Digital Banking Data Privacy and Fraud Consultant

12/2019 – 12/2020

Implemented Strong Customer Authentication (SCA) and continuous transparent monitoring with the bank as the lead consultant in time for PSD2 deadline.

Reduced alerts from over a 10000 per month to 250 - 300 through staff training and rule best practice implementation with IOC automatic hot-listing and rule aggregation.

Increased UX for users by educating fraud team / UX team on transparent monitoring without impacting user journeys.

Performed root cause analysis for authentication friction / failure and recommended a new approach which reduced authentication failure by over 50%

Identified new and unknown risks / attacks to the bank and successfully defended against them.

Identified and addressed unknown bot activity (good and bad). Reduced false alerts generated by automated activity from corporations.

The bank provided feedback that they “flew through compliance discussions with the regulators thanks to the work we completed”.
- Reduced Fraud
- Reduced Operational Costs
- Improved UX

Cyber Security

12/2018 – 11/2020

Implemented Strong Customer Authentication (SCA) and continuous transparent monitoring with the bank as the lead consultant in time for PSD2 deadline.

Created framework with the bank working with the Fraud Operations team to evolve from transaction monitoring to digital session monitoring.

Redesigned onboarding process due to vulnerabilities identified in the recovery process.

Created risk-based alerting whereby auto learning from rules would dynamically increase or decrease the risk in the session reducing the number of false alerts by taking multiple session multiple users into a cumulative alert. This information was fed to a downstream transaction risk analysis and money laundering tool.
- Reduced Fraud
- Increased oversight
- Improved UX

Compliance management, Cyber Security, Security Operations Center (SOC)

12/2015 – 12/2017

Transforming a mobile authentication application from client side only to server-side continuous authentication. Hardened application and increased insight.

- Enabled company to create product with serverside analytics for mobile devices
- Built features for machine learning models to identify anomalies in mobile devices
- Identified common attacks and provided recommendations to harden mobile application
- Recommended approach to device fingerprinting whilst maintaining privacy
- Identified vulnerability in provisioning process, provided recommendations to secure. Consulted on testing and new release.
- Provided pathway to reduce APP fraud.

Cyber Security, Predictive Analytics