Multifactor authentication and layered security are steps financial institutions should take to protect their customers. But certain strategies are more problematic than successful when it comes to preventing fraud.
RSA customers who feel victimized by last March's breach of the security vendor's computers have viable options that include continued use of the SecurID authentication tokens, those offered by competitors, or something entirely different: biometrics.
Despite increased incidents, major U.S. card issuers receive poor marks for card fraud prevention, according to a new study from Javelin Strategy & Research. The biggest area of concern: card-not-present fraud.
"I think we'll see some additional investments in fraud prevention tools as a result, and it could be EMV tokens or neural networks," says Jim Schlegel of ACI Worldwide, following the Fed's move on debit interchange fees.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Victimized by a hack of its SecurID authentication token that resulted in the breaches of several customers' IT systems, security maker RSA is expected to announce its first chief security officer as early as Friday.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
SWIFT's Gottfried Leibbrandt says conflicting regulatory mandates could further fragment the international payments market, if banks and governments don't align their strategies. Communication among governments, regulators and global financial institutions is critical.