Banks and credit unions are feverishly working to meet the FFIEC's authentication compliance deadline next year. But experts say institutions should be looking beyond the guidance, by making investments in cross-channel fraud detection.
Improving mobile device security is one of the top information security priorities for the coming year, according to our new Healthcare Information Security Today survey. And that's not surprising, given the recent surge of interest in tablets, smart phones and other mobile devices.
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
Successful wire fraud attacks cause losses averaging between $100,000 to 200,000 per victim. So, it's not surprising that banks are being sued by business customers for alleged failures to prevent fraud via ACH.
Account takeovers are up, but losses are down. Doug Johnson of the ABA says that's because banks and their customers are catching and blocking suspect ACH transactions before they drains corporate accounts.
Nessa Feddis of the ABA says increased investments in technology at the bank and consumer levels have fueled confidence in online banking. "I think the reason you see an uptick in use here is because the channel is more secure."
"What banks need to be aware of is that much of this fraud is occurring on the consumer and business-customer side, and not all of them will invest in technology that catches these attacks," says Phil Blank of Javelin Strategy & Research.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
More pressure from the FFIEC to increase online security authentication practices can be leveraged with interchange incentives being offered by the Fed for debit- fraud-prevention investments mandated by the Durbin amendment, and institutions should take advantage.
Doug Johnson of the ABA and FS-ISAC says banks and commercial customers are improving efforts to catch and thwart incidents of corporate account takeover, a sign that the industry is moving in a positive payments direction.
The bright spot is that 36 percent of the takeover incidents reported in 2010 were stopped before fraudulent funds transfers were approved. That's an improvement from 2009, when only 20 percent were thwarted.