NewsBite

Quantium Telstra, CBA breakthrough stops hackers using stolen data to open accounts

The nation’s largest bank and telco say they’re already in talks to license the technology to Telstra’s largest competitors Optus and TPG and that the major banks are also interested in using it.

Commonwealth Bank general manager of group fraud James Roberts
Commonwealth Bank general manager of group fraud James Roberts

Quantium Telstra and CBA have developed a new technology that will effectively prevent cyber criminals from opening bank accounts with credentials stolen during data breaches after assessing their phone behaviour.

The nation’s largest bank and telco say they’re already in talks to license the technology to Telstra’s largest competitors, Optus and TPG, and the major banks are also interested in using it.

When scammers attempt to open bank accounts digitally with CBA, the bank will automatically place a call to Quantium Telstra via an application programming interface (API) that will effectively provide snippets of data that suggest whether the mobile number used in the application has potentially engaged in fraudulent behaviour.

Sandy Cameron, the chief executive of the joint venture between Quantium and Telstra, said the new Fraud Indicator technology could analyse de-identified network data and pick up signs of unlawful behaviour without encroaching on the privacy of users.

“It is more related to identity and in particular to combating identity fraud in depth,” he said.

Quantium Telstra chief executive Sandy Cameron
Quantium Telstra chief executive Sandy Cameron

The data would also help Telstra build its account takeover capabilities to reduce the number of criminals using its services to engage in fraudulent behaviour.

CBA will also flag mobile numbers it blocks after detecting potentially fraudulent behaviour with Australian Financial Crime Exchange, a CBA-backed non-profit that shares criminal intelligence across the private and public sector.

James Roberts, the bank’s general manager of group fraud, said CBA would be able to retrofit the technology to assess whether open accounts belonged to people who had engaged in fraudulent activity. It could also be used to prevent hackers from changing mobile numbers associated with a victim’s account.

The big four bank expects to significantly reduce the ability for criminals to open accounts. In early testing “we found a 25 per cent increase in our ability to detect bad attempted originations resulting from the likes of data breaches”, he said.

Since 2022, Australia has suffered many data breaches, some hitting customers of the nation’s largest telecommunications, private health and credit providers.

Stolen data from those breaches is still being widely circulated on forums frequented by hackers in the dark web.

“Various criminal syndicates often sell that information on the dark web to allow facilities to be opened up unknowingly to a person and in their name,” Mr Roberts said.

CBA and Quantium have big ambitions for the technology, with Mr Roberts confident it had the potential to become national infrastructure.

Each time CBA black-listed a mobile number, data would run back to Quantium Telstra via a feedback loop for reinforcement learning.

Commonwealth Bank’s general manager of group fraud James Roberts.
Commonwealth Bank’s general manager of group fraud James Roberts.

CBA had used several security measures including requiring customers to take selfies, document verification and behavioural biometrics to help prevent fraudulent activity, but there were several areas outside of its control where it lacked insight, Mr Roberts said.

“One of the missing links for us was the network information of that mobile as it pertains to the account,” he said.

Mr Roberts claimed CBA had achieved a 70 per cent reduction in customer scam losses over the past two years.

“In the next two months we expect to see the benefits from this new tech and I think we’re confident based on the testing of it,” he said.

“There’s a bit of hope for the future that directionally we’ve made some really good inroads.”

Originally published as Quantium Telstra, CBA breakthrough stops hackers using stolen data to open accounts

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

Original URL: https://www.dailytelegraph.com.au/business/quantium-telstra-cba-breakthrough-stops-hackers-using-stolen-data-to-open-accounts/news-story/e815cc86444afdd20aaaf970ac7c4638