Cyota talks up eVision system

Cyota's Risk Based Authentication is used in Cyota's eVision online fraud management and eSphinx invisible two-factor authentication solutions.

HBOS, one of the UK's leading financial services organizations, first deployed Cyota's eVision in August 2004 to protect its online credit card transactions. The project was led by Gordon McFadyen and Anne Claydon from the card fraud team, and was launched last year. Since then, HBOS experienced an 80 percent reduction in fraud incidents, very low level of blocked transactions due to "false positives" and increased cost savings. Four other top US and UK-based banks experienced similar results since deploying Risk Based Authentication within the past 12 months. The total asset size of banks using eVision to date is over $4 trillion US Dollars.

"Cyota's eVision Risk Based Authentication has proven to be a very effective approach to reducing fraud at HBOS. The system is innovative and works far better than traditional tools that were never designed to meet the challenge of Internet fraud. We are now evaluating how to leverage the technology in other areas of the bank’s online business," said Gordon McFadyen, Fraud Prevention Manager at HBOS.

To provide the strongest, most reliable protection against online fraud, Cyota's eVision analyzes and scores all online banking and e-commerce transactions in real-time and adjusts the required authentication based on the degree of risk. Cyota's proprietary eRiskEngine compares each online transaction to an auto-generated profile of that user's known behaviors and other criteria, such as digital fingerprints, geographic location, device information and more. Should a transaction be deemed high-risk or match a known fraud profile, eVision will elevate security and require the user to go through additional authentication.

Cyota's system also compares the data to known fraud patterns compiled by Cyota's eFraudNetwork, the world's largest repository of online financial fraud patterns. The eFraudNetwork is a constantly updated central repository of fraud patterns identified during processing online transactions by Cyota at about 40 large banks and thousands of smaller financial institutions; it enables Cyota to protect all its customers on the Network in real-time and prevent fraudsters from launching the same attack against individual banks.

"We are very happy with the results of Cyota's eVision, which delivered a quick return on investment over the past 12 months," said Jon Berrill, Head of Card Operations in HBOS. "The system achieved a significant reduction in fraud, and a very low rate of false positives, which allowed us to better manage the risk of our e-commerce transactions without causing inconvenience to our legitimate customers."

"Three years ago Cyota created its Risk Based Authentication technology in response to customer feedback that they traditionally had to choose between security and usability but could not have both. We are pleased to witness the powerful results generated over the past year for banks like HBOS," said Amir Orad, executive vice president at Cyota. "The combination of Cyota's eRiskEngine, our comprehensive eFraudNetwork and the Risk Based Authentication technology has proven to be effective dealing with the ever evolving online threats."

eVision Results and Trends Uncovered

• Customers reported a confirmed 80 percent reduction in their online fraud where the system was deployed.
• The system achieved very high accuracy rates in preventing fraud. The average ratio was between 1:1 and to 2:1, meaning that for every one or two genuine transactions blocked by Cyota, one transaction was deemed fraudulent. This demonstrates that the vast majority of genuine users felt no impact. This is approximately 10-20 times better then alternative technologies in the market.
• Production data reinforced the notion that fraudsters now widely utilized domestic proxies instead of international ones to hide their identities and real location, despite the majority of attacks originating overseas. Over 90 percent of the attempted account takeover transactions originated in domestic IP addresses, not international ones, even though many of these fraudsters operate from overseas.
• There are a growing number of fraudsters targeting multiple banks simultaneously using the same computer, location, or pattern. Fraudsters prepare the attack and then execute it against more than one financial institution.