PostFinance banks on Splunk to improve fraud detection

When I’m thinking about Switzerland, I often think of the Swiss Alps, great chocolate and the famous Swiss army knife. The flexibility of the Swiss army knife reminds me how Swiss bank PostFinance is using the Splunk platform in multiple ways.

We say that Splunk is a SIEM and can fulfill all SIEM use cases but also Splunk is so much more – and PostFinance has proved it once again.


Splunk as a Fraud Platform

PostFinance is using Splunk for compliance and regulation, but beyond those traditional SIEM use cases they also use Splunk as fraud platform, using the insights to protect their customers’ bank accounts and digital payments. In their online banking portal alone they have over 1.6 million customers they have to protect. They are not just detecting and identifying new fraud patterns with Splunk, they are also operationalizing their fraud workflow which enables them to escalate issues to law enforcement and easily make all required details available.

For example, if they find out that their customers are being phished and sent to a fake online banking web portal, the online security team can mimic the actions of a customer to get more information. Each attack stage is monitored through Splunk Enterprise, providing details around the pattern of fraudulent activity. This allows them to identify attacked accounts and monitor activity in real time to determine whether further action is needed.


“Our use of the Splunk platform has grown dramatically and it is now an integral part of our IT operations, providing insights in areas from e-commerce to security and fraud. Ultimately, with Splunk Enterprise, we have improved the protection we offer our customers.”

Patrick Hoffman, Head of IT Infrastructure

Splunk as a Business Analytics Solution

In addition to the security use cases, the bank is also providing insights for its product management teams, so they can create customized offers to merchants or develop new products that better meet market requirements.

Learn more about Splunk @PostFinance

Want to learn more about the use of Splunk, which data sources they are feeding into the platform and the challenges they overcame?

Happy splunking,


Matthias Maier is Product Marketing Director at Splunk, as well as a technical evangelist in EMEA, responsible for communicating Splunk's go-to market strategy in the region. He works closely with customers to help them understand how machine data reveals new insights across application delivery, business analytics, IT operations, Internet of Things, and security and compliance. Matthias has a particular interest and expertise in security, and is the author of the Splunk App for IP Reputation. Previously, Matthias worked at TIBCO LogLogic and McAfee as a senior technical consultant. He is also a regular speaker at conferences on a range of enterprise technology topics.