Estimating the risk of fraud against e-services

Loading...
Thumbnail Image
Other Title
Authors
Yesuf, AS.
Probst, Christian
Author ORCID Profiles (clickable)
Degree
Grantor
Date
2018-11
Supervisors
Type
Conference Contribution - Paper in Published Proceedings
Ngā Upoko Tukutuku (Māori subject headings)
Keyword
e-services
fraud
security
risk estimation
risk analysis ·
Citation
Yesuf, AS., & Probst, CW. (2018). Estimating the Risk of Fraud Against E-Services. 23rd Nordic Conference on Secure IT Systems (pp. 306-322).
Abstract
Industry is continuously developing, deploying, and maintaining e-services to transform traditional offerings. While protection of traditional services is well understood, their digital transformation often is vulnerable to known and new attacks. These vulnerabilities open the door for fraudsters to exploit the weaknesses of the new systems and associated services, causing losses of billions of dollars for global economy. This development is caused by the ease of developing new offerings, and the difficulty of performing thorough risk assessment during their design and development. Traditional risk assessment methodologies need to be enhanced to include threat scenarios faced by e-services, and to enable them to match the short development timeframes and to inform the decision-making process. In this paper we present a fraud risk estimation approach addresses these requirements. Based on a list of threat scenarios, our approach calculates the potential risk using pre-computed risk factors, and visualises the analysis result for an informed decision making. In doing so, our approach increases visibility and awareness of fraud risks, and reduces the time spent to calculate potential risks at the design level and throughout development. Together, these properties make our fraud risk estimation approach ideally suited for constantly applied, iterative risk analysis.
Publisher
Springer International Publishing
Link to ePress publication
DOI
Copyright holder
Copyright notice
All rights reserved
Copyright license
This item appears in: