A proposal from the Wai™ Cybersecurity team to reduce fraud in the financial system.
From the Wai Cybersecurity team we developed this operational draft as a urgent call for attention to banks and financial institutionsThe company's clients, which lose millions per year by taking over amounts stolen by cybercriminals from their customers.
The goal is clear: to quickly and in a coordinated manner disrupt the criminal circuits that allow cybercriminals to empty accounts in a matter of minutes.
Cases such as cell phone theft with access to virtual wallets, phishing scams or digital intrusions continue to grow. Today, criminals not only access the victim's account: immediately transfer the funds to multiple "swallow" accounts, from where they extract cash or channel it to other networks.
Wai's proposal consists of the implementation of a temporary locking system for accounts suspected of being compromised, including both the account holder and those of immediate destination. This blocking would be triggered after validation of a criminal complaint with biometric accreditation by the holder, generating an automatic alert to the BCRA and the financial institutions involved.
How this model would work:
- Beginning of the process:
Phone theft, phishing or other type of digital attack with access to bank accounts or PSP. - Criminal complaint:
The holder is required to file a report with biometric identity validation (currently not required by the judicial system). At this point, the SIFCOP (Federal System of Police Communications) could intervene to guarantee interjurisdictional interconnectivity. In this section, it is important to bear in mind that also, according to the latest report of EuropolAs a result, biometrics is already beginning to be compromised, although it is still the most secure way to validate identity. - Automated office to the BCRA:
Integration via GDE to notify banking ecosystem stakeholders. - Automated blocking request:
A request is automatically issued to the entities involved for the preventive blocking of accounts. - Temporary blocking action:
Both the account holder and the "swallow accounts" are suspended until the account holder, through biometric validation, requests the unblocking.
This scheme proposes to change the approach: instead of pursuing the crime when it is already too late, act quickly to cut off the criminal chain in real time and leave the forensic issue and the judicial investigation itself for when it is possible to carry it out.
We share a note made to our CEO, Nicolás Pstyga, about a case that shocked the country:
This work is only a first draft. But we firmly believe that it can lay the groundwork for a national protocol for immediate response to digital crimes with financial impactinvolving both the State and the private sector.
