The Dutch company that was deceived by hackers into issuing fraudulent digital certificates is liquidating its assets under the protection of a bankruptcy court in the Netherlands after failing to recover from the attack.
"We have this problem on the Internet, which is: How do I talk to someone I've never met before and know that they are who they say they are?" says Michael Smith of Akamai Technologies.
Most consumers understand the need for security on laptops and PCs. On mobile devices, the thinking is not the same. "Their behavior is much riskier," says Markus Jakobsson, online security expert.
Nessa Feddis of the ABA says increased investments in technology at the bank and consumer levels have fueled confidence in online banking. "I think the reason you see an uptick in use here is because the channel is more secure."
Layered security is one of the core tenets of the new FFIEC Authentication Guidance - and it's perhaps the most effective strategy for detecting and preventing banking fraud schemes. But what are some of today's most mature approaches to layered security, and how are banking institutions employing them to detect and...
Visa's introduction of chip-based payments incentives for U.S. merchants is enhancing dynamic authentication and expects to accelerate adoption of the EMV standard.
The bright spot is that 36 percent of the takeover incidents reported in 2010 were stopped before fraudulent funds transfers were approved. That's an improvement from 2009, when only 20 percent were thwarted.
"We face a broad threat ... and each consumer has to understand that their part in protecting both their own finances and the financial infrastructure, together, is a very large part," says Ian Harper, Pentagon Federal Credit Union.
As banks and credit unions assess online risk, in light of the updated guidance from the FFIEC, financial fraud analyst Tom Wills says they should consider mobile as a viable layer for out-of-band authentication.
A new twist in the ongoing online security battle between banks and their commercial customers was reported this week after a corporate account in Omaha, Neb., was hit with thousands in fraudulent ACH transactions.
This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
Eduardo Perez says, simply, the "time was right" for Visa's introduction of chip-based payments incentives for U.S. merchants. Visa's new mobile-to-EMV program offers PCI-audit-compliance waivers to qualified merchants who implement dual-interface contact and contactless acceptance.
Banking institutions have a lot to do in order to prepare for the Jan. 2012 deadline to conform with the new FFIEC authentication guidance, and former banking regulator William Henley has one, simple piece of advice: start now.
Anomaly detection and behavioral monitoring are minimum requirements or mitigating online risks, and the newly-issued supplement to the FFIEC Authentication Guidance highlights why banks and credit unions should be doing more, says Terry Austin of Guardian Analytics.
With the issuance of the final FFIEC Authentication Guidance, institutions need to start moving forward on conformance, and taking a risk-focused approach is the first step, says Matthew Speare, SVP of IT for M&T Bank Corp.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.