Abstract
As fraud and cybercrime become more frequent and sophisticated, preventing users from being exposed to risk is a significant challenge for the scientific community. Current banking systems use One Time Password (OTP) sent to the mobile phone to prevent user impersonation attacks. However, it could be compromised by man-in-the-middle attacks. It also presents usability and unavailability problems if the SMS service is inaccessible, especially when traveling or in case of a damaged or stolen phone. Using Machine Learning (ML) techniques to detect and prevent fraudulent actions allows financial organizations to stay one step ahead of fraudsters, whose scale and sophistication continue to grow. Specifically, ML systems can be used to identify additional authentication factors to make the system more robust against attacks. To prevent identity theft attacks and minimize fraudulent transactions, we propose in this work a comprehensive design that combines adaptive multi-factor authentication and adaptive fraud detection for banking systems based on the use of ML technology.