ThreatMetrix's Taussig says strong authentication should be part of every financial institution's layered security approach. And according to expected changes to the Federal Financial Institutions Examination Council's 2005 online authentication guidance, that means proven measures to enhance device identification.
When it comes to hot topics, they don't get hotter than authentication, cloud computing and IT governance - all of which I've discussed at length in recent interviews with industry thought-leaders. Let's review some highlights from these conversations.
"No one up here wants to stop Apple or Google from doing the incredible things that you do," Sen. Al Franken says. "What today is about is trying to find a balance between all of those wonderful benefits and the public's right to privacy."
Police and the U.S. Secret Service are now investigating a series of fraud incidents involving Chicago-area customers of the Michaels craft store chain, which appears to be another victim of POS device tampering.
Bankers aren't waiting for the FFIEC to act on the release of its updated online authentication. Instead, they've already begun to comply with the major points recommended in the draft. And the death of Osama bin Laden has heightened concerns terrorists' efforts to launder money through legitimate banking channels.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.
ID fraud prevention requires partnership, and according to Javelin, the future of fraud-detection should be built around integrating a bank's back-end solutions with the fraud-prevention and detection solutions in which consumers are already investing.
Cybersecurity threats are maturing, but information and risk management have yet to come of age for many Gulf countries. But this maturity must come soon, says Abbas Kudrati, head of information security at the eGovernment Authority of the Kingdom of Bahrain.
Kevin Sullivan spent months at Ground Zero after the 9/11 attacks on the World Trade Center. Now, post-Bin Laden, Sullivan says the 9/11 experience changed him both personally and professionally, and impacted how banking institutions view money laundering and BSA violations.
Experts warn of ingenious phishing attacks based on the latest news. "This is one of those rare opportunities that can build you a great list and a couple of zeros in your profit," one hacker is quoted as saying.
Sony says personal information from more than 100 million customer accounts has been breached. The information includes customers name, addresses, e-mail addresses, birth dates, gender, phone numbers, login names and hashed passwords.
From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.
Anti-money laundering expert Kevin Sullivan says that U.S. banking institutions should not take Osama bin Laden's death as a sign that they can let their AML and BSA screenings become more lax. "We have not defeated terrorism yet."