Blog article
See all stories »

An article relating to this blog post on Finextra:

Nasdaq and major banks the victims as five indicted for largest known cyber breach

US lawmakers have charged five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers and resulted in...


See article

USD300million and rising, will security catch-up?

The breaking news from the US indicating that over 160million credit and debit card numbers have been stolen, whilst not unpredictable, is still quite staggering. Early estimates suggest around $300 million dollars has been stolen, but this figure looks likely to increase dramatically.

It appears that a group of criminals utilising malware to infiltrate large US companies and over time steal payment related data, which then was passed onto a second group who inserted this data on to magnetic stripes to clone bank cards, and completed the fraudulent transactions by either withdrawing cash from ATMs or making purchases.

Securing data is now at the forefront of many financial institutions minds, and as the methods by which hackers compromise our personal information becomes more sophisticated, so must our approach to security. 

Every time that a fraud hits the headlines there is naturally a huge focus on how the crooks got hold of all those personal banking details. But there is often less attention given to how they were then able to use the customer details to extract money from customer’s bank accounts.

Unfortunately fraudsters will always find methods to compromise our personal data. While that in itself is a major concern the solution lies in ensuring the abuse of such data can be detected and prevented. The key lies in real-time detection, prevention and immediate resolution enabled by the empowered customer. Technology is available today to absolutely achieve this, in real-time, totally privacy sensitive, highly secure and yet totally intuitive from a customer standpoint. In fact, in many cases the customer is not even aware that security is being applied as many of the techniques used are completely invisible. The answer is robust customer authentication and transaction verification, relative to the bank’s perceived risk of the transaction. It must have speed (real-time), strong security, efficiency, good customer service and ease of use, while shutting down the scope for fraudsters to benefit from their crime. Similar stories (while on a smaller scale) have been publicised for over a decade, and invariably the issues remain the same, surely it is now time for financial institutions to step up and utilise effective security systems that can protect against such massive theft of payment credentials and the inevitable fraud fall-out that has already occurred and will continue for some time to come.

Comments: (1)

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 05 August, 2013, 14:48Be the first to give this comment the thumbs up 0 likes

One way to measure the severity of payment fraud is by absolute numbers. In an ideal world, there should be no fraud at all. Taken to an extreme, I won't tolerate even a penny of fraudulent transactions on my account. However, detecting and preventing fraud gives rise to false-positives, which in turn reduce revenues and spoil customer experience. Therefore, for issuers and merchants alike, Fraud / Spend ratio is likely the most practical metric to gauge the state of payment fraud. On that count, "...fraud levels are close to a historic low, equating to just 0.04 per cent of all spending", according to this latest report from Visa Europe.

Pat Carroll

Pat Carroll

Founder/Executive Chairman

ValidSoft

Member since

17 Mar

Location

London

Blog posts

79

Comments

40

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.


See all