Monitoring POS or ATM transactions is complex. Here the latest in how industry leading Prognosis software helps large Financial institutions monitor fraudulent activity and up-time across payments networks.
IR | BrightTALK
Stephen: Hello everybody and welcome to our webinar today. Today we're presenting a Prognosis use case on monitoring for point of sale and ATM. There have been a number of very high profile cases around fraudulent behavior in the banking and finance community. We're going to be talking for about 30 minutes today.
Your presenters are Siti Chen, who is one of our team leads on cloud solutions across the Asia Pacific. Responsible for presales, joining IR in 2010. Many of you on the call may know Siti, she's been working with financial bebiinstitutions around the Asia Pacific, South Africa, and the Middle East. Also speaking today will be Junaidy Laures, Junaidy is another IR solutions engineer. You might be familiar with him, and he’s been here since 2011.
You will have time to ask questions. So there's a section in your, in your profile there where you can pop in some questions and if we have time, we'll answer them. And if you miss out on this event you'll be sent a recording of the event.
We'll just run through about IR, who we are. And we're going to go through a couple of case studies for a point of sale acquirer and an ATM acquirer and another case study for payment processing.
Without further ado, I'll hand over to Siti who’ll take us through who we are and the customers we work with.
Siti Chen: Hi, everyone, thank you for making time today to attend this webinar. But before we start this discussion on how our current customers are using Prognosis to help address their business and operational challenges and how promises can help them.
First of all, we would like to introduce our company who is IR. Basically, IR is the people behind Prognosis Performance Management solutions. Our heritage was founded with around 30 years of providing real-time monitoring to the mission-critical organizations across a wide range of industries. Our focus and one of our core competencies is in the payment area.
We started monitoring based on default transactions in 2002 and then followed by Postilion in 2004. And then we’re also covering the monitoring of the FIS as well as the other payments which are in the industry. We also monitor the real-time transactions with retail banking, as well as banking transactions. We have the ability to monitor the in-house payment platforms, the ones that you develop in-house and as well as payment hubs, all in a real-time manner. We have been working with some of the world’s biggest companies and more importantly with some of the world's largest banks. As you can see in the logos there, and financial institutions as well, to help them to manage their mission-critical systems. And to also make their operations more efficient and profitable. And to manage the service level alerts to the issues before they become a problem that impacts their customer.
We also provide them with the tools to troubleshoot and significantly reduce the time to resolve the issue. Basically, our mantra is that “If you don't monitor it, then you cannot manage it.” If you want to know more and get more use cases, please do not hesitate to reach out to me and Junaidy. With that, I will hand it over to Junaidy Laures who is my colleague. He is going to present the first use case of Prognosis.
Junaidy Laures: Okay, thank you, Siti.
To kick things off, I'll start with the first use case that I like to talk about. It's about the challenges faced by a major bank, especially their POS Acquiring function team. And the challenges here, I’d like to talk about from both the business perspective as well as the operational perspective. Now, these challenges are most likely relatable to some of the audiences here today who are potentially doing POS Acquiring function teams as well.
The key issue to be discussed here is an outage at some of the major merchants managed by the bank. Now, as a result of this outage, you can imagine many transactions and payments cannot be processed during these outage periods, either credit card or debit card transactions. Now, since there is no visibility into the environment, transactions or connectivity, the team could not detect the incident. And the only way to find out about the issue was to wait for the merchants or the customers to complain.
Now this month, the issues have occurred. And furthermore, the Operations team needed to find out and pinpoint the root cause of the problem, which is not really trivial. You can imagine that you'll need to pull up all the declined transactions, the failed transactions, and correlate the BIN information to identify the offending issuer. Find out which gateways were impacted, etc. This outage also resulted in severe penalties that the bank had to pay out. And when there are dollars involved, it is usually quite a high-profile incident. It is also not always easy to calculate the cost of an outage. Overall, you can see how easily these incidents impacted the whole POS team in a bank from the operational all the way to the business level.
Junaidy Laures: So how does Prognosis help? Obviously, if you have been looking for a monitoring solution in the payment space, you would know that IR is one of the key players in this payment space. We have this technology and the knowledge in this payment industry. And Prognosis has the capability to monitor the environment both from the application as well as the transaction perspective.
So for this particular case, we proposed a number of key Prognosis modules that can help mitigate the risk and provide visibility into the issues experienced by the bank. Prognosis uses Dynamic Thresholds, for example, to detect patterns and identify abnormal activities. It can also be configured with some predefined card BIN groups so that transactions that are monitored can be easily identified and grouped together. And this can be done for various purposes. We also proposed some reporting capability to help easily find transactions and calculate the outage costs.
Now in the next few slides, I will walk through each of these with slightly more details.
Junaidy Laures: So, one of the key components that I'm showing here is the “Live Canvas”. The general idea here is that you can tailor a Prognosis “Live Canvas” to suit your monitoring purpose, and the users can visualize the monetary environment in any way that you want.
And you can simply design it using a Visio diagram. And on top of that, you can overlay Prognosis monitoring data on it. It is very flexible. The diagram I'm showing here is a payments hub diagram. In our case, we used the “Live Canvas” to show the logical connection here between the payments hub and the various payment channels, and the color schemes along with the transaction performance.
So on the left-hand side, you can see each of the banks, each of the icons, has its own associated key metrics, such as TPS or number of transactions. If any of these metrics fall below or goes above a certain threshold, it will light up red or yellow, depending on the configuration. Otherwise, green typically means good.
The same applies with the lines of connectivity between the banks and a card payment switch. For example, whether certain gateways are performing or underperforming. Now each of these metrics is attached to an underlying set of Prognosis data that is updated constantly in real-time. So you can see how easy it is from a high-level perspective to view the environment, and then easily identify if there is an issue.
Junaidy Laures: And then we also have a Prognosis dashboard from a web application perspective. So specifically here for merchant-level monitoring, so viewing the dashboard from a KPI perspective, you can see the top merchant transactions by volume, the top issuers with the slowest response time or simply the transaction count: approvals versus denials, the count versus percentage. This all made it easy to view the key performance indicators of how individual merchants, individual issuers, or the overall payments environment, which is performing.
The dashboard’s also customizable, and allows us to drill-down further troubleshooting for cost analysis purposes. So when there is an issue, you can drill-down to find out more details of the transaction, for example.
We also proposed Dynamic Thresholds, or Dynamic Alerts in this case. The idea here is pretty simple: Compare the patterns or trends of activity, such as transactions against historical data. Prognosis has been monitoring the real-time data. And this real-time data can also be stored for long-term purposes. For example, for reporting with Dynamic Alerts, we simply compared to current, real-time dial against the same data from the past, and provide alerts when it deviates from the normal pattern.
Now, the graph itself is pretty self-explanatory. What we are showing here is transactions per second, a daily graph of transaction volume. So, the purple line shows the high threshold and the green line shows the low threshold. When there are transactions happening in that block of hours, and it falls below that high and low trestle, it means its transaction volume is normal.
At 11 o'clock, you can see that transactions fall way below the normal, low value or low threshold. And at one o'clock in the afternoon, it goes above the high threshold. From here, you can see it allows for less critical outages, improved customer service, as well as minimizing the time to maintain or tweak the threshold because it's kind of like self-adjusting. So there’s quicker time to resolution with dynamic threshold.
Now on to the reporting. So we proposed a few reporting modules that help our customers to mitigate some of this risk or actually improve the performance. The first one I'm talking about here is the Outage Impact Reports.
With a real-time data step for long-term purposes, we can easily provide an Outage Impact Report. Now the interface can be adjusted and then when a certain time and day and location of the outages are entered, the Prognosis Outage Impact Report can provide an overall cost to the business. Of course, the calculation of these costs of transactions can also be adjusted.
Junaidy Laures: The next module is on transaction search. The purpose of this is to help the Help Desk team to search for transactions very quickly, either by partial card number, by terminal ID, by the amount, by transaction time and date.
And with this, you can see how it can easily improve the troubleshooting time and customer satisfaction. When a customer calls and complains about their customer transactions being declined, the Operations team or the Help Desk team can easily look up the transaction, recent transactions, look up a customer credit card number, do partial matching, and then find the transaction details. And then you can also drill-down for the transaction details to look at the exact cause of the problem.
And finally, the business insight reporting module also provides high-level critical reports for transactions across different categories. Such as top-performing merchants, merchants with most turnovers, and sources of card fallback, because the manager uses Microsoft SQL, SSRS and SSIS. This means the additional reports can be built based on specific requirements.
This concludes my first use case for the challenges faced by a bank and how Prognosis can help alleviate the risk and provides visibility as well. Now I will hand it over back to Siti to talk about the remaining two use cases for today's webinar. Back to you, Siti.
Siti Chen: Thank you, Junaidy.
So I'm going to continue to talk about the rest of the use cases for today. So the second use case that I'm going to discuss today is the challenges faced by the ATM provider.
Okay, so the business challenge faced by this ATM acquirer is related to the compliance by a certain regulatory authority in some countries that mandates the bank to be able to provide a report for the ATM transaction that exceeds a certain amount. And also be able to monitor the transaction with such a large amount because this transaction may indicate a fraud such as money laundering.
So the business challenge here is that the bank was not able to provide an accurate report that contains all the transactions that have breached the amount limit to the authority for further investigation. So this failure also highlights that the bank didn’t have enough control over their ATM network.
As you all know, this kind of failure is very costly because you may need to pay a penalty to the authorities. And it can also result in the damage of your reputation. The challenge on the Operations side here is that the team didn't have a way to detect a transaction that has breached the transaction limit enforced by the authorities. Hence, the Operations team was not able to help the Business team to produce an accurate report that contains the list of the transactions that exceeds a certain predefined limit of the transaction amount.
It also took the Operations team a while to realize that they have been in breach because they didn't have an appropriate tool in place to help them to detect the breach. And they also took a very significant amount of time to find the root cause before they can fix the issue permanently.
The last challenge that they faced is that they also failed to monitor the transaction activities from the high-risk customer that were suspected as a criminal, as informed by the authorities. They were not able to help the authorities to catch the criminal. So those are the business challenges and the operational challenges faced by one of our customers.
Siti Chen: Now, how does Prognosis help them? Prognosis has the capability to monitor each individual transaction and has a rule-based engine that allows the bank to create rules themselves to catch a certain transaction pattern that may indicate fraud. We help the bank to create the rules to report and alert on the transactions from the high-risk customers based on a portion of the card number. In this case, it's the first six digits and the last four digits for the PCI compliance purpose. A simple rule is also created to capture and report on the transaction that exceeds a predefined amount. This kind of rule is very easy to be defined within Prognosis, so that it can work immediately to capture better that are required by the bank.
Furthermore, the bank also imports a list of the compromised cards, or the blacklisted cards, or the stolen cards, for example. So that Prognosis can trigger an alert when there is a transaction using any of the compromised cards.
The same rule-based engine is also used by the bank to detect transactions with the same card number that occurs in multiple ATM locations within a short period of time. This can be used in this case to track criminal activity using conned or skimmed cards. Besides reporting these transactions on the web dashboard and sending alert to the Operation team, Prognosis is also configured to performing actions such as executing commands to close the ATM immediately to prevent transactions from happening on the ATM further and to aid further investigation done by the authorities.
Siti Chen: Okay, now, how does the Prognosis solution look? What you're seeing here is the simple web dashboard of Prognosis that shows you the list of the configured rules within Prognosis.
As you can see, on the left-hand side, in the section for Rules there, it can show you the rule where you can specify the pattern or the criteria for Prognosis to capture the transaction. Such as, if you want to capture the transaction when the amount is greater than $500. The transaction type such as a cash deposit transaction, and the number of occurrences in the last 60 minutes. So, once you define this rule, Prognosis is able to capture and show you how many transactions match the role that you just configured.
In this example here, for the rule that catches suspicious transactions. For example, Prognosis currently captured 41 transactions in the last 10 hours that match the predefined pattern or the criteria in the rule-based engine. Prognosis also allows you to drill-down further to see what are the transaction lists, the 41 transaction list, and the details. Which I will take you through to the next slide here.
Siti Chen: Okay, as you can see in this slide here, you can view the details of each individual transaction that is useful to help you with the investigation. You can also configure Prognosis to show any kind of detail inside the transaction that you're interested in: such as the terminal location, the amount of the transaction, the approval code, the response time and so on. Basically, you can configure each individual dashboard to show any type of information for a certain group or a team inside your organization. For example, one group, the Operations team will have a different view from the Business team. All these you can do easily within the Prognosis web dashboard.
This takes us to the last use case that we are going to discuss today, which is the use case for the payment processor.
Siti Chen: So some countries have a compliance that mandates the processor to be able to closely monitor the risks associated with the settlement amount between the member banks of the payment processor, in order to protect themselves from liability in the unlikely event that a member bank fails the next day. The challenge here is that the payment processor that works with us, in the past didn't have visibility. And they didn't have a way to monitor the debit and the credit settlement amount in a near real-time manner. They only know the settlement amount at the end of the day, and they were not able to mitigate the risk quickly enough.
From the operations side, they didn't get any alert to warn them when the debit and the credit amount for each one of the member banks are too close to the predefined thresholds. They weren’t able to take immediate action to remediate it. They also were not able to provide a dashboard to the business team to show the near real-time settlement amount before the end of the day.
Siti Chen: How did Prognosis help them? With Prognosis’ capability to capture each individual transaction details. Prognosis is able to perform a complex calculation of the settlement amount in a near real-time manner. In order to provide immediate visibility to the Operation and the Business team. The complex calculations here involve conditions such as a transaction code. the terminal FIID, the response code, message type, and card FIID into the consideration. So you can configure any type of your current rule in calculating the settlement amount within Prognosis and then Prognosis will be able to pick that formula and calculate the settlement amount in a near real-time manner. And showing you on the dashboard, as well as sending the alert to the Operation team so that the action can be taken immediately.
Besides showing you the information in a near real-time manner, all this information is also stored in the Prognosis database. This allows you to configure Prognosis to automatically generate an ad hoc or periodic report that contains the historical settlement amount for each one of the member banks.
In the next slide, what you're seeing here is the sample dashboard of Prognosis that shows you how Prognosis can show you the near real-time settlement amount for each one of the member bank against the predefined debit and credit thresholds.
The settlement amount information shown on the dashboard here includes the cumulative credit and debit transaction amounts for each one of the banks. As well as the percentage of the accumulated settlement amount. So that you can set an alert when it goes to 200%, which means that is already against the thresholds that you already set. And the conditional calculation that we take into consideration, as I mentioned before, can involve any information within the transaction itself, such as a transaction code, the terminal FIID, and so on.
Aside from showing you in this dashboard here, Prognosis also sends you an alert. You’re not just getting the near real-time time dashboard, but you're also able to receive an alert so that you don't have to keep watching this kind of dashboard. But you just wait for the alert to come in from Prognosis so that you can take immediate action appropriately.
With that, this is the end of the last use case that we are discussing today. Now, we would like to take this opportunity for you to start submitting your questions. And if we don't have enough time, then we will provide an answer later. I'll hand it over to Stephen. Thank you.
Stephen: Okay, thanks Siti. We've had a couple of audio issues. So I do apologize for that. But I hope the audio has recovered. We just have a couple of minutes. We do have a couple of questions here.
One of them is for Dynamic Thresholding, Siti. How long does it typically take to implement?
Siti Chen: Thank you, Stephen. For the Dynamic Threshold, it really depends on the requirements of what you want to alert on. But typically, it depends on the complexity, it can take from two to four weeks. It really depends, because we already have the schema in place so we can just deploy as it is, and then we can tune it based on your requirements. Thank you.
Stephen: Okay, I'm just going through a couple more questions here.
We're close to the end of the webinar. So we might end for today. A recording of this will go out and we will be having a few more webinars around this. So look out for that from BrightTALK.
I want to thank everybody today and I apologize for any audio issues that you may have experienced. Thanks to Siti and Junaidy.
If you have any more requests, please contact your account representative or any of us here at IR directly and we can help you out with your requirements.
Thanks again and see you next time.