Share this post

In April 2021, we launched the Revelock Fraud Detection & Response (FDR) platform, our all-in-one solution which boosts financial organizations’ ability to accurately spot bad actors and actively protect legitimate users against identity manipulation and impersonation attacks.

Just as importantly, it does all this without adding friction to the customer journey. One of the core capabilities within this platform is Revelock Active Defense, which is designed to stop malware and phishing attacks, and give fraud analysts full control over client-side automated risk mitigation.

Revelock Active Defense delivers a new age of proactive fraud response in banking, rooted in the ability not just to detect suspicious activity, but also to automatically stop and respond to ever-changing threats. It’s a set of highly intelligent tools that increase the costs of committing fraud for cyber adversaries while decreasing the associated workload for banks’ cybersecurity teams.

Here, we explain how exactly this enhanced capability protects web and mobile banking apps and why it’s changing the game of online fraud prevention.


The need for a new kind of fraud defense

The way cybercriminals operate now is different to how they did 5-10 years ago. The evolution of their tactics in recent years has enabled them to carry out elaborate data breaches and manipulate users into surrendering personal information, all of which is used to perpetuate the vicious cycle of fraud. Add to this the rise of fraud-as-a-service schemes – which make launching attacks accessible even to non-technical actors – and a global pandemic accelerating the move to digital channels – thus increasing the pool of potential victims – and you get a perfect storm. Put simply, online banking fraud today is a low-risk, high-reward industry.

Historically, banks have been on the back foot when it comes to fighting these bad actors. Although the market is saturated with tools that detect and alert banks of suspicious activity, little has been done to actually move banks’ fraud response from “whack-a-mole” to a more proactive footing. While fraud analysts – who are overworked and in limited supply – are kept busy with the flood of alerts, false negatives, and false positives that these traditional anti-fraud systems generate, fraudsters are hopping from victim to victim, unencumbered by the consequences of their past actions.

This is where Active Defense is a game-changer. By automating the handling of most types of alerts, it gives fraud teams the tools they need to create real barriers to stop bad behavior, focus on the most crucial investigations and, in doing so, raise the stakes for cybercriminals to the point where there’s no longer enough of an incentive to perpetrate fraud.


What we mean by Active Defense

The term ‘active defense’ was first used by the US Department of Defense, but in cybersecurity, in particular, it refers to deploying actions that make it harder for cyber-adversaries to carry out attacks. These actions aim to confuse attackers with traps and advanced forensics and often provide an automated incident response – which can refer to different response strategies seeking to increase the work for the attackers and decrease the work for the defenders.

Revelock Active Defense follows this concept, but in the specific arena of online fraud. By automating fraud response, it actively stops and deters adversaries, thus increasing the cost and complexity required to commit online fraud.


The problem Active Defense solves: Identity attacks and manipulation attacks

In today’s post-breach world, stolen credentials are readily available for bad actors to use to impersonate legitimate users and carry out account takeover (ATO) attacks.

Revelock Active Defense prevents targeted credential theft – by way of malware and phishing attacks – through the power of automated detection and response. It allows financial organizations to pre-determine what kind of automatic response is triggered when malware or phishing attacks are detected – ranging from stepped-up verification requests, session termination, auto-logoff to account lockout – immediately protecting the user.

For example, a user might receive a phishing email from bad actors posing as the bank, prompting them to follow a link and log in to their bank’s online portal. This would take them to a cloned page where their credentials would be captured and used for a follow-on account takeover attack. Revelock’s Phishing Blocker recognizes this tactic and immediately directs customers to a legitimate page instead, stopping the identity attack.

Besides impersonation attacks, the other major family of threats is manipulation attacks. These utilize remote access software, either by fraudulently manipulating legitimate remote access software or by duping the victim into executing a form of malware called a Remote Access Trojan (RAT or mRAT for mobile devices).

Both are designed to gain control of a victim’s device, or more typically, hijack a user’s banking session. This form of attack is easier to execute because it bypasses traditional account security, allowing a bad actor to temporarily take control of a victim’s account.

Revelock’s Active Defense detects RATs, verifies who the person behind the account is at any given point – by analyzing the user’s BionicID and continuously asking the question “are you really you”? in the background – and auto-responds to stop the manipulation attack.


Three capabilities to avert any ID attack

Revelock Active Defense protects against online impersonation and manipulation attacks by giving financial institutions and financial services providers full control over their fraud response and granting them a strategic advantage over cyber-adversaries.

Its three core capabilities – Malware Blocker, Phishing Blocker and mRAT Blocker – form a protective layer between bad actors and bank systems, and automate proactive risk-mitigation before an attack can take place. The result is fewer alerts for fraud analysts to deal with, a more robust fraud defense for banks and a safe and silent customer experience for legitimate users.

To learn more about how Revelock Active Defense works – including the role of the Know Your User (KYU) verification approach, BionicID unique digital identifiers and Hybrid AI models – click here.


More To Explore


Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?