Banking on a holistic approach to combating financial crime
Fraud and financial crime are growing substantially in their nature and complexity as we continue to evolve into an ever more connected world. New technologies, particularly the spread of mobile devices, have opened up different avenues of attack for technically sophisticated and well organised gangs of fraudsters and criminals. The social and economic costs of organised crime in the UK alone are estimated to be £24bn, of which £8.9bn are associated with fraud.
Cyber-security top issue for systemic risk says DTCC
Greater information sharing and closer collaboration between the public and private sectors are needed to combat cyber-attacks, which are now the principal concern of the financial services industry, according to the DTCC. A top priority should be the creation of global industry working groups to engage with national regulators on the development of cyber-security regulations that address the real-time and evolving nature of cyber-threats.
How to fight cyber crime
The recent nomination of the British Banker’s Association as an intelligence node and source of benchmarks and practices in the UK’s financial infrastructure, via CBEST, has pushed the role of the banking sector in detecting and remediating breaches into the spotlight. So what can banks do to ensure their cyber defences are up to the task?
Why security strategies must adapt to the retail banking revolution
As banks develop new retail styles, they face new security challenges as the changing use of space in-store means surveillance and alarm systems must evolve in tandem.
Microsoft fights cyber crime with pilot project
Microsoft has begun a joint pilot project with the Financial Services Information Sharing and Analysis Centre (FS-Isac) to tackle financially-motivated cyber crime attacks, which are estimated to cost $100 billion a year in the US alone.
‘Pernicious disease’ of cyber war escalates
While the average bank heist averages $6000, a cyber-thief can make off with millions. Last year 552 million identities were breached, while every call about a compromised credit card costs a bank $4.
Banks’ cyber resilience requires ongoing review against escalating threats
The news last month (June) that the Luuuk malware had snared its first victim, an unnamed European bank, has again highlighted the magnitude of the challenge facing the banking sector. While the reported theft of €500,000 during the course of a week certainly does not break any records, the discovery of what is believed to be a variant of the feared Zeus malware, is just the latest in a line of increasingly sophisticated cyber attacks
Dispelling the myths surrounding voice biometrics
With passwords continuing to attract widespread derision from consumers it seems that businesses are starting to listen to their customers and in recent weeks voice biometrics has been hitting the headlines, as the technology is set to replace the bane of so many people’s lives.
Bank of England CIO: ‘think twice about cost, security, data sovereignty in the cloud’
Firms looking to adopt cloud-based services should consider the security and data privacy implications associated with moving critical systems into the cloud, and not let vendors drive their technology strategies for them, according to Bank of England CIO John Finch.
Financial services in the firing line for cyber-attacks says ex-CIA chief
“The fastest growing national security threat facing the [US], which also happens to face the financial services industry, is cyber-espionage, cyber-crime and cyber-terrorism” according to a former deputy and acting director of the Central Intelligence Agency, speaking at the SifmaTech conference in New York.
Waratek wraps vulnerable Java code in security blanket
Specialist Java start-up Waratek has announced a security product intended to protect older Java code – which can contain five to 10 security vulnerabilities per 10,000 lines of code – from security breaches.
Tokenisation may offer antidote to soaring cyber crime epidemic
As the number of cybercrime incidents increases, financial institutions and their corporate customers should take renewed steps to protect their data – including using tokenisation and hosted payments pages, according to a new report by Chase Paymentech.
Account misuse drives rise in UK fraud levels
Bank account fraud in the UK increased 48% in the first four months of this year, with a 57% rise in the number of identity frauds compared to the same period last year.
Mobile payment security will depend on using the ‘smart’ in smartphone
Confusion and concern over security is cited over and over again as the biggest barrier to widespread consumer uptake of mobile payments. And no wonder – confidence in the protection of sensitive cardholder data lies at the heart of trust in this technology. An EMV card as a physical asset is cryptographically secure. How can we emulate this security with something that is virtual?
Credit where it’s due – why the Singapore regulator has it right on security
What does the Monetary Authority of Singapore have to do with virtualised data centres and cloud computing? Security measures that, among other policies, go a long way toward preventing attacks by rogue operators working on the inside, for one thing.
Why banks need a chief mobility officer
Mobility has risen to such a level of importance that many people believe it deserves its own C-level position to advance and align mobility strategy throughout the enterprise. In no other industry is this more pressing than in banking where financial institutions are increasingly using mobile apps to set themselves apart from their rivals.
Why Yahoo’s malware attack is hitting banks hard
At the end of last year, Yahoo was hit by a malware attack. It affected over two million clients, mainly in Romania, Great Britain, France, Italy and Spain, putting their personal data at risk. Upon visiting the website between 27 December and 3 January, users received advertisements, some of which were malicious and infected users’ devices without even a click.
Mobile vulnerabilities require banking apps rethink
Concerns are emerging over the failure of some mobile banking providers to address security risks. According to a recent review of 40 home banking apps from the world’s top 60 banks, nine out of ten apps had serious security vulnerabilities.
2014: a good year for the fraudsters
2014 looks to be a good year for fraudsters as government and law enforcement struggle to come to terms with the issues and the continuing spread of mobile continues to offer them poorly-protected targets.
Global exchanges get together to address cyber threat
The World Federation of Exchanges has set up a Cyber Security Working Group with a “mission to aid in the protection of the global capital markets” in the wake of a number of attacks on international exchanges over the past few years.
NCR makes “fundamental” changes to financial services business
NCR is “fundamentally and permanently changing” financial services its financial services business with a £1.6 billion acquisition of Digital Insight, a Californian on-line and mobile banking solutions provider. It has also bought UK-based fraud prevention company Alaric.
European Central Bank seeks comment on mobile security proposals
A draft set of 14 recommendations to promote the security of mobile payments has been published by the European Central Bank for public consultation.
Cyberspace: beyond the rule of law?
Cybersecurity and cyber espionage have been in the headlines the past few years as leaked stories relating to government-sponsored activities have appeared and sabre rattling between aggrieved nations has moved to the public domain. At the same time an increased volume of distributed denial of service attacks (DDoS) on banks and other institutions carried out […]
Money2020: Cybercrime threat will demand application of new defences
Basic security mechanisms in payment and banking systems are poorly applied and are out-gunned by the resources available to cybercriminals, a session at the Money2020 event in Las Vegas was told.
More collaboration ahead, says Swift’s Leibbrandt
Front and centre of the agenda that Swift set out at the beginning of this week’s Sibos is the concept of collaboration and cooperation – a perennial theme for Swift, but Leibbrandt told Daily News at Sibos there is a change in the air.
MPs call on banks to report electronic crime direct to police
Banks should report all cases of fraud to law enforcement agencies and punishments should be substantially increased, according to a committee of MPs.
Four steps for denying DDoS attacks
Financial institutions have been battling waves of large distributed denial of service attacks since early 2012. Many of these attacks have been the work of a group called the Qassam Cyber Fighters, which until recently posted weekly updates on Pastebin about the reasons behind its attacks.
Reducing threats to availability in the banking sector
The financial services sector’s growing interdependence between internet-accessible clearing and transaction processing infrastructure means that a successful DDoS attack can have far reaching consequences, such as customer dissatisfaction and loss of trust, brand damage, increased operating costs and lost revenue to name just a few.
Safeguarding the banks: the challenging role of the security manager
Responsible for protecting people and assets across single or multiple countries in a range of different environments, the role of security manager in the finance industry is not for the faint hearted.
The next big revolution in retail banking is sitting in the palm of your hand
Retail banking is changing through many external forces. The on-going global financial crisis has impacted the regulation surrounding the banking industry, but there are other factors changing the environment banks find themselves operating in.
Mobile account takeover: when device ID isn’t enough
Protect your transactions! Protect your login! Protect your mobile channel! Protect your end users! A layered security architecture is now standard for most organisations. The problem, however, with many of today’s layered security solutions is that they do not correlate information between the various layers (security risks, suspicious events, fraud indicators etc.) and thus fail to see the big picture.
Alaric hires Jan Rees as account manager
Fraud and payments specialist Alaric has hired Jan Rees as account manager to look after customers across EMEA and the Americas. Rees has more than 20 years’ experience in the payments space, including roles at S1, Wincor Nixdorf, Level Four and Logica (now CGI). For the past year he has been working on a consultancy […]
Data protection: the next Y2K?
Transatlantic friction over data protection isn’t exactly a new problem – the industry has been faced with pending regulations for over a decade, but the conflicting demands of European data privacy and US intelligence gathering legislation are coming together to make the issue a serious problem for banking technologists.
Commerzbank adopts visual security tool for mobile payments
Germany’s Commerzbank has adopted a visual transaction signing tool from British security firm Cronto for its online banking customers, designed to protect against Trojan malware.
Mobile security: a moving target …
Mobile and NFC payment technologies have been on the rise in recent years. But with many merchants and retail outlets still reluctant to invest in the new technologies, and with the rise of fraud in existing solutions, industry participants are divided over how and whether the technology will ever gain widespread acceptance in developed markets.