Fraud today is global. The same problems happening in the U.S. are simultaneously occurring in other parts of the world. For interested job seekers, there's never been a better time to enter the fraud examiner profession.
BITS, part of The Financial Services Roundtable, in a new report about malware says cyberthreats are evolving, and institutions must collaborate with customers to keep up with evolving risks.
Multifactor authentication and layered security are steps financial institutions should take to protect their customers. But certain strategies are more problematic than successful when it comes to preventing fraud.
Despite increased incidents, major U.S. card issuers receive poor marks for card fraud prevention, according to a new study from Javelin Strategy & Research. The biggest area of concern: card-not-present fraud.
"I think we'll see some additional investments in fraud prevention tools as a result, and it could be EMV tokens or neural networks," says Jim Schlegel of ACI Worldwide, following the Fed's move on debit interchange fees.
Jeff Kopchik of the FDIC says too much emphasis on what's "missing" from the FFIEC's new guidance detracts from regulators' intent: providing financial institutions with a guideline for securing online transactions.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.
The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' expectations regarding customer authentication, layered security, or other controls in the increasingly hostile online environment.
Dave Jevans of the Anti-Phishing Working Group says most U.S. banking institutions are ill-equipped to fight 2011's latest and greatest security threats, including automated malware.
"Simple passwords alone do not provide sufficient commercially reasonable security," says Jim Payne of fraud victim Choice Escrow. "Where is the principle of doing what is right and just?"
Six months after Michigan-based Experi-Metal Inc. sued Comerica Bank after a breach that resulted in $1.9 million in ACH and wire fraud, a U.S. District Court has favored the commercial customer.
Information Security Media Group announces the launch of FFIEC Authentication Guidance, a resource center dedicated to providing in-depth news and views on the pending online authentication guidance.
"I'd like to make sure our recommendations fit with what the FFIEC is recommending, to continue to help us mitigate risk," says Michael J. Wyffels, SVP and CTO of QCR Holdings Inc. "But the hackers seem to continue to find new ways to exploit vulnerabilities."
Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.