Fraud Prevention

Hello there! If you are new here, you might want to subscribe to the RSS feed for updates on all things SAP.

Establish Indisputable Accountability

fraud 7 percent Fraud Prevention News of financial fraud is in the headlines daily. Unfortunately, the majority of it is committed by insiders. Occupational fraud accounts for an average loss of 7% of revenue (approximately $994 billion in total) for U.S. organizations (ACFE 2008). Because 64% of passwords are written down (Rainbow 2003), and 33% of corporate employees are comfortable sharing their passwords with others (Global 2003), it is not difficult for an unauthorized user to gain access to an authorized user’s profile. Although some people may have poor intentions, a study conducted by the Interactive Data Corp. (IDC) in 2009 revealed that 52% of insider threats were predominently accidental. Not only is it important to establish accountability to prevent fraud, but this study also shows the value in restricting access to limit human error.

With our partner, realtime, we offer the industry’s best fraud prevention tool: bioLock. With bioLock, SAP customers can control access to critical functions, sensitive data and transactions in order to prevent fraud by utilizing advanced biometrics technology.

Fraud Scenarios

Learn how other organizations could have benefited from the bioLock software through these real life examples.

Scenario 1 (RealTime 2009)

A director used one of his employee’s user profiles and passwords to commit fraud in the SAP financial system. When the fraud was discovered, the employee spent half a year in jail for a crime that she did not commit. Eventually, the director was arrested for stealing her password and committing the fraud.

Scenario 2 (IDGNS 2008)

Inadequate IT security allowed a trader at French bank, Societe Generale, to make a series of unauthorized transactions that ultimately cost the bank $7.2 billion.

Scenario 3 (CNET 2006)

In May 2006, personal records from about 26.5 million veterans were stolen from the Department of Veterans Affairs (VA). The Veterans Groups sued the VA, seeking up to $26.5 billion in damages.

Scenario 4 (FOX 2006)

An administrative assistant at Coke stole formula trade secrets from the company and attempted to sell them to Pepsi for $1.5 million. Pepsi contacted Coke immediately, and FBI authorities arrested the former Coke employee.

bioLock – Redefine the Security Approach

The bioLock tool sits on top of your existing SAP Security and adds an additional layer of protection. It protects SAP access, transactions, fields and infotypes at the data level, uniquely identifies the users independently from the SAP user profiles, and accepts and rejects requests based on biometrics and logs activities. Users conduct and confirm critical activities by swiping or touching their finger to a biometric device. bioLock identifies the actual user and records the type of transaction made by or functions denied to the actual user in SAP’s and RealTime’s log files.

BioLock also provides a Level-V Security Protection, which is the first SAP certified biometric protection.

Level I: SAP Logon

Level II: Transactions

Level III: Fields and Infotypes

Level IV: Field Values

Level V: Dual Confirmation (two signatures on a check)