The Central Bank has expanded its arsenal of methods for identifying fraudsters: which transactions will be considered suspicious

The list has been supplemented with fifty new criteria

From October 1, banks began to disclose information about suspicious transactions based on 50 criteria. This innovation was reported by Gleb Belavin, a member of the expert club of the Center for Strategic Research. We are talking about obtaining more complete information about transfers made without the consent of the account owner. Now, for example, cases of simultaneous operation of Internet banking in very remote geographical locations and operations atypical for the client will be considered doubtful. MK found out from experts whether these measures will help in the fight against fraudsters and whether there will be delays in transfers due to the innovation.

According to the Bank of Russia, in the second quarter of 2023, cyber fraudsters stole 3.62 billion rubles from the accounts of individuals. From April to June, 279.7 thousand transactions were carried out without the client’s consent. The total number of such illegal transactions increased by 28.5% over the year, although the amount of damage from the actions of criminals decreased by 6%. To strengthen the obstacles in the way of cyber fraudsters, the regulator decided in October to oblige banks to disclose information about suspicious transactions based on 50 different criteria. “This is a very correct action, perhaps a little belated,” Belavin commented on the actions of the Central Bank of the Russian Federation. For comparison: previously the Bank of Russia only had information about the final recipient of the stolen funds. Now suspicions will be raised by such actions as applying for a pre-approved loan immediately after the online banking block is lifted due to an incorrect login or password, monetary transactions atypical for the client from a new phone or computer, the operation of Internet banking from different geographical locations in which It is impossible to be with the same person in a short time.

The press often describes the stories of pensioners who suffered from the actions of cyber fraudsters, and although they are real, because of this, the image of the main victims of attackers in the mass consciousness will be somewhat distorted, but young people suffer no less from such criminals. Thus, according to a study by the Central Bank of the Russian Federation, a typical bank client who has a risk of becoming a victim of fraud is a man aged 25 to 44 years. Other features of such a client were living in the city, average income and secondary education, and active use of online banking services.

Any innovations often cause delays in operations and other inconveniences for conscientious clients, which IT specialists often like to warn about. However, this time experts assure that Russians will not be bothered by the new methods of the Central Bank of the Russian Federation to declassify scammers. “FinCERT (a special structural division of the Bank of Russia), on the platform of which all Russian credit institutions exchange information about fraudulent transactions, will receive from banks additional information about the participants in such transfers, and not just about the final recipient of the stolen money,” explained the general director of the digital development studio solutions for business Products School Kliment Kuzmin. “The standard being introduced is necessary to simplify the implementation of the law on information exchange between the regulator and the Ministry of Internal Affairs.” An expanded list of potentially dangerous signs of fraudulent transactions, collected based on data from all banks, will provide the basis for building a data lake. This will make it possible in the future to build predictive (predicting negative) models and use neural networks to prevent fraud, which will improve schemes for combating scammers. The new practice is a step forward in this direction. It will allow you to think ahead, find loopholes before criminals and prevent negative practices, the expert is sure.

According to the chairman of the All-Russian Union of Mediators, Vladimir Kuznetsov, new countermeasures were developed taking into account international experience and standards; they represent a global change, but more for banks.

“Customers will not feel any difficulties in transfers: for the majority, nothing will change,” explains Maxim Semov, head of the ARB Committee on Financial Literacy. “But stopping the payment, which can occur as a result of such measures, will just save those who send money to scammers.” Now the fraudster’s weapon is social engineering, and the weapon is the telephone. If regulators take away the weapon, the technology will change. Perhaps, attackers will start using real numbers, for the registration of which they will substitute drops (individuals who are ready to provide their personal data for fraudulent transactions for a fee – editor’s note), the expert noted. But this will mean that the regulator’s measure was effective and fraudsters had to look for system vulnerabilities at a different level.