Overview of the problem addressed by Wonga
Wonga is a digital instalment loan company operating in Europe. As it provides a financial service, it is therefore a target for cybercriminals seeking to defraud it. Wonga’s Polish operations required a solution to decrease fraud rates that would also ensure a fast and frictionless user experience while navigating their service.
Moreover, as Wonga is always on the lookout for innovative fraud solutions, it sought a company that would provide an effective rules-based system that could match or outperform the competition, but crucially, would also be able to provide real-time configuration help, communicating quickly and efficiently to all necessary requests. All data collected in real-time was required to be shown in an easy to navigate user interface that could be analyzed and used to adapt future fraud rules based on their needs.
Wonga had a negative experience with a previous anti-fraud service that ceased to evolve and as a result was outperformed by dynamically changing fraud. As a result Wonga was forced to find a new fraud prevention solution that would address current needs.
Challenges highlighted during proof of concept (POC) trial
This type of fraud occurs when a fraudster uses a stolen identity (usually obtained through phishing) of an unassuming victim in an attempt to apply for money anonymously. If fraudulent transactions are processed, the chances of recouping unpaid loans is slim. In order to prevent identity fraud, it is necessary to identify anomalies in the network connection or suspicious behaviors. Wonga was initially susceptible to identity fraud, due to a lack of effective rules from previous fraud management providers. Nethone suggested a new set of rules to detect identity theft.
This is one of the most commonly used practices in the digital finance space recently, often used to gain funds to invest in cryptocurrencies. Using social engineering techniques, fraudsters manipulate victims to apply for loans in person (by creating urgency for a ’must have investment’) or by leading them to divulge their credentials, cybercriminals access victim’s PCs (via remote desktop protocols), personal documents or even their money. As fraudsters can manipulate victims or hide behind the ’real’ identity of a person who may not even be aware of the online fraudulent activity, financial institutions require detailed profiling to recognize if they are dealing with a regular user or fraudsters hiding behind a smokescreen. Wonga required this type of fraud to be detected and keep false positives to a minimum.
Solution and benefits for the customer
In Wonga's case, we were able to detect numerous technical anomalies and suspicious behavioral patterns indicative of potential fraud. Some key examples are:
- open ports related to remote desktop tools such as TeamViewer, AnyDesk, LogMeIn etc.
- user-agent spoofing.
- VPN, Proxy and other network manipulation.
After analyzing data in real time and quietly in the background of each user browser session, we could confirm in the blink of an eye (with median response time of 508ms) if a user is genuine or a potential fraudster. Website loading times were unaffected and did not impact the customer UX.
To date, we have blocked multiple fraud attacks conducted by individual cybercriminals and organized groups, aiming to defraud Wonga using stolen identities, particularly in the area of investment fraud in cryptocurrencies. The data collected was extensive but provided in a user interface in a clear way for the user to understand and use for analyzing and identifying fraud trends.
Wonga sought to work with an anti-fraud provider that could react to their problems not only quickly and efficiently, but also be able to maintain an effective line of communication. Our customer-centric approach works by tailoring our solution to the needs of the client, building trust and credibility. For example, our analysts were also able to identify specific threats in the darkweb to which Wonga had previously been unaware of, allowing them to analyze the problem, and adapt new rules to combat them.
This communicative approach resulted in Wonga deciding to establish a long-term cooperation with Nethone after verifying the performance of our rules engine and evaluating our work. Having advanced tech capabilities with proven results is highly beneficial, however, building and maintaining a positive working relationship with our customers is just as important.
Additionally, as we cooperate with companies from the loan industry, we have observed fraud patterns in their traffic and can adapt this knowledge to other customers. The effectiveness of our integrated solution for the entire market is continually being refined thanks to data sharing, allowing for an agile approach to continually changing fraud dynamics. We are able to better identify the attack mechanisms used by cybercriminals, sealing any gaps in the financial market that can potentially be exploited.
The tech side of our fraud solution is to collect over 5,000 pieces of digital fingerprinting data and scan behavioral biometrics. Having adapted an efficient rules engine to detect suspicious and fraudulent activities, the next step is to continually improve Wonga’s fraud solution by analyzing more data, which will further improve the accuracy of fraud detection and prevention capabilities.