The fight against cyberattacks is a top priority for financial institutions, and industry insiders are optimistic about President Obama's plan to thwart cyberattacks that lead to corporate account takeover and other forms of fraud.
You know the tune: Cyber thieves pirated the town's banking credentials, arranged some bogus "payroll transactions" with the town's bank and then next thing you know ... money mules are transferring funds to the Ukraine.
Emerging technology is often touted for enhancing security. But if not properly deployed and integrated, these technologies can hinder rather than improve security.
The Fed's ruling on interchange cuts mandated by the Durbin Amendment will aid fraud prevention and could accelerate a move to chip-based payments, says Randy Vanderhoof, director of the Smart Card Alliance.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
"Simple passwords alone do not provide sufficient commercially reasonable security," says Jim Payne of fraud victim Choice Escrow. "Where is the principle of doing what is right and just?"
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Authentication expert Steve Dispensa says banking institutions need to realign their authentication infrastructures to include a mix of in-band and out-of-band measures.
High-profile legal wrangles over ACH- and wire-related fraud remain at a standstill, despite the industry's ongoing discussions about corporate account takeover and how to fight it.
Bankers aren't waiting for the FFIEC to act on the release of its updated online authentication. Instead, they've already begun to comply with the major points recommended in the draft. And the death of Osama bin Laden has heightened concerns terrorists' efforts to launder money through legitimate banking channels.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.
ID fraud prevention requires partnership, and according to Javelin, the future of fraud-detection should be built around integrating a bank's back-end solutions with the fraud-prevention and detection solutions in which consumers are already investing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
