A new step in online fraud prevention with our demo at Telefónica Innovation Day 2024

Internet security has become a crucial issue for users, especially when it is related to services in the Fintech world. This comes as no surprise, as Internet fraud is becoming more and more prevalent on a daily basis, with new formulas that confuse victims with clever tricks. This is bound to have an impact on businesses and on society, which is becoming increasingly insecure in the digital sphere.  
  
This is reflected in a recent CIS survey which showed that 47.4% of those surveyed had suffered a scam or attempted scam in the last 12 months. Of this percentage, 84.2% claimed to have received suspicious e-mails or mobile phone messages requesting personal or financial information. This shows the importance of creating solutions adapted to the times in which we live, in order to continue to protect the security of users.  
  
From Telefónica Open Gateway we offer tools to boost applications. Our cutting-edge technology and our experience with financial institutions help offer simpler solutions with less risk. In this way, through our standardised APIs we offer developers and companies a differential point in fraud prevention, thanks to the unique access to network data that we have as a Telco. This is what we have demonstrated once again at Telefónica Innovation Day 2024, with a demo that showcased the possibilities in identity verification and fraud detection in key sectors such as Fintech.   

On October 17th, Telefónica Innovación Digital opened the doors of its facilities in Madrid to give way to one of the events of the year: Innovation Day 2024. Under the concept "(Un)Expected Connections", he made clear the power of connections, combining the company's cutting-edge technology to achieve more powerful results.  
  
Our Telefónica Open Gateway team had the opportunity to be part of this event. It could not be otherwise, as our project perfectly reflects the main essence of this great meeting. Combining networking, innovation and network APIfication leads to results as innovative and revolutionary as this initiative.   
  
Chema Alonso was giving a tour of the new era of the Telco industry and how the opening of our capabilities is enabling a new generation of digital services for the world of Anti-Fraud, Fintech, Drones and many other sectors. In addition, for the more adventurous, we have our own corner in Connecting Ground, a demo area where you can experience the power of the network with all attendees.   

One of the most outstanding demonstrations we took to Telefónica Innovation Day focused on fraud detection and prevention. It integrated our API technology into a business banking application, demonstrating its potential in preventing fraudulent crime in key sectors such as banking.   
  
In this way, we show how our tools bring fundamental value in providing identity verification, authorisation and multi-factor integration by context (such as validating transactions in valid locations or allowing transactions only if your connection is not roaming). For this purpose, we made use of Nevele Bank, a web application developed by us to simulate transfer processes by simulating a private banking environment.  

Block 1 | Authentication of users and creation of new profiles  

On the one hand, it showed how users can verify their identity when accessing the bank's application with mobile connection, using the anti-fraud functionalities of two of our Telefónica Open Gateway Telco APIs:

• API Number Verification: verified whether a user connected to the mobile network has an associated phone number, without the need for credentials or OTP.  
• Device Status (roaming) API: checked if a device connected to a mobile network is roaming. This prevented it from being vulnerable to GPS spoofing attacks, a technique that manipulates GPS signals to make the device believe it is in another location.

In addition, another of Telefónica Innovación Digital's services, TU Latch, was used to manage the control of authorisations when logging in and to protect the user authentication phase with Locks, through its Latch tool. Then, in order to add an extra layer of security, an Authorisation Control was added with Q-TOTP (Quantum Temporal One-Time Passwords), an evolution of authentication based on One-Time Passwords, which uses quantum cryptography to improve the security of temporary passwords. 
  
On the other hand, it was projected how we optimised the customisation of its security measures. These settings enabled multiple security checks of our APIs Number Verification, Device Location Verification, Device Status (roaming) and SIM Swap, when making movements or banking transactions, allowing for each user and critical process to have a multi-factor security configuration. Other functionalities of the aforementioned TU Latch application also came into play in this process, with a TOTP service that once again reinforced the protection of the operation.  

Block 2 | Security verification in banking transactions

A process of making a transfer was initiated. First of all, it was important, and this was reflected in the demo, that the user had the TU Latch open, a tool that allows security protection with authorisation controls for privileged operations. However, in order for the bank transaction to be executed, multi-factor validation by context also had to be carried out. This is where the anti-fraud functionalities of our Telefónica Open Gateway APIs came into play again:

• Number Verification API: added identity authentication processes and reduced application risk by verifying the phone number in real time.  
• Device Location Verification API: verified the location of the device, confirming that it was on the list of allowed locations.  
• Device Status (roaming) API: as in the first block, checked the roaming status of a SIM-enabled device.  
• SIM Swap API: offered the possibility of verifying suspicious movements related to SIM card swaps, providing an additional layer of protection against possible fraudulent activity.

In addition, the transaction was authorised by its supervisor and a signature of the transaction was carried out via OTP, to provide an additional layer of protection for the user.  

Telefónica Innovation Day 2024 was a day packed with cutting-edge technology, cutting-edge solutions and advanced ideas that will shape the future. It was a great opportunity to see the powerful proposals that arise from the power of connections, with results as interesting as the one we have seen today.   
  
We hope to see you at the next edition! In the meantime, you can subscribe to our monthly newsletter to keep up to date with all our developments, the latest news from the sector and upcoming events in which we participate. Don't miss out!