
Banks: You don’t need to deploy fraud detection tools on-premise anymore
- Alex McConnell, Cybersecurity Content Specialist
6 minutes read
It might seem like ‘the cloud’ has well and truly established itself as the de facto deployment choice. However, the market for cloud computing is still expected to grow – a lot – in the coming years (from $371.4 billion in 2020 to $832.1 billion in 2025).
How can this much growth still be possible for a fairly mature market? One explanation is many highly regulated or security-conscious industries have held back from fully embracing cloud deployment for their core systems. But this is changing, albeit gradually.
In the Gartner® report ‘Buyer’s Guide for Fraud Detection in Banking’, which is available as a complimentary download from the Netacea website throughout October, we believe risk management leaders within banking who are on the market for fraud detection tools are advised to evaluate all deployment models with an open mind by assessing which aligns most strongly with organizational infrastructure strategy and which is best-placed to deliver cost-effective business benefits.
In this post, we give our insights from this report, focusing on the deployment choices available to banks.
Why have banks historically deployed their fraud prevention tools on-premise?
Security is still a top concern for organizations considering cloud deployment, with three out of four enterprises agreeing. It’s unsurprising that banks have erred on the side of caution when trusting transactional and customer data to infrastructure outside their own walls, with the level of regulation inherent to the industry.
Also, while cloud adoption has grown over the past decade, many banks originally deployed their fraud detection products over ten years ago. At that time, cloud wasn’t a viable deployment option, from both a security and latency perspective.
Additionally, banks have wanted to keep their fraud detection tools as close to their critical applications as possible to keep their most critical systems running smoothly – all of which would have been on-premise, going back to the 2010s or earlier.
Why should banks consider cloud or vendor-hosted fraud detection?
According to the Gartner® report, “the benefits of moving applications to the cloud that are relevant in any industry… are equally relevant to banking.” These include:
- Lower total cost of ownership (TCO)
- Ease of scalability
- More efficient maintenance and upgrades
- Speed of deployment
Most banks recognize these benefits and are moving many core applications ‘off-premise’ gradually, gaining confidence to migrate more systems over time. There’s also much more expertise available than before to ensure cloud-based projects are well executed with less risk.
It seems natural that, as core banking systems are moved into the cloud or the hands of vendors, so too can fraud detection solutions; keeping these tools on-premise no longer delivers latency benefits and can be more costly up-front when considering in-house staff, software licenses and maintaining or adding capacity to physical servers.
Weighing up fraud detection deployment options
The four most common deployment options available to banks considering fraud detection solutions are on-premise, private cloud, public cloud, and vendor-hosted.
On-premise
Managing everything in-house is the most expensive option initially, requiring hardware, specialist skills within organizations and dedicated resources to maintain. Scaling on-premise solutions later can also add complexity and cost. Deploying on-premise also takes the longest despite shortened internal due diligence processes. However, fees for ongoing services are typically less than that of vendor-hosted services.
Private and public cloud
The main difference between these options is that, while the bank manages the solution, the infrastructure is controlled either by the bank (private cloud) or a third party (public cloud). In terms of implementation cost, ongoing cost and time taken to deploy, both cloud options tend to sit between on-premise and vendor-hosted. Scaling up the infrastructure is also easier and cheaper in the cloud than on-premise.
Vendor-hosted
The upfront implementation cost and duration is typically much lower for vendor-hosted solutions, with all the hardware, expertise and software ready to go and easily scalable. This does mean a potentially higher ongoing cost in the form of the subscription fee, however.
What’s the best fraud detection solution deployment option for banks?
Although it made the most sense to stick to on-premise deployment of fraud detection tools in past years, today banks should be more open-minded about other options. Banks should weigh up each option considering total cost of ownership, scalability, maintenance and upgrades, and speed of deployment, and choose the option that performs best in the areas most vital to their strategy.
Thankfully most vendors can offer a range of deployment or integration options, depending on the existing tech stack and infrastructure.
The Gartner® report ‘Buyer’s Guide for Fraud Detection in Banking’ advises security and risk managers to “seek references from other clients that have deployed as you wish to, understanding any challenges faced and the benefits that were realized.”
Download the full report
Throughout October, access the complimentary Gartner® report ‘Buyer’s Guide for Fraud Detection in Banking’ from Netacea.
We believe this report recommends that security and risk managers responsible for fraud detection should:
- Identify drivers to make a solid business case
- Consolidate across products and channels by moving to customer-level fraud detection
- Evaluate deployment models with an open mind
- Seek clear differentiation between vendors with an effective RFP
- Understand the benefits and constraints of a POC project
Click here to download the report before it expires on October 31st.
Gartner, Buyer’s Guide for Fraud Detection in Banking, By Akif Khan, 11 January 2022
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Subscribe and stay updated
Insightful articles, data-driven research, and more cyber security focussed content to your inbox every week.
By registering, you confirm that you agree to Netacea's privacy policy.