Strong authentication, using both fact-based and behavioral-based fraud detection solutions, should be part of every financial institution's layered security approach, says Reed Taussig, CEO of ThreatMetrix.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
As emerging technologies such as cloud computing and mobile banking become the norm, the FDIC's Donald Saxinger says vendor management programs must specifically address the outside risks posed by working with non-traditional financial services providers.
In light of the pending update to the FFIEC's 2005 online authentication guidance, customer awareness is one area banks and credit unions should take very seriously, says Aite analyst Julie McNelley.
Strong authentication should be part of every financial institution's layered security approach, and that means implementing proven measures to enhance device identification.
It's been nearly two years now since the corporate account takeover spree began. So, what exactly are the courts, institutions and the financial services industry doing today to prevent further incidents of fraud?
BITS and the ABA are interested in managing future domains affiliated with bank brands and financial interests. If approved, their domain oversight would allow them to control certain domain names registrations.
In the wake of recent data breaches, industry experts fear that consumers and employees alike will start exhibiting signs of "breach fatigue" and treat such incidents apathetically. Here are tips for how to ward off apathy.
The Do-Not-Track Online Act of 2011 would obligate online companies to honor consumer choice when consumers do not want anyone to collect information about their online activities.
ID fraud prevention requires partnership, and according to Javelin, the future of fraud-detection should be built around integrating a bank's back-end solutions with the fraud-prevention and detection solutions in which consumers are already investing.
FDIC warns of phishy e-mails hitting business owners. The fraudulent e-mails purport to be from the banking regulator, claiming to have important information about business bank accounts.
In the absence of the FFIEC's new guidance, industry experts say banks need to act now to help mitigate online risks associated with commercial accounts. "You can be sure the attacks won't abate until banks fight back," says Gartner's Avivah Litan.
Between March 2010 and April 2011, 20 incidents of wire fraud hit small and mid-sized U.S. businesses. All of the transactions involved payments routed to Chinese economic and trade companies located near the Russian border.
A U.S.-based hacker just pleaded guilty to stealing more than 675,000 credit cards that led to more than $36 million in fraud. "These SQL injections are allowing someone in through the side fence, not the front door," says information security attorney Randy Sabett.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
