Executives from some of Australia’s largest banks say social media and telecommunications companies are not doing enough to fight scams and fraud on their platforms, as the country’s financial giants reveal they are testing a new layer of security billed as a world-first.
The comments were made in Sydney on Wednesday as ANZ, Commonwealth Bank, NAB, Westpac, and Suncorp Bank announced they had begun piloting new tech from Israeli cyber security company BioCatch as part of their intelligence-sharing network.
The system, which began testing on 1 October after being in development for more than a year, has helped banks identify suspicious accounts which suspected criminals may have attempted to use to “cash out”, BioCatch representatives said.
The network utilises artificial intelligence technology and has allowed financial institutions to quickly review transactions before any money has left a sender’s account, they said.
Chris Sheehan, a former Australian Federal Police executive who now leads NAB’s investigations arm, said he would “love to see similar tangible action from other parts of this ecosystem, from our digital platform peers and our telecommunications peers”.
"By the time BioCatch Trust is triggering an alert for us to act upon, someone's already made a payment, or tried to make a payment — which means someone's already received a scam text message or WhatsApp message, someone's already clicked on a link that's taken them to a fake investment scam on Facebook or Google,” he said.
“We've got to do more, and those industries need to do more to get the bad content off their platforms and off their channels.”
James Roberts, the Commonwealth Bank’s general manager of fraud and scams, said fraudulent text messages and social media advertisements were a problem which “telcos and digital platforms need to do a better job, frankly, on reducing”.
“At the payment end of the leg, we will [now] be more likely to detect the scam transaction, and therefore be able to intervene on it,” he said.
“Unfortunately, it doesn't affect how many fraudulent SMS or advertisements on social media there will be.”
L-R: James Roberts (Commonwealth Bank) with Ben Young (Westpac), Gadi Mazor (BioCatch), and Chris Sheehan (NAB) in Sydney. Photo: Supplied
Australians lost more than $2.7 billion to scams in 2023, making us one of the most-scammed nations in the world.
Tech companies with social media services such as Meta, TikTok, and Snap implemented their own voluntary Australian Online Scams Code earlier this year, but it was criticised by the federal government for not going far enough.
The government’s Scam Code Act, currently in development, seeks to impose fines of up to $50 million on companies which do not comply with planned mandatory codes of conduct.
BioCatch said its system was aligned with the federal government’s proposed Scams Prevention Framework, which was tabled in parliament in early November with the intention of placing new obligations on banks, social media platforms, and telecommunications companies to prevent scams.
The bill has already been criticised for various reasons by members of the opposition, The Greens, and the crossbench.
The Australian Banking Association previously welcomed the legislation, while Digital Industry Group Inc (DIGI) — which counts the likes of Meta, TikTok, X, Snap, and Twitch among its members — said more needed to be done to stop criminals and prevent Australians from falling victim to scammers.
Banks ‘still learning how to use’ new AI models
Representatives from BioCatch said the company’s new fraud detection system had already been used to monitor millions of payments while not unnecessarily disrupting consumers.
The system uses machine learning – a branch of artificial intelligence – to verify recipient accounts, flagging to banks if there are risks such as the account being only opened recently, potentially having been compromised by a third party, or having engaged in risky activities.
Information about each digital session, payment, and device involved in the transaction is also used, BioCatch said.
As with many AI systems, BioCatch Trust sometimes returned false positives, bank representatives admitted.
“We’re in week six of a pilot — we’re still learning how to use the capability,” said Sheehan from NAB.
“… BioCatch is a sophisticated machine learning model. Like any model, it takes time to understand the data, learn from the data, and become more efficient.”
The technology would only be implemented by the banks more broadly when rates of false positives were “at an acceptable level”, Sheehan said.
Neither the banks nor BioCatch would detail current rates of false positives.
“In practical terms, there is always going to be a false positive rate,” Sheehan said.
“That is the consequence that we have to pay, but manage appropriately and sensitively, for protecting people from crime.”
Spokespeople for BioCatch said the current trial had gone “very smoothly”, as it involved enhancing existing technology already used by the major banks.
Australia’s relatively concentrated banking system and its “culture of collaboration” were among the reasons why the new platform was being tested Down Under before anywhere else in the world, the company said.
