After one commercial customer fell victim to corporate account takeover, this institution suffered significant losses and learned that legal disputes rarely favor the bank.
As the financial industry anxiously awaits the release of new online authentication guidance from the FFIEC, experts speculate about what steps banks and credit unions should be taking now to prepare.
In light of the pending update to the FFIEC's 2005 online authentication guidance, customer awareness is one area banks and credit unions should take very seriously, says Aite analyst Julie McNelley.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
High-profile legal wrangles over ACH- and wire-related fraud remain at a standstill, despite the industry's ongoing discussions about corporate account takeover and how to fight it.
SWIFT's Gottfried Leibbrandt says conflicting regulatory mandates could further fragment the international payments market, if banks and governments don't align their strategies. Communication among governments, regulators and global financial institutions is critical.
ThreatMetrix's Taussig says strong authentication should be part of every financial institution's layered security approach. And according to expected changes to the Federal Financial Institutions Examination Council's 2005 online authentication guidance, that means proven measures to enhance device identification.
Bankers aren't waiting for the FFIEC to act on the release of its updated online authentication. Instead, they've already begun to comply with the major points recommended in the draft. And the death of Osama bin Laden has heightened concerns terrorists' efforts to launder money through legitimate banking channels.
Gigi Hyland of the NCUA says the latest draft of online authentication guidance is awaiting final signoff from just one FFIEC member agency. And Verizon's new data breach report finds that compromised records resulting from data breaches dropped dramatically in 2010, but the number of breaches continues to grow.
Most small businesses don't understand online fraud risks, but greater communication between banks and commercial customers plays a key role in fraud deterrence and customer-relationship health.
It's been over three months since the accidental disclosure. When will the final FFIEC authentication update be released? "I don't think we're any less safe," says Gartner's Avivah Litan. "We just need to step up enforcements."
Gigi Hyland, board member of the National Credit Union Administration, says the latest draft of authentication guidance is awaiting final signoff from just one member agency of the Federal Financial Institutions Examination Council.
Ben Knieff, who oversees fraud prevention strategy for NICE Actimize, says most small businesses don't understand online fraud risks, but they are willing to work with banks to mitigate losses.
RSA executives haven't been commenting publicly since the security solutions vendor revealed last week it had been victimized by a sophisticated cyberattack aimed at its SecurID two-factor authentication product. But weeks before the hack, I spoke with RSA Chief Technology Officer Bret Hartman about advanced...
Fraud, risk management emerging technologies -- these issues know no boundaries. That's why we're launching a series of new international BankInfoSecurity sites to draw proper attention to local issues that impact the global banking industry.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.