日本語 
AEON Financial Services , which operates AEON Bank and AEON Insurance Services , has signed a “Web Risk Partnership Program Agreement” with Google Cloud Japan to strengthen its defenses against increasingly serious phishing scams. We spoke with Toshiyuki Masuda, Executive Officer in charge of Operations and Finance Business, and General Manager of the Finance Business Division, about the background and effectiveness of the implementation of “Web Risk.” AEON Financial Services is responsible for AEON Card operations and the development of affiliated stores. Masuda is primarily responsible for handling interest-bearing financial products such as cash advances and installment payments, as well as credit card screening, credit management, fraud prevention, and debt management, covering the entire process from lending to approval and debt collection. He also leads a team promoting the AEON Financial Services Group’s digital transformation (DX), exploring the adoption of technology and the use of AI. To combat fraud, the company’s department in charge determines whether credit card transaction data is fraudulent, and if any transactions are suspected of fraud, they are investigated and approval is withheld or denied.
However, as fraud methods become more sophisticated, it is becoming increasingly difficult to determine whether a transaction is legitimate or not. Credit card fraud losses are expected to reach 55.5 billion yen in fiscal year 2024, and fraudulent use is on the rise across the industry. Much of this is due to theft of credit card numbers through phishing scams and credit card skimming, with phishing scams being particularly prevalent. While Masuda has implemented multi-layered defenses, such as safe browsing and phishing site takedown services, as well as fraud detection using AI, “it’s become a cat-and-mouse game as scams continue to evolve,” he said. Given this situation, “we decided to introduce Web Risk, believing that it’s most important to prevent customer numbers from being stolen in the first place.” Web Risk, provided by Google, is a security service that uses AI and machine learning (ML) to detect and block fraudulent websites in real time. The service was introduced as part of the Processing Division’s fraud prevention efforts. Under the Web Risk Partnership Program agreement signed with the implementation, AEON Financial Services shares websites that imitate AEON Card’s “Lifestyle Money Site” and “AEON Bank Internet Banking” that it has discovered through Google’s API, and the AI generation system learns from them. Based on the learning results, Google will detect similar phishing sites and prioritize them by displaying Safe Browsing warnings. Masuda cited “speed,” “automatic detection by AI,” and “deterrent effect” as reasons for the implementation.
While existing services took an average of six hours from the time a phishing site was discovered to the time a warning was displayed, Web Risk completes this process in approximately five minutes, explaining its speed as an important factor in preventing fraudulent use. Furthermore, the AI generation system built into the service automatically detects and registers similar phishing sites that have not even been discovered by the system’s personnel, and displays warnings. Displaying red warnings on phishing sites significantly reduces the risk of customers falling victim to phishing scams. Since the service went live on July 29, it has monitored the number of websites with warnings and the number of new phishing sites. Warnings have been displayed for nearly 100 sites per day, with over 400 on busy days, indicating a positive response from the company. While AEON Financial Services’ goal is to prevent fraudulent use and reduce losses, Masuda stated, “Since we’ve seen such an effect at the entry point, we believe we can reduce the final amount of losses as well.” Masuda also explained the benefits of implementing the service, saying, “The greatest benefit for customers is being able to use their cards safely and securely. For our company, it not only reduces losses but also reduces operational costs.
Also Read: CTC Unveils Service to Evaluate Cybersecurity in Finance
Furthermore, by publicly announcing this implementation, we hope to deter attackers by making them realize that targeting AEON cards is a hassle.” The company plans to expand Web Risk to its group companies, including overseas. Meanwhile, there have been cases where card numbers have been entered into phishing sites operated by other companies, such as Amazon and Yamato Transport , resulting in their theft. He said that since the law cannot be applied arbitrarily to other companies’ websites, it would be good if the entire industry could work together to take measures against fraudulent use.
SOURCE: Yahoo
English