Mobile operators have offered banks a service to identify potential participants in fraudulent schemes

Large telecom operators offer banks a service to identify potential droppers (intermediaries in the splitting of funds obtained fraudulently). Screening out this high-risk clientele should help the bank both in the fight against fraudsters and in reducing the number of incident investigations. However, experts point out the risks of such services, including in terms of the quality of checks and the legality of processing personal data.

Mobile operators have begun offering credit institutions services to identify potential participants in fraudulent schemes among clients. MTS has begun widely selling a service for banks and microfinance organizations to verify individuals before providing services, one of the main functions of which is to identify potential droppers, the company told Kommersant. “Beeline already has a service for identifying probable droppers and other types of potential fraud,” noted VimpelCom. Tele 2 plans to launch a service for identifying droppers both among its subscribers and clients of other telecom operators.

As MTS explained, when opening an online banking product, the client enters a phone number. After this, the bank sends it to the operator for verification to determine whether the client has “suspicious patterns of behavior.” In particular, we are talking about the frequency of changing SIM cards and the Internet resources visited. As MTS explains, the check is carried out using scoring models, including for clients of other operators. As VimpelCom notes, the service “incorporates machine learning models that, in particular, evaluate behavioral patterns and are able to recognize suspicious client actions.”

Olga Blednova, director of the practice for providing consulting services to financial sector companies, Olga Blednova, among the signs of droppers, notes, first of all, the frequent change of SIM cards in a short period of time, including in different regions, or the lack of linking of the number to the Internet bank. To issue a debit or credit card, a mandatory condition is to indicate a mobile phone number, so attackers use SIM cards with a dubious past, adds Fedor Muzalevsky, director of the technical department of RTM Group.

Experts admit that such a service is relevant for banks of any size.

Organizing the exchange of information between telecom operators and banks can become an effective mechanism to combat fraud, the Central Bank confirms. Large banks, however, claim that they can cope on their own. Stanislav Kuznetsov, deputy chairman of the board of Sberbank, said at this week’s Ural Forum that the bank was “simultaneously able to successfully block 15 thousand dropper cards.”

If fraud is detected, the bank is faced with the need to interact with affected clients, respond to requests from regulators and carry out procedures related to incidents, which may entail reputational risks, notes Alexey Sizov, head of the anti-fraud department of the center for applied security systems at Jet Infosystems. In addition, according to SafeTech CEO Denis Kalemberg, droppers can participate in dubious transactions from the point of view of AML/CFT legislation, therefore, if the solution allows identifying such persons, this is a good thing.

But experts and market participants themselves note the risks of “anti-dropper” services.

For any operator, the quality of checks outside the perimeter of its own data begins to degrade, Tele2 admits. Thus, a citizen who is conditionally unreliable for one operator-bank connection may appear law-abiding for another operator-bank connection, explains Mr. Muzalevsky. And in the first case, he will encounter difficulties when opening an account, which reduces the availability of financial services, the expert emphasizes.

In addition, notes K&P Group intellectual property lawyer Kristina Timofeeva, cellular operators do not have the right to provide information about citizen subscribers to other operators, as well as transfer this information to banking organizations, unless there is consent from the subscriber himself.

Yulia Poslavskaya, Tatyana Isakova, Anna Zanina