Blog article
See all stories »

A Call to Action on cybercrime!

Two interesting stats have caught my eye this week:

  • Cybercrime has now become the second most commonly reported economic crime affecting companies in the financial services sector (PWC)

While counter-fraud groups such as the NFA’s ‘Fighting Fraud Together’ and Get Safe Online are a positive step, and while it’s good to hear yesterday that the European Commission is going ahead with plans for a Cyber Crime Centre, what’s striking to me is the sense of “c’est la vie” that was picked up by PWC when it conducted the research.

There still seems to be a certain acceptance amongst commerce and financial services in particular concerning fraud and cybercrime, a cost of doing business, so to speak. What the figures from PWC show is that criminal methodologies around fraud are changing and that cyber attack is now the modus operandi, and that the criminals are successful on a massive scale. This NFA report is clearly a call to action.

Financial services firms’ fraud strategies need to take into account a “zero tolerance” approach to fraud. The amount of data attractive to cyber criminals is only going to increase as the use of apps, mobile wallets and online and mobile banking channels are used more and more by both consumers and businesses.

Security mechanisms must be robust enough to deal with the latest techniques an the only means of securing against cyber-based attacks is to take a multi-factor, multi-layer, out of band (OOB) approach, and, to my mind, one of these factors should be voice biometrics. This is something that we’re beginning to see happen, but as both of these stats show, there is still some way to go and time is not on our side.


Comments: (5)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 03 April, 2012, 16:13Be the first to give this comment the thumbs up 0 likes

Unfortunately, the multifactor-multilayer-outofband troika for ensuring security increases friction so much so that shopping cart abandonments and false positives arguably impact online merchants as adversely as fraud does. This might explain their C'est La Vie attitude to such reports. Besides, Amazon, and most other ecommerce giants in the US don't even use VbV and other singlelayer-inband measures and I'm yet to come across a single report that suggests that they suffer greater fraud loss as a percentage of their revenues as compared to merchants in many other countries who do. 

Pat Carroll
Pat Carroll - ValidSoft - London 04 April, 2012, 11:31Be the first to give this comment the thumbs up 0 likes

Thanks for your comment Ketharaman. I agree with you in that using traditional methods to try and achieve multi-factor authentication would increase friction and cause more inconvenience than is necessary. However, technology exists to enable some of the layers to be invisible and the customer may not even be aware that strong authentication has occurred in a totally privacy-sensitive manner.

For example, as mentioned in my latest blog, Proximity Correlation Logic is a technology based on the fact that your phone is likely to be near you when you’re making a transaction. It can detect whether your phone is in the area of the origination point of a transaction, without compromising on your privacy as it is not using a Location Based Service.

Incorporating visible and invisible layers of authentication makes the process sufficiently strong and at the same time, user-friendly.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 04 April, 2012, 17:38Be the first to give this comment the thumbs up 0 likes

@Pat C:

Thank you for your clarifications. I agree with you that technology can make certain layers invisible, reducing some of the friction as a result. I happen to read an article in Inc. earlier today, according to which the #1 consequence of identity theft in five out of the last five years is account hijacking. I don't know how effective any amount of transaction level security can be against such a threat vector. So, my point re. fraud loss as a percentage of revenue still remains. 

Pat Carroll
Pat Carroll - ValidSoft - London 05 April, 2012, 09:42Be the first to give this comment the thumbs up 0 likes

Ketharaman as you have correctly highlighted, determined criminals will always find ways to out-smart technology for their own gains. We have to work on the premise that we can’t stop them from stealing individuals’ information, but what we can do is stop them from being able to use it when it comes to electronic financial transactions. The real-time technology that I have previously described can prevent the crime occurring - ipso facto fraud loss as a percentage of crime will decrease. Furthermore, this technology will be able to eliminate the false positives, which is where the real costs are incurred.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 05 April, 2012, 13:56Be the first to give this comment the thumbs up 0 likes

@Pat C:

Thanks again for the clarification. If someone hijacks my account, I thought they effectively have access to all my credentials that really matter. So, unless I'm missing something here, shouldn't transactions initiated by them appear genuine to everyone (except me)? In other words, how can technology stop them from using their ill-begotten access rights?

All through the past 8-10 years, vendors have claimed that their security technologies would inevitably cut down fraud losses as a percentage of revenues. However, I feel that the utter lack of empirical evidence to prove their claims has made a lot of online merchants quite skeptical about any future claims. On the other hand, the potential loss of revenue they suffer every day from shopping cart abandonment and false positives is very real.

Pat Carroll

Pat Carroll

Founder/Executive Chairman


Member since

17 Mar 2011



Blog posts




More from Pat

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all