In October 2023, Cleafy’s cutting-edge fraud detection technology stopped a bot-driven attack that had been sifting through 2.1 million credentials stolen from the dark web.
Cleafy’s technology stopped 100% of the attacks, potentially saving the all-digital bank €7.5 million in losses.
What is Cleafy?
Matteo Bogana, CEO and founder of Cleafy (pronounced “clee-f-eye”), describes Cleafy as a platform that leverages core cybersecurity concepts and applies them to fraud prevention.
“Fraud is the last mile of a planned attack, but people typically focus on the fraud, not the attack,” says Bogana. “Cleafy neutralises cyberattacks before they become fraud.”
To achieve this, Cleafy absorbs massive quantities of data, then processes that data using in-house ML and AI to determine potential fraud. The proof is in the pudding: Three major banks in Europe have reduced their fraudulent transactions from millions a month to only several thousand, and all of it is done without causing user friction.
Cleafy provides an interface that describes potential attacks in a way that fraud (risk) and cybersecurity teams can both understand, easily reconstructing the attack vector so it becomes clear what is happening. The result is that these teams can act faster to mitigate attacks.
“The Nordics are a step ahead of other regions because banks already share threat information between each other”
Matteo Bogana, Founder and CEO of Cleafy
How Cleafy works
Cleafy integrates at the network-level or directly at the mobile-level. The company closes the loop regarding a bank’s data and is able to process every step of a user’s interaction with a banking service. It monitors all sessions across all digital channels and devices, and can correlate all ongoing live sessions to trace back and see if anyone has tried to hack the service, the device, or the user session, at any stage.
Using in-house AI and ML, Cleafy analyses the data, then categorises, explains, and labels it, giving the data vitally needed context and logical meaning. If the system detects that an attack is in progress, it either alerts a human or takes automatic actions to neutralise it.
Data interpretation and the decision to act or not are precise and deterministic. This approach reduces friction for users. Instead of blocking a transaction at the last minute and risking false-positives, Cleafy works with patterns and predictions instead, detecting and managing a potential threat before it becomes a real fraud.
Recommended: Explore the Future of Finance at Nordic Fintech Week
Cleafy integrates directly with the bank’s SIEM—the security information and event management tool, which is a cybersecurity solution that gathers immense quantities of data from different sources. Cleafy correlates this data with an identity access manager. If Cleafy detects behaviour that’s typical of fraud, such as attempting to change a customer’s phone number for SMS verification, Cleafy then automatically reduces the user’s authorization level to thwart the attack.
This is just one example of how the service integrates deeply with a bank’s existing systems. Even in major banks, it can take from a couple of weeks to a few months to be implemented, with a very short time to value.
Cleafy in the Nordics
Regarding identity protection and preventing highly sophisticated attacks, Cleafy has already substituted the key players offering that service to major European and South American banks. Now the company has its sights on the Nordics.
“The Nordics are a step ahead of other regions because banks already share threat information between each other,” says Bogana. “However, what they lack is deeper visibility in events and a way to communicate about and understand that data in a way that all stakeholders can grasp, which is what Cleafy brings to the table. Given the data-driven nature of our solution, I believe it can significantly enhance their visibility and data-sharing approach by adding proactive threat identification capabilities and providing valuable insights based on attack techniques.”
