As more criminals target branch ATMs, industry experts wonder if links to insider fraud might not be to blame. Recent brazen attacks prove even in a bank or credit union lobby, ATM skimming can strike.
Emerging technology is often touted for enhancing security. But if not properly deployed and integrated, these technologies can hinder rather than improve security.
New mobile technology is behind a growing public concern about Internet security, says former Transportation Security Administration CISO Patricia Titus, who now holds the same post at Unisys.
"I think we'll see some additional investments in fraud prevention tools as a result, and it could be EMV tokens or neural networks," says Jim Schlegel of ACI Worldwide, following the Fed's move on debit interchange fees.
The Fed's ruling on interchange cuts mandated by the Durbin Amendment will aid fraud prevention and could accelerate a move to chip-based payments, says Randy Vanderhoof, director of the Smart Card Alliance.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Gartner's Avivah Litan says regulators have done a nice job of emphasizing why and how banks and credit unions need to implement layered security that adequately addresses online risks. But the guidance falls short...
We all know, as a result of recent breaches, Sony is in the market for a security leader. I reached out to some hiring managers and asked them: What would you look for in Sony's first CISO?
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
For all the latest news and views, please visit the FFIEC Authentication Guidance Resource Center.
Aite's Julie McNelley says the final FFIEC online authentication guidance offers greater detail in areas such as layered security, but that institutions have much to do to prepare for regulatory assessments in 2012.
The new virtualization guidance issued by the PCI Security Standards Council urges organizations to take a risk-based approach when dealing with virtualization methods, especially within cardholder data environments.
"Most convenience stores are concerned about pay-at-the-pump skimming. But they can only focus on so much," says Gray Taylor, a security and compliance expert with the National Association of Convenience Stores.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.