How Behavioural Biometrics Detects Money Mule Accounts
BioCatch Regional Head of ASEAN and Hong Kong Christopher Yap discusses the problematic of money mule accounts and how behavioural biometrics can help detect anomalies in user behaviour.
By Christopher Yap
Today, banks are witnessing a drop in on-premise account applications as more customers choose to move to the digital space. However, this shift opens up new avenues for cybercriminals. While the threat landscape continues to escalate, fueled by the easy availability of stolen and synthetic identities, financial institutions (FIs) are under pressure to remove these friction points to safeguard their customers.
Money mule accounts, which are either set up with false paperwork using a stolen identity or belonging to a legitimate customer who has allowed criminals to use their account, are the most critical link in the fraud supply chain infrastructure. After all, cybercriminals are unable to steal money if they have nowhere to send it.
The financial services industry clearly recognises that mule accounts are a significant problem. At the same time, not all banks are tracking money mule accounts due to a lack of resources to support continuous monitoring. Combine this with a lack of industry standards or best practices for detection and the increase in peer-to-peer platforms for faster payments, FIs are faced with an ideal environment for money mule accounts to flourish.
Money Mule Accounts a Region-Wide Issue
Across the Asia Pacific region, this issue is becoming much more significant. We are seeing targeted groups of people becoming increasingly at risk of opening a mule account, knowingly or not, with the majority being teenagers or young adults in their early 20s. This group is focused on what they can gain, rather than the risks involved in doing so.
In Malaysia, a recent survey showed that one out of four students share their bank accounts, debit and credit card details and personal identification numbers because they “trust” their friends. This has contributed to the rise in mule account cases that are slowly spreading to schools, colleges and university students.
Another at risk group is the unemployed. An increase in unemployment across the region has led to those who are willing to open up mule accounts to earn quick money. In Australia, The Australian Federal Police has warned citizens to be vigilant online after a spike in December 2020 in criminal syndicates using job advertisements to recruit money mules.
Lastly, victims of romance scams are also widely recognised as a targeted group, although they have decreased in number over recent years. In these cases, the person opening the accounts wants to be helpful to the person they believe they are in relationship with. In Singapore specifically, more than 250 people are being investigated for alleged money mule crimes, comprising mainly Internet love scams.
Deep Diving into the How
To educate the wider public, it is important to firstly understand how cybercriminals operate. There are two main ways cybercriminals can go about establishing mule accounts – recruiting mules or opening a new account.
For mule recruitment, cybercriminals will dupe real victims into scams in an attempt to get them to use their established bank account to transfer stolen funds. Two of the most common types of mule recruitment tactics are work-at-home opportunities and romance scams, which have both seen a dangerous uptick during lockdowns when restrictions were implemented across the region.
Cybercriminals can also use stolen or synthetic identities to establish new accounts that cannot be traced back to them. Once opened, cybercriminals will often let the account remain dormant for some time to avoid raising red flags with the bank. Before long, the new accounts are being used to cash out and launder stolen funds from other compromised accounts.
It is not unusual to see cybercriminals take advantage of marketing programs or other promotions designed to increase customer acquisition to open new accounts. FIs open themselves up to increased risk during these promotions as it is harder for them to spot the fraudulent accounts during the period of increased enrolment.
A Greater Role Placed on Behavioural Biometrics
There are some common factors that can be used to detect mules such as transaction velocity and number of transfers – but how would an FI prevent a fraudulent account from being opened in the first place? This is where the power of behavioural biometrics comes in.
Behavioural biometrics is an AI-driven fraud detection and authentication technology that does not focus on data itself, but on how a user interacts during the entire account opening process. The technology works behind the scenes to analyse positive and negative behaviours that are indicative of a fraudster versus a legitimate user.
Application fluency and low data familiarity are just a few examples of how digital behavioural data can be used to identify new account fraud. Application fluency refers to how familiar the user is with the account application process. A cybercriminal repeatedly using compromised or synthetic identities will demonstrate a high level of familiarity with the new account opening process, compared to a legitimate user.
Low data familiarity, on the other hand, refers to how familiar the user is with his or her own personal data. A cybercriminal, who is not familiar with the personal data, may display excessive deleting or rely on cut-and-paste techniques or automated tools to enter information that would be intuitive to the legitimate user.
Over the past year, the role that behavioural biometrics plays in customer trust and safety has increased significantly and forms a crucial development in fraud technology.
Many traditional solutions are still reliant on knowledge-based authentication, device ID, and mobile network operator solutions such as SIM cards. However, this approach is simply not enough to detect cybercriminals.
Similar to social engineering attacks, behavioural biometrics looks at thousands of risk indicators that signal latency, hesitation, distraction and other user behaviours that indicate a person may be acting under the direction of a criminal. Suncorp, an Australian based bank began using behavioural biometrics in 2020. After installing the solution, they successfully shut down 90% of mule accounts before any fraud occurred.
As we consider the lack of industry standards and best practices for detection and how they are contributing to an ideal environment for money mule accounts, FIs should make building a trusted environment a top priority with behavioural biometrics in 2021 and beyond.
Ed. Author Christopher Yap is the Regional Head of ASEAN and Hong Kong at BioCatch. Yap says he is a Certified Fraud Examiner and Certified Anti-Money Laundering Specialist. Featured image courtesy of Pixabay.
