesses must balance the need for fast, seamless customer interactions with the demand for strong security measures that keep up with the speed of criminals. Customers expect interactions that are efficient, secure and friction-appropriate at each touchpoint.

By implementing a dynamic, multi-layered fraud prevention and detection strategy based on a unified and risk-based of identity view, businesses can offer personalized and secure transactions to genuine customers, while accurately identifying and preventing potential cybercrime threats.

Nick Wilson, Vice President, APAC, LexisNexis Risk Solutions.
Nick Wilson, Vice President, APAC, LexisNexis Risk Solutions.

The author is Nick Wilson, Vice President, APAC, LexisNexis Risk Solutions