Erez Zohar, co-founder and CEO of Obsecure, is a renowned technology, product and business leader. With over 20 years of experience protecting organizations from fraud and cybercrime, Erez has also served in several technology leadership roles for the Israeli Defense Force (IDF).
Prior to founding Obsecure, Erez spent 17 years with NICE Actimize, holding a number of positions including Global VP and General Manager, leading the NICE Actimize Fraud & Cybercrime line of business, CTO, and VP of Global Technical Services. Erez holds a B.S. in Computer Science and Mathematics from Bar Ilan University in Israel.
Was this one of the most interesting conversations of the past month? You bet.
M.R. Rangaswami: At what point did you realize there was a need in fraud that was not being addressed?
Erez Zohar: I spent the last 17 years before starting Obsecure at one of the largest enterprise fraud management platforms. Although I was holding a number of positions there, including CTO, GM Fraud, and CPO, I think it was the entire time spent focused on solving the problem of fraud that led me to the realization that something is fundamentally broken in the current approach.
Being exposed in a deep way to how fraudsters work and even more importantly, how challenging it is for Financial Institutions to protect their customers, I started to ask myself – what is the industry missing? I came to realize the root issue is the current gap that exists between identity management and fraud management. It is in this gap where fraud happens, which in turn leads banks to de-risk activities that are deemed as too risky by limiting them or removing them altogether from the digital channels. It also leads banks to deploy means that create friction, such as false declines and step up authentications.
I further realized that this gap is unique to the digital realm and does not exist in face-to-face in-person interactions, where the identity of the person and their perceived activity are implicitly bundled and cannot be separated.
It is that realization that inspired me and led me to start Obsecure. We have built a technology that fundamentally ensures the authenticity of digital interactions by fusing the identity of a person with their online activities. Our goal is to prevent criminals from stealing money or goods from innocent people and businesses through authenticated actions, in effect notarizing the actions customers perform online.
M.R.: When you look at cybersecurity in 2020/2021 – what are you most wary of and most determined to protect your clients from?
Erez: On the retail side, we focus on solving cybersecurity issues to the point where third party fraud will be eliminated. Looking at it holistically from account opening through transaction signing — from web to mobile — we are essentially digitizing the principal of in-person notarization. By truly integrating identity and activity on digital channels, digital transactions will become as safe as in-person transactions.
We are also helping clients avoid device dependency as device binding reliance creates friction, additional steps, etc.
On the commercial side, we are working to address what the FBI has referred to as the biggest fraud problem today – Business Email Compromise. Here, we have a very novel approach that emphasizes the flexibility of asynchronous communication while providing authenticity assurance and keeping the business safe from imposters.
M.R.: If organizations could implement one change to their cybersecurity in the next two months, what would it be?
Erez: Organizations should stop using email and text messages including so-called secured messaging apps for any communication regarding money – invoices, money transfer requests and approvals, change of accounts, etc. This includes not only external communications, but possibly even more important, internal communications. The reality is that an email from the CEO to the bookkeeper asking for an immediate payment should not be trusted.
Lastly, something worth considering is how behavior is changing with the pandemic. At the start of the pandemic, the majority of transactions moved to digital. From a fraud standpoint a lot was happening, starting with a wave of false alarms caused by the change of behavior on this mass scale, then, with the Paycheck Protection Program, and with so many unsavvy new users of online services, fraud skyrocketed.
However all of these examples are local, short-lived impacts. Systems were recalibrated and procedures updated, and as a result fraud stabilized. I believe the long-lasting effect will be the ultimate shift from in-person to remote banking. It’s inevitable that life is going to be more digital, more remote and more dependent on interactions with machines.
Banks traditionally see the branch as a default channel, where any activity deemed too risky online was only possible in the branch. This shift means this fallback option is no longer available. Banks need to find a way to provide a full and limitless online service model.
With technology like the one we develop, we can marry the aspiration of effortless and limitless user experience with the need to maintain safety and security, without compromising on privacy.
M.R. Rangaswami is the Co-Founder of SandHill.com