Download PDF version Contact company

LexisNexis® Risk Solutions releases its biannual Cybercrime Report, which tracks global cybercrime activity from January 2020 through June 2020. The report dives deep into how the COVID-19 pandemic has impacted the global digital economy, regional economies, industries, businesses and consumer behavior.

The period has seen strong transaction volume growth compared to 2019 but an overall decline in global attack volume. This is likely linked to growth in genuine customer activity due to changing consumer habits.

Mobile device transactions

The LexisNexis Risk Solutions Cybercrime Report analyzes data from more than 22.5 billion transactions processed by the LexisNexis® Digital Identity Network®, a 37% growth year over year. Mobile device transactions also continue to rise, with 66% of all transactions coming from mobile devices in the first half of 2020, up from 20% in early 2015. The Digital Identity Network® also notes an uptick in transactions from new devices and new digital identities.

They attribute this to many new-to-digital consumers moving online to procure goods and services that were no longer available in person or harder to access via a physical store, during the pandemic. The Europe, Middle East and Africa region (EMEA) saw lower overall attack rates in comparison to most other global regions from January through June 2020. This is due to a high volume of trusted login transactions across relatively mature mobile apps.

Financial services organizations

The attack patterns in EMEA were also more benign and had less volatility and fewer spikes in attack rates

The attack patterns in EMEA were also more benign and had less volatility and fewer spikes in attack rates. However, there are some notable exceptions. Desktop transactions conducted from EMEA had a higher attack rate than the global average and automated bot attack volume grew 45% year over year.

The United Kingdom (U.K.) is also a particular pain point. The U.K. originates the highest volume of human-initiated cyber-attacks in EMEA, with Germany and France second and third in the region. The U.K. is also the second largest contributor to global bot attacks behind the U.S. One example of a U.K. banking fraud network saw more than $17 million USD exposed to fraud across 10 financial services organizations. This network alone consisted of 7,800 devices, 5,200 email addresses and 1,000 telephone numbers.

Human-Initiated attack rate

Additional Key Findings from the LexisNexis Risk Solutions Cybercrime Report:

Decline in attack rate – The overall human-initiated attack rate across the Digital Identity Network fell through the first half of 2020, showing a 33% decline year over year. The breakdown by sector shows a 23% decline in financial services and a 55% decline in e-commerce attack rates.

Latin America experienced the highest attack rates of all regions globally and realized consistent growth in attack rates from March to June 2020. The attack patterns in North America and EMEA had less volatility and fewer spikes in attack rates from the six-month period observed.

Providing additional context

Financial services organizations experienced a surge in automated bot attacks

Attack Vector Global View - Media is the only industry that recorded an overall year over year growth in human-initiated cyber-attacks. The Digital Identity Network recorded the 3% increase solely across mobile browser transactions. Globally, automated bots remain a key attack vector in the Digital Identity Network. Financial services organizations experienced a surge in automated bot attacks and continue to experience more bot attacks than any other industry.

Across the Customer Journey - New account creations see attacks at a higher rate than any other transaction type in the online customer journey. However, the largest volume of attacks targets online payments. Login transactions have seen the biggest drop in attack rate in comparison to other use cases. Analysis across new customer touchpoints in the online journey is included in this report for the first time, providing additional context on key points of risk such as money transfers and password resets.

Changing geographical footprint

During COVID-19 - All industries have felt the impact of COVID-19. There are clear peaks and troughs in transaction volumes coinciding with global lockdown periods. Financial services organizations realized a growth in new-to-digital banking users, a changing geographical footprint from previously well-traveled consumers and a reduction in the number of devices used per customer.

There have also been several attacks targeting banks offering COVID-19-related loans. E-commerce merchants have seen an increase in digital payments and several other key attack typologies that coincide with the lockdown period. These included account takeover attacks using identity spoofing and more first-party chargeback fraud.

Detecting the full spectrum

The move to digital, for both businesses and consumers, has been significant"

This is the first LexisNexis Risk Solutions Cybercrime Report to include data on the new reality of conducting business during a pandemic,” said Rebekah Moody, director of fraud and identity at LexisNexis Risk Solutions. “The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry.”

We need to ensure that all consumers, especially those who might be new to digital, are protected. Businesses must arm themselves with a layered defense that can detect the full spectrum of possible attacks and is future-proofed against evolving threats.”

Global digital economy

While the face of cybercrime will continue to re-shape to fit the growing global digital economy, the ability for businesses to reliably recognize good, trusted customers must remain constant,” added Dr. Stephen Topliss, vice president of fraud and identity at LexisNexis Risk Solutions.

We must identify and block fraudsters – whether opportunists or highly networked fraud rings – the moment they transact and knowledge sharing must be as pivotal to global businesses as it is to the cybercriminals that attack them.”

Download PDF version Download PDF version

In case you missed it

Why Face Recognition As A Credential Is The Ideal Choice For Access Control?
Why Face Recognition As A Credential Is The Ideal Choice For Access Control?

In the field of access control, face recognition has come a long way. Once considered too slow to authenticate people's identities and credentials in high traffic conditions, face recognition technology has evolved to become one of the quickest, most effective access control identity authentication solutions across all industries. Advancements in artificial intelligence and advanced neural network (ANN) technology from industry leaders like Intel have improved the accuracy and efficiency of face recognition. However, another reason the technology is gaining traction is due to the swiftly rising demand for touchless access control solutions that can help mitigate the spread of disease in public spaces. Effective for high volumes Face recognition eliminates security risks and is also virtually impossible to counterfeit Modern face recognition technology meets all the criteria for becoming the go-to solution for frictionless access control. It provides an accurate, non-invasive means of authenticating people's identities in high-traffic areas, including multi-tenant office buildings, industrial sites, and factories where multiple shifts per day are common. Typical electronic access control systems rely on people providing physical credentials, such as proximity cards, key fobs, or Bluetooth-enabled mobile phones, all of which can be misplaced, lost, or stolen. Face recognition eliminates these security risks and is also virtually impossible to counterfeit. Affordable biometric option Although there are other biometric tools available, face recognition offers significant advantages. Some technologies use hand geometry or iris scans, for example, but these options are generally slower and more expensive. This makes face recognition a natural application for day-to-day access control activities, including chronicling time and attendance for large workforces at construction sites, warehouses, and agricultural and mining operations. In addition to verifying personal credentials, face recognition can also identify whether an individual is wearing a facial covering in compliance with government or corporate mandates regarding health safety protocols. Beyond securing physical locations, face recognition can also be used to manage access to computers, as well as specialized equipment and devices. Overcoming challenges with AI So how did face recognition become so reliable when the technology was once dogged by many challenges, including difficulties with camera angles, certain types of facial expressions, and diverse lighting conditions? Thanks to the emergence of so-called "convolutional" neural network-based algorithms, engineers have been able to overcome these roadblocks. SecurOS FaceX face recognition solution FaceX is powered by neural networks and machine learning which makes it capable of authenticating a wide range of faces One joint effort between New Jersey-based Intelligent Security Systems (ISS) and tech giant Intel has created the SecurOS FaceX face recognition solution. FaceX is powered by neural networks and machine learning which makes it capable of authenticating a wide range of faces and facial expressions, including those captured under changing light, at different resolution levels, and varying distances from the video camera. Secure video management system A common face recognition system deployment begins with IP video cameras that feed footage into a secure video management system connected to a video archive. When the software initially enrolls a person’s face, it creates a "digital descriptor" that is stored as a numeric code that will forever be associated with one identity. The system encrypts and stores these numeric codes in a SQL database. For the sake of convenience and cost savings, the video server CPU performs all neural network processes without requiring any special GPU cards. Unique digital identifiers The next step involves correlating faces captured in a video recording with their unique digital descriptors on file. The system can compare newly captured images against large databases of known individuals or faces captured from video streams. Face recognition technology can provide multi-factor authentication, searching watchlists for specific types of features, such as age, hair color, gender, ethnicity, facial hair, glasses, headwear, and other identifying characteristics including bald spots. Robust encryption SED-compatible drives rely on dedicated chips that encrypt data with AES-128 or AES-256 To support privacy concerns, the entire system features an encrypted and secure login process that prevents unauthorized access to both the database and the archive. An additional layer of encryption is available through the use of Self-Encrypting Drives (SEDs) that hold video recordings and metadata. SED-compatible drives rely on dedicated chips that encrypt data with AES-128 or AES-256 (short for Advanced Encryption Standard). Anti-spoofing safeguards How do face recognition systems handle people who try to trick the system by wearing a costume mask or holding up a picture to hide their faces? FaceX from ISS, for example, includes anti-spoofing capabilities that essentially check for the "liveliness" of a given face. The algorithm can easily flag the flat, two-dimensional nature of a face mask, printed photo, or image on a mobile phone and issue a "spoof" alarm. Increased speed of entry Incorporating facial recognition into existing access control systems is straightforward and cost-effective Incorporating facial recognition into existing access control systems is straightforward and cost-effective. Systems can operate with off-the-shelf security cameras and computers. Users can also leverage existing infrastructure to maintain building aesthetics. A face recognition system can complete the process of detection and recognition in an instant, opening a door or turnstile in less than 500ms. Such efficiency can eliminate hours associated with security personnel checking and managing credentials manually. A vital tool Modern face recognition solutions are infinitely scalable to accommodate global enterprises. As a result, face recognition as a credential is increasingly being implemented for a wide range of applications that transcend traditional access control and physical security to include health safety and workforce management. All these capabilities make face recognition a natural, frictionless solution for managing access control, both in terms of performance and cost.

Everbridge Control Center Deployed By G4S To Accelerate Abu Dhabi Global Market Square’s Physical Security Digital Transformation
Everbridge Control Center Deployed By G4S To Accelerate Abu Dhabi Global Market Square’s Physical Security Digital Transformation

The Abu Dhabi Global Market Square (ADGMS), located on Al Maryah Island, in the United Arab Emirates capital, Abu Dhabi, is a high-profile, architecturally compelling business and hospitality hub. Many of the most globally prestigious companies inhabit the buildings, in the award-winning financial center. Abu Dhabi Global Market Square ADGMS also hosts frequent international dignitaries and large-scale public events, including the Abu Dhabi national New Year’s fireworks display. Abu Dhabi Global Market Square was the first project in the UAE, to achieve LEED Core and Shell (LEED-CS) Gold pre-certification, by the US Green Building Council (USGBC). The Abu Dhabi Global Market Square (ADGMS) consists of: 450,000 sq. m of office space, a lavish retail section and luxury business hotel offerings, 4 Grade-A commercial office towers with 30 floors each, 4 km waterfront promenade, Over 2,000 cameras, and Over 1,000 doors. Unconnected security systems and situational awareness gaps Because of its iconic status, the Abu Dhabi Global Market Square faces many unique challenges to security, including: Political pressure - Because of ADGMS’s status and frequent high-profile international visitors, any disruption to operations - be it natural disaster, activism, terror or other critical events, could cause issues on a national scale. Protection for VIPs - Regular visits from prestigious VIPs, such as sheikhs, the royal family, and global business leaders, elevates security risks and the need for executive protection. Unobtrusive security - ADGMS is a public space with tenanted offices, meaning that security must be robust, but unobtrusive and follow all global data, and privacy regulations. Physical location - Being situated on an island is an extra security risk, complicating the ability to enter and exit the space, during planned and unplanned critical events or emergencies. Architecture - The buildings in ADGMS are mostly glass, with many levels, making it difficult to secure. Previously, a number of systems were deployed to help with security and life safety, such as CCTV, access control, fire detection, and building management. However, these were not connected and left gaps in situational awareness, which ADGMS found unacceptable. In light of the above challenges, ADGMS building managers felt it essential to harden security, across the market square, within these buildings and in connecting areas. Risk intelligence & integrated control of physical assets Martin Grigg, Principal Consultant and Project Lead for PTS Middle East was selected to design and oversee the project Abu Dhabi Global Market Square approached PTS Middle East (PTS Consulting Group Ltd.), a multi-national security and digital transformation consultancy, which carried out the threat, risk and vulnerability assessment, designed the mitigation measures, and provided oversight of the installation and commissioning of the entire system. They were also tasked with ensuring that the system met the operational requirements and was fit for purpose, and proportional to the risks, faced by ADGMS. Martin Grigg, Principal Consultant and Project Lead for PTS Middle East was selected to design and oversee the project, right from concept to completion. Everbridge Control Center deployed Following the assessment, G4S, a British multi-national risk consultancy company, headquartered in the United Kingdom, was selected to deliver the project, based on its experience in helping secure many of the region’s most prestigious locations. G4S is also a global partner with Everbridge, and together, they have secured people, assets and infrastructure for numerous organizations. G4S selected Everbridge Control Center to integrate and manage all the technology, which is coming into their Security Command Centre (SCC). Everbridge Risk Center was also deployed to provide real-time threat intelligence to ADGMS. Critical issues solved by Everbridge technology: Consolidation of four control rooms into one, reducing the office space needed for security - This premium space is now free and able to be re-purposed as rentable office space, Reduction of man guarding costs, as fewer resources are needed to secure the facility, Real-time situational awareness allows for reduced risk, accelerated response times and keeps stakeholders informed, Everbridge Control Center provides event driven, unified interface and automated SOP presentation, Everbridge technology provides flexibility to adapt, as requirements change, Reduction in time taken to identify a security incident and resolve it, Intelligence from the facial recognition systems is proactively used to welcome friends and identify known criminals, Risk intelligence to identify events, such as sandstorms, allows ADGMS to act faster, enabling them to reduce the risk to people and operations, and Automated reporting capabilities save huge amounts of time and resources - A report that took 20 minutes can now be automated in seconds.

How Are New Management Systems Innovating The Hospitality Industry?
How Are New Management Systems Innovating The Hospitality Industry?

Technology has certainly become an intrinsic part of our day-to-day lives, from the retail industry, to food and beverage outlets, and even within the health and fitness industry. It’s all around us, in varying formats, making processes more efficient. It has refined some of our older approaches, and in the hospitality industry, this is certainly true. Technological advances are leading the way forward for the future of hotels, and with the sector now free from COVID-19 restrictions, venues are looking for ways to improve the guest experience with technology. A staggering recent statistic has suggested that 75 percent of activities in hospitality could one day become automated — so where exactly are we heading on this journey into the future of hotels? Join Cairn Collection, owner of The Stirling Highland, and explore a whole host of innovations that are changing the face of hotel management systems. The 21st-century check-in desk The breadth of technology that is slowly becoming more widely available is transforming the hospitality industry The digital age is constantly finding new ways to innovate and prove its value and worth for modern consumers, and the breadth of technology that is slowly becoming more widely available is transforming the hospitality industry. In the past, connotations of a check-in desk were long queues and excessive pieces of paper — from room service menus to a mini-catalog of highlights of the local area. Technological innovations such as face recognition are one of the major ways that this process is changing. Using artificial intelligence A handful of hotels have already trialed or introduced artificial intelligence (AI) into their daily running, and it looks set to become far more mainstream by 2025. From paying the bill by using biometrics to allowing hotel managers to handle data more efficiently, AI looks set to be welcomed with the potential for it to reduce costs by 13 percent. The entire hotel check-in process could become automated, making one of the most established parts of the hotel experience redundant — but staff could be freed up to engage with customers, allowing them to get into their rooms quicker in the meantime. Many venues have even gone fully paperless when it comes to checking in, choosing instead to upload the process to cloud computing systems where information can be stored and viewed by connected devices. Convenience is the key More hotels operate their room unlocking facilities through mobile phone-connected technology, NFC After having checked in to a hotel, guests will want to explore the room that they’ve booked. Doing so has never been easier, and the classic magstripe locks which were once the most commonly used method of accessing hotel rooms are being progressively phased out. More and more hotels now operate their room unlocking facilities through mobile phone-connected technology, near-field communication (NFC).  This technology allows for data transfer at up to 424 kb per second, and it is enabled when connected devices come into contact with each other. Mobile key systems Most mobile key systems require guests to download and activate a key through the hotel’s digital app, and upon arrival, they can use the activated key to unlock the door to their hotel room. Combined with online/digital check-in services, guests can use the e-key to check in early or at a time that suits them best, knowing that they don’t have to wait around to pick up a physical key. Small touches like this build a sense of brand familiarity for customers, as well as streamline their hotel experience, and this distinguishes them from competitors. Hotel management systems Hotel management systems need to account for the experience that guests have while staying at the venue Of course, hotel management systems also need to account for the experience that guests have while staying at the venue and technology can do a lot to enhance this. Hotels have to innovate the spaces that they are presenting to their customers and technology has become a valuable asset to help enhance customer satisfaction, as the hotel room is certainly not simply a place for rest anymore. Voice-enabled devices Voice-enabled devices are becoming common features in rooms, with popular models such as Google Assistant, Apple’s Siri, and Amazon Echo providing guests with information on the local area — if you’re looking for the perfect backdrop to the business dinner you’re attending, just ask Alexa! Hotels could even record and distribute their personalized voice messaging to help reinforce the brand presence into the technology. Technology can help you attract and retain customers by offering services above and beyond what they’d usually receive A room and then some As the generational switch to millennials and Gen Z continues, the need for an experience has grown and, through a mixture of technology, hotels can cater to these revised consumer needs. From setting up messaging platforms to providing a remote control that monitors absolutely everything in the room — from atmospheric mood lighting to music streaming services and more, a hotel room can be whatever the user wants, and the experience is therefore generated by the customer. Technology doesn’t stop advancing, and there are constantly new, refined approaches to hotel management systems that have marked a stark departure from ways of the past. With guests returning after over a year of COVID-19 restrictions, competition for their business is even tougher. Technology can help you attract and retain customers by offering services above and beyond what they’d usually receive.