What is the best way to prevent fraud?
Hire people who think like fraudsters.
What is Fraud Red Team?
Fraud Red Team is an external, third-party identity, authentication and fraud-testing service.
We execute more than 1,000 tests designed to assess your organization’s customer identification and
authentication policies, fraud rules, fraud policies and fraud operations for vulnerabilities
across key channels and functional areas.
Our goal is to identify process and control weaknesses that fraudsters can exploit.
We report our findings with recommendations to the bank.
Is this the same thing as an Information Security Pen Test?
No, Fraud Red Team does not conduct information-security penetration tests or
application security tests.
Why is this testing important?
Organizations spend millions to conduct penetration and safe-coding practices. But for most
cybercriminals, the real vulnerabilities are customers, processes, policies and employees.
Gaps in policies and procedures for authentication and fraud detection create opportunities
for fraudsters to “game the system” without conducting expensive computer attacks.
Fraudsters aren’t going to tell you how they beat your systems and stole your customers’
identities and money. We will.
Has this approach been used before?
The Department of Defense, network security teams and customer-service teams use similar
prevention strategies, in which they simulate hackers or shoppers with a goal of finding
weaknesses before data is compromised or customers have a bad experience.
Fraud Red Team is an extension of that best practice approach, because we examine your
systems the way a fraudster would. In addition, and unlike the fraudsters, we report what
we find along with our recommendations that are based on our experience managing fraud
prevention programs at some of the world’s largest banks.