17.07.2014

BCS Group Implements a Payment and Information Security Event Monitoring System

Informzaschita has completed a project to create a Payment and Information Security Events Monitoring System for the BCS Group. This system automatically detects fraudulent transactions conducted with the remote bank service (RBS) system for individual clients.

The HP ArcSight solution formed the basis for the automated system. This solution was selected due to its high functionality and cost efficiency.

As a part of the project, Informzaschita’s experts implemented a pattern for detecting signs of fraudulent activities by means of analyzing factors indicating that payments deviate from the client behavioral model using a set of statistical and logical rules. For this purpose, Informzaschita’s experts developed mechanisms to assess the resulting risk peculiar to the client’s activities in the online mode based on the detected deviations jointly with the BCS Group’s Information Security Department. Thus, monitoring of fraudulent transactions involves both payment order details and client behavioral model, and signs of detected activities are compared against the client profile within the remote bank service system.

The BCS Group’s Information Security Department is now able to generate reports for investigations, conduct an all-round analysis of client activities and assess the efficiency of the system operation in general. The implemented system is open for further development and provides for building up the functionalities related to the detection of fraud in the field of bank and broker services as well as information security events and incidents.

“When developing our business and expanding the range of services available to the BCS Group’s clients, we pay much attention to issues related to the reliability and security of our services. We consider the payment and information security event monitoring system implemented by Informzaschita as a valuable strategic asset enabling us to minimize losses caused by fraud and maintain a high level of loyalty on the part of our clients,” Kirill Klimenko, a representative of the BCS Group’s Information Security Department, comments on the project.

Dmitry Kudiyarov, Informzaschita’s Information Security Architect, notes: “As a part of the project, mechanisms for detecting money thefts via remote bank service channels for individual clients were implemented. Special attention was paid to the scalability of the fraud detection pattern and simplicity of its modification. The particular features of the project are the need to minimize the personnel burden due to reducing the number of malfunctions, automated generation of individual client profiles for detecting any payment transactions that are not characteristic of the client, and wide use of the probability theory and mathematical statistics.”