Cybersecurity

Banks’ cyber resilience requires ongoing review against escalating threats

The news last month (June) that the Luuuk malware had snared its first victim, an unnamed European bank, has again highlighted the magnitude of the challenge facing the banking sector. While the reported theft of €500,000 during the course of a week certainly does not break any records, the discovery of what is believed to be a variant of the feared Zeus malware, is just the latest in a line of increasingly sophisticated cyber attacks

Dispelling the myths surrounding voice biometrics

With passwords continuing to attract widespread derision from consumers it seems that businesses are starting to listen to their customers and in recent weeks voice biometrics has been hitting the headlines, as the technology is set to replace the bane of so many people’s lives.

Bank of England CIO: ‘think twice about cost, security, data sovereignty in the cloud’

Firms looking to adopt cloud-based services should consider the security and data privacy implications associated with moving critical systems into the cloud, and not let vendors drive their technology strategies for them, according to Bank of England CIO John Finch.

Financial services in the firing line for cyber-attacks says ex-CIA chief

“The fastest growing national security threat facing the [US], which also happens to face the financial services industry, is cyber-espionage, cyber-crime and cyber-terrorism” according to a former deputy and acting director of the Central Intelligence Agency, speaking at the SifmaTech conference in New York.

Waratek wraps vulnerable Java code in security blanket

Specialist Java start-up Waratek has announced a security product intended to protect older Java code – which can contain five to 10 security vulnerabilities per 10,000 lines of code – from security breaches.

Bank of England tackles “critical” cybercrime attacks

A major new effort spearheaded by the Bank of England and the UK Treasury has been launched to shore up the cyber defences of the UK financial services industry, amid rising concerns that testing has exposed serious unaddressed weaknesses.

Tokenisation may offer antidote to soaring cyber crime epidemic

As the number of cybercrime incidents increases, financial institutions and their corporate customers should take renewed steps to protect their data – including using tokenisation and hosted payments pages, according to a new report by Chase Paymentech.

Account misuse drives rise in UK fraud levels

Bank account fraud in the UK increased 48% in the first four months of this year, with a 57% rise in the number of identity frauds compared to the same period last year.

Mobile payment security will depend on using the ‘smart’ in smartphone

Confusion and concern over security is cited over and over again as the biggest barrier to widespread consumer uptake of mobile payments. And no wonder – confidence in the protection of sensitive cardholder data lies at the heart of trust in this technology. An EMV card as a physical asset is cryptographically secure. How can we emulate this security with something that is virtual?

Credit where it’s due – why the Singapore regulator has it right on security

What does the Monetary Authority of Singapore have to do with virtualised data centres and cloud computing? Security measures that, among other policies, go a long way toward preventing attacks by rogue operators working on the inside, for one thing.

Why banks need a chief mobility officer

Mobility has risen to such a level of importance that many people believe it deserves its own C-level position to advance and align mobility strategy throughout the enterprise. In no other industry is this more pressing than in banking where financial institutions are increasingly using mobile apps to set themselves apart from their rivals.

Why Yahoo’s malware attack is hitting banks hard

At the end of last year, Yahoo was hit by a malware attack. It affected over two million clients, mainly in Romania, Great Britain, France, Italy and Spain, putting their personal data at risk. Upon visiting the website between 27 December and 3 January, users received advertisements, some of which were malicious and infected users’ devices without even a click.

Getin goes for biometric signature verification in virtual branch roll-out

Poland’s Getin Bank has implemented biometric signature verification in a roll-out of unstaffed remote branches using Virtual Teller Machines under its Getin Point brand. The technology allows customers to carry out banking tasks that require a signature without having to go to a traditional branch.

Mobile vulnerabilities require banking apps rethink

Concerns are emerging over the failure of some mobile banking providers to address security risks. According to a recent review of 40 home banking apps from the world’s top 60 banks, nine out of ten apps had serious security vulnerabilities.

2014: a good year for the fraudsters

2014 looks to be a good year for fraudsters as government and law enforcement struggle to come to terms with the issues and the continuing spread of mobile continues to offer them poorly-protected targets.

Global exchanges get together to address cyber threat

The World Federation of Exchanges has set up a Cyber Security Working Group with a “mission to aid in the protection of the global capital markets” in the wake of a number of attacks on international exchanges over the past few years.

NCR makes “fundamental” changes to financial services business

NCR is “fundamentally and permanently changing” financial services its financial services business with a £1.6 billion acquisition of Digital Insight, a Californian on-line and mobile banking solutions provider. It has also bought UK-based fraud prevention company Alaric.

European Central Bank seeks comment on mobile security proposals

A draft set of 14 recommendations to promote the security of mobile payments has been published by the European Central Bank for public consultation.

Cyberspace: beyond the rule of law?

Cybersecurity and cyber espionage have been in the headlines the past few years as leaked stories relating to government-sponsored activities have appeared and sabre rattling between aggrieved nations has moved to the public domain. At the same time an increased volume of distributed denial of service attacks (DDoS) on banks and other institutions carried out […]

Money2020: Cybercrime threat will demand application of new defences

Basic security mechanisms in payment and banking systems are poorly applied and are out-gunned by the resources available to cybercriminals, a session at the Money2020 event in Las Vegas was told.

More collaboration ahead, says Swift’s Leibbrandt

Front and centre of the agenda that Swift set out at the beginning of this week’s Sibos is the concept of collaboration and cooperation – a perennial theme for Swift, but Leibbrandt told Daily News at Sibos there is a change in the air.

Data protection compliance: the biggest hurdle facing the back office?

In an effort to improve the protection offered to consumers, and to harmonise data practices, the EU is currently in the process of passing two pieces of legislation: the Cybercrime Directive and the General Data Protection Regulation (GDPR). Few people have given much thought to how these will align with international financial regulation.

MPs call on banks to report electronic crime direct to police

Banks should report all cases of fraud to law enforcement agencies and punishments should be substantially increased, according to a committee of MPs.

Four steps for denying DDoS attacks

Financial institutions have been battling waves of large distributed denial of service attacks since early 2012. Many of these attacks have been the work of a group called the Qassam Cyber Fighters, which until recently posted weekly updates on Pastebin about the reasons behind its attacks.

Reducing threats to availability in the banking sector

The financial services sector’s growing interdependence between internet-accessible clearing and transaction processing infrastructure means that a successful DDoS attack can have far reaching consequences, such as customer dissatisfaction and loss of trust, brand damage, increased operating costs and lost revenue to name just a few.

Safeguarding the banks: the challenging role of the security manager

Responsible for protecting people and assets across single or multiple countries in a range of different environments, the role of security manager in the finance industry is not for the faint hearted.

Swift Innotribe names Singapore startup challenge finalists

Swift’s innovation-focused spin-off Innotribe has announced the five Singapore finalists for its global startup challenge, which aims to help innovative new companies in financial services to develop their ideas and transform them into working businesses.

The next big revolution in retail banking is sitting in the palm of your hand

Retail banking is changing through many external forces. The on-going global financial crisis has impacted the regulation surrounding the banking industry, but there are other factors changing the environment banks find themselves operating in.

Mobile account takeover: when device ID isn’t enough

Protect your transactions! Protect your login! Protect your mobile channel! Protect your end users! A layered security architecture is now standard for most organisations. The problem, however, with many of today’s layered security solutions is that they do not correlate information between the various layers (security risks, suspicious events, fraud indicators etc.) and thus fail to see the big picture.

Alaric hires Jan Rees as account manager

Fraud and payments specialist Alaric has hired Jan Rees as account manager to look after customers across EMEA and the Americas. Rees has more than 20 years’ experience in the payments space, including roles at S1, Wincor Nixdorf, Level Four and Logica (now CGI). For the past year he has been working on a consultancy […]

Data protection: the next Y2K?

Transatlantic friction over data protection isn’t exactly a new problem – the industry has been faced with pending regulations for over a decade, but the conflicting demands of European data privacy and US intelligence gathering legislation are coming together to make the issue a serious problem for banking technologists.

Commerzbank adopts visual security tool for mobile payments

Germany’s Commerzbank has adopted a visual transaction signing tool from British security firm Cronto for its online banking customers, designed to protect against Trojan malware.

Finalists named for London banking ideas challenge

Seven innovative start-up companies have been chosen to take part in a major new London-based project that aims to bolster advanced technologies in financial services. The seven firms will participate in a twelve-week programme in which they will gain support from the major banks and gather interest from venture capitalists and investors.

Mobile security: a moving target …

Mobile and NFC payment technologies have been on the rise in recent years. But with many merchants and retail outlets still reluctant to invest in the new technologies, and with the rise of fraud in existing solutions, industry participants are divided over how and whether the technology will ever gain widespread acceptance in developed markets.

White paper: Redefining banking for the digital future

Learn how to harness digital-first, on-demand banking to increase bottom lines.

Top stories

The hottest news this week

Media Packs

FinTech Futures Media Pack

FinTech Futures Spotlight Media Pack

Video: Banking in 2024 – the key digital transformation trends shaping the industry

Webinar | 5 March 2024 | Banking in 2024: The key digital transformation trends shaping the industry

The essential buyer’s guide for risk orchestration software

Report: The state of AI in banking, featuring research from Forrester

How to choose the right 3D Secure software – an issuer’s guide

2024 Document Fraud Report

The State of AI in Enablement: 2023 Report

2023 Mobile Banking Heists Report

Banking Technology Magazine April 2024 issue out now

Upcoming events

Banking Tech Awards USA 2024

PayTech Awards 2024

Banking Tech Awards 2024

PayTech Awards USA 2024

Banking Tech Insights

What the FinTech? | S.5 Episode 6 | How Santander created Gravity – its in-house core banking platform

Demystify Podcast: Breaking the mould in banking technology with SaaScada

What the FinTech? | S.5 Episode 5 | Blockchain, CBDCs and programmable payments

Demystify Podcast: Fintech partnerships with Sam Everington of Engine by Starling and Carlton Hopper of GFT

FinTech Founders Video: how to forge successful fintech partnerships

FinTech Founders Video: embracing diversity, equity and inclusion

Video: Chipper Cash at FinovateEurope 2024 – How Africa’s growing middle market is finding power in payments

Video: Symend at Fintech Meetup 2024 – Putting an end to “zombie engagement”

Video: How SOLO is scaling trust by replacing self-reporting

OakNorth launches SMB commercial cards with Marqeta platform

Wealthtech Midas raises $45m Series A to launch new product trio

Miracles on minimum wage

OakNorth launches SMB commercial cards with Marqeta platform

Wealthtech Midas raises $45m Series A to launch new product trio

Miracles on minimum wage

Temenos concludes CEO search with appointment of Jean-Pierre Brulard

Axis Bank taps Moneythor for digital engagement solution

UK regtech ComplyAdvantage snaps up Golden to strengthen financial crime intelligence offering

Luxembourg’s NowCM names Markus Sauerland as new COO and co-CEO

Jordan Kuwait Bank digitises transaction banking functions with iGTB platform