Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Profile
Location
Tel Aviv
Member since
2008
Writes about
Security Payments Regulation & Compliance Retail banking Financial Crime

Uri's blog archive

2020 (4) 2019 (1) 2018 (4) 2015 (1) 2014 (2) 2013 (6) 2012 (6) 2011 (5) 2010 (28) 2009 (16) 2008 (14)
The Joy of Fraud Fighting
Uri Rivner

Uri Rivner

Chief Cyber Officer at BioCatch
Message Message me Posts: 87 Comments: 37
Bio Internet. The perfect fraud frontier. These are the thoughts of Uri Rivner, Chief Cyber Officer at BioCatch and formerly Head of new technologies, identity protection, at RSA. His continuing mission: To explore strange new cybercrime methods... To seek out new ways Career History Hi. My name is Uri, and I am addicted to fighting Cybercrime. It's been 18 years since I was doing something else. Cannot remember what it was.

Blogs

Fintech

The Gig Economy and the case of Split Identities

12 Jul 2020

The gig economy is exploding these days, especially in the wake of the global virus outbreak. According to the Bureau of Labor projections, the portion of gig economy workers will increase to 43% in 2020. Among millennials, 40% have identified as participating in the gig economy. Gig economy means transitory jobs. Rideshare drivers, work-from-home...

Online Banking

7 Cybercrime predictions for a global virus outbreak

29 Apr 2020

If I had to pick one community that is definitely going to thrive during a global virus outbreak, it's online fraudsters. Check out these seven predictions about incoming cyber crime... An unprecedented global virus outbreak is just what the cyberfraudster ordered. Confusion, chaos, and abrupt changes in digital user behavior can help the sharp-min...

Online Banking

Zelle P2P Fraud: You Ain’t Seen Nothing Yet...

24 Apr 2020

Zelle Fraud: You Ain’t Seen Nothing Yet… If you live in the US, you probably already use Zelle. Zelle is super awesome. It's sleek, real-time, and allows you to pay instantly to anyone with an email or phone number directly from your bank account - with zero commission. And it also attracts criminals like bees to honey. Banks that have launched Zel...

2

Online Banking

Social distancing changes our digital behaviors

26 Mar 2020

As the Coronavirus outbreak spreads globally, users are beginning to change their digital behaviors. One emerging trend, not surprisingly, is an increase in the use of Remote Access. Criminals consider RATs - Remote Access Tools - as the perfect cloaking device: it allows them to operate from within the user’s trusted device, gain access from the u...

See all Uri's blogs

Uri is Commenting on

Zelle P2P Fraud: You Ain’t Seen Nothing Yet...

  Hi Ketharaman - thanks for the comment! You're right that UX consistency is important. However today there are a lot of controls in place that disrupt the UX due to all sort of security and risk policies: you're accessing from a new and untrused device, or from out of the country, or you're moving much more than you normally do (well, in these troubled times of social distancing moving irregular sums of money online for the first time is actually pretty expected as you cannot use checks or cash). In those cases there is a 'user escalation' - a transaction can be blocked, or you might need to approve it using a one time code, or someone from the bank may need to contact you. These user escalations are normally not very effective: criminals find ways around them, and honest people just get bothered. The idea of using invisible layers of visibility such as device intelligence and behavioral biometrics is to get a firm understanding of whether this activity is good or bad without any change to the UX. So, completely friction free. This can over-ride more crude controls and actually improve the UX, and it's also much more effective in terms of catching fraud.  With regards to APP fraud, the banks are now using a clever combination of payee name verification, device intelligence, behavioral biometrics and risk-based messaging to the users, in addition to education. It's always a mix of controls and technology that can fight sophisticated attacks...

27 Apr 2020 Reply Read article

Hackers behind billion dollar SpyEye malware jailed

  Hats off for the FBI, Justice Dept. and international law enforcement. SpyEye was a gargantuan operation and the arrest of Harderman made more ripples in the fraud underground than any prior hit on key members of the dark economy. Panin did have a gift for designing sleek UIs, though, and paved the way to a lot of modern Trojans with groovy graphics. Anyway - well done, folks.

21 Apr 2016 Reply Read article

Brazil vs. Germany: A Surprising Find

  Forgot to mention: my colleague Oren Kedem added some other findings in a Dark Reading article: http://www.darkreading.com/while-brazilians-watch-world-cup-bank-fraudsters-are-at-work/d/d-id/1297223

12 Jul 2014 Reply Read article

Santander has UK's weakest online banking security - Which?

  Agree with the comments. I recently blogged about this...  https://www.finextra.com/blogs/fullblog.aspx?blogid=8133 Bottom line: security must be balanced with usability, otherwise it defeats its purpose. Having too much security is like having a car with breaks that won't let you move much. You'll say thank you very much, and just pick up another car. I call it 'choosing the path of least security' which is our human nature, as opposed to the implied conclusion in the WHICH report which is that people appreciate security much more than they appreciate ease of use. 

30 Sep 2013 Reply Read article