Voice of the Industry

Fraud, authentication, and orchestration hubs

Thursday 21 July 2022 07:54 CET | Editor: Paul Mart | Voice of the industry

Adam Rusbridge and Federico Carbone from Ping Identity discuss the benefits of fraud, authentication, and orchestration hubs for financial institutions.


What is currently happening, what are the challenges of financial institutions when fighting and preventing fraud?

FIs are expanding digital services to meet customer requirements, increasing the risk of attacks. Open Banking regulations require financial institutions (FIs) to provide access to customer data to third parties, further exposing their assets. Meanwhile, several new players, mainly fintechs and cryptocurrency companies, are entering the market and introducing new services and alternative currencies that are only loosely regulated.

'Establishing trust involves processing a mixture of signals throughout the user’s journey. These signals may come from fraud and risk services, or info about the user, device, and action being performed.'

Fraudsters and attackers are taking advantage of these changes. Many of them have access to large and well-funded criminal organisations, and they are becoming increasingly sophisticated. BOTs and emulators proliferate, and social engineering remains a major threat.

What is the effect of these challenges on financial institutions?

Financial losses due to fraud are a significant problem, and FIs are also at risk of losing existing customers due to reputational damage caused by publicised security breaches and perceived lack of security.

Because fraudsters are always evolving their methods, organisations must constantly review and reassess their security posture. New and smarter counter-fraud measures can help, but only if they don’t introduce excess friction. Despite wanting to feel like their accounts and data are secure, no customer wants to feel like they are being treated like a criminal. Because of this, FIs must find the right balance between securing transactions and delivering a smooth user experience.

ATO fraud rose 307% between 2019 and 2021; next in line come identity theft and APP fraud. How can advanced authentication solutions combat these three dark nights of fraud?

Existing MFA solutions that support SMS and email OTP are not adequate, as they can be easily bypassed by sophisticated malware or attackers. However, modern MFA solutions that support strong cryptography make ATO attacks very difficult to complete because attackers cannot bypass strong authentication even if they are using stolen credentials. When logging in becomes too difficult or inconvenient, attackers will move on to easier targets. Some solutions also support passwordless authentication, completely removing the need for a password, meaning credentials cannot be stolen.

Identity verification and proofing tools can help address identity theft, allowing organisations to ensure a customer’s digital identity is tied to their real-life identity. Document-centric identity verification models are effective, as they require a live-image selfie and a photo of government ID to verify that a customer is a live person whose identity matches a valid form of identification.

To combat APP, fraud teams need to identify individuals’ propensity to fall victim to scams and take action based on that information, for example by designing user journeys that direct users down different pathways based on the perceived risk of the activity they are performing.

In general, establishing trust involves processing a mixture of signals throughout the user’s journey. These signals may come from fraud and risk services, or information about the user, device, and action being performed. The user may be directed to different user experiences depending on the trust level.

Financial institutions are better equipped to fight fraud by analysing clients’ data to contextualise risk and authentication decisions. These solutions are also called fraud detection and authentication hubs. What exactly are these?

FIs use dozens of different best-of-breed point solutions and need to find ways to bring these disparate data sources together.  Eliminating products is not the answer. Instead, organisations can make these products work better together by using a tool to ingest signals from across the business and incorporate them into a unified decision.

At different points in a user journey, these tools can determine whether to permit, deny or challenge (step-up) an action. A variety of contextual data is used to make these decisions; this may include fraud and risk engines, but also information about the user and the transaction being performed. Orchestration hubs are mechanisms to articulate policies that determine how these signals will be combined and used to make decisions. Ultimately, the correct tools should allow organisations to design user journeys that adapt based on perceived risk and inject minimal friction to low-risk sessions.

What advice would you give FIs to keep their businesses and customers safe?

Increase real-time visibility and adopt modern technology that uses intelligent algorithms to identify anomalies. By observing, learning, and understanding the exact behaviour of legitimate users, these solutions can identify deviations from that behaviour and flag anomalies. Next, deploy orchestration solutions that allow the aggregation of multiple risk signals, and can respond to those signals with security controls. Finally, continue to educate end customers on good security practices. Even the more sophisticated and recent malwares often rely on users providing some level of approvals, and well-informed users are harder to scam.

This editorial was first published in our Financial Crime and Fraud Report 2022, which showcases the innovation and development of the best practices and instruments used by financial institutions in their fraud prevention activities, to improve the digital onboarding process of their customers while fighting against financial crime.

About Adam Rusbridge


Adam Rusbridge is a Senior Product Manager focused on Ping’s Authorisation products, responsible for developing cutting-edge solutions that keep organisations and their resources safe and secure.




About Federico Carbone


Federico has more than 10 years’ experience in the IT space, mainly in Identity & Access Management. He joined Ping Identity as a Solutions Architect in EMEA in 2013, where he is responsible for pre-sales activities for large enterprises.




About Ping Identity

At Ping Identity, we believe in making enterprise experiences both secure and seamless for all users, without compromise. That’s digital freedom. To achieve this, the PingOne Cloud Platform turns you into an experienced artist who can bring exceptional journeys to life with a simple no-code canvas. You can deliver passwordless authentication, protect user privacy, prevent fraud, architect for zero trust, and much more. For more information, please visit www.pingidentity.com.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: fraud prevention, identity theft, identity verification, online authentication, identity fraud
Categories: Fraud & Financial Crime
Companies: Ping Identity
Countries: World
This article is part of category

Fraud & Financial Crime

Ping Identity

Discover all the Company news on Ping Identity and other articles related to Ping Identity in The Paypers News, Reports, and insights on the payments and fintech industry: