Barclays and Lloyds are betting on security tokens to combat phishing, and online banking fraud. Scotsman.com News – Sci-Tech – Banks introduce electronic password gadget to beat rise in internet fraud Barclays plans to introduce hand-held devices to its 1.6 million online banking customers next year which will read the chip on the customer’s bank card and then provide a unique password needed to access the account on the bank’s website. Every time the customer logs on they will need to get a new password using the calculator-sized device.….Lloyds TSB is trialling key rings that generate random passwords for accounts. … Continue reading Banks introduce electronic password gadget to beat rise in internet fraud

The little known Egmont Group moves its international  HQ to Toronto, Canada. The group, named for the location of the first meeting at the Egmont-Arenberg Palace in Brussels on 9 June 1995, is the international co-ordinating body for national based Financial Intelligence Units (FIU’s).  Generally they are responsible for co-ordination and sharing of information to catch international criminals, and maintain protection of privacy and customer confidentiality, while protecting the integrity of the financial systems worldwide. TheStar.com – Toronto to be home of top intelligence group Ottawa is spending $5 million over five years to make Toronto the permanent headquarters of … Continue reading Toronto to be home of top intelligence group (Egmont Group)

With this quote the security of chip cards debate is opened. CHIP-AND-PIN systems introduced to foil credit and debit-card fraudsters are making it easier to commit certain types of financial crime, a reformed con man warned last week. And the evidence is mounting to support his contention. Chip and pin ‘makes fraud even easier’ – Money – Times Online He does not believe that chip-and-pin technology, which requires transactions to be verified with a four-digit number rather than a signature, will prove much of a challenge for professional fraudsters. The information sent out by the hand-held card reading devices used … Continue reading Chip and pin ‘makes fraud even easier’

An interesting development in the software security space.  Recently two factor authentication softare such as PassMark, and Digital Envoy have arrived, and they analyse the customers computer and record that “fingerprint” to valaidate the customer in the future. This new development analyses the customers mouse and typing habits, and associates with the customers profile to create a unique binding that assures the bank that the customer accessing online banking is who they say they are. ComputerWeekly.com – Banking fraud detection system uses customer typing and mouse styles – Technology\Security Products – 01/Jun/2006 The software monitors user characteristics, such as their … Continue reading Another software security space evolves from Fair Isaac

More information on the Goldleaf hacking incident, and the lack of information is astounding as I look at these three stories.  Worse is the remedial action, which will result in many customers leaving to Bank of America, or Wells Fargo being large banks that appear to customers, to have better control, and therefore better trust. Hackers gain access to server hosting bank Web sites Customers who tried to gain access to the sites were redirected to a phony Web site that asked for a user name and password. If a customer entered them, the site then asked for credit card … Continue reading Banks display terrible judgement in handling apparent massive security breach in US

In a security breach at an Goldleaf Financial Solutions, an Internet Service Provider for US Community banks, the personal information of clients has been compromised.  While there are no details yet, I suspect this is big, so more to come. Finextra: Hack attack hits 300 banks Goldleaf – which provides Web-based ACH, cheque conversion, and remote deposit solutions as well as hosted Web sites and intranets for community financial institutions – says it was forced to respond to a phishing attack on its system that redirected banking customers to bogus Web sites in a bid to entice them to enter … Continue reading Hack attack hits 300 US banks

Surveys are always questionable, but the sheer size of the positive response on this one, makes it worthy for further thought. Finextra: Europeans willing to switch banks for biometric authentication The study, which spans seven European countries, shows that 57% of people would be more likely to change their current account provider if all it took was an identity card and fingerprint to establish and prove identity. In Germany this average increases to 64%, almost two thirds of the population, says LogicaCMG. The research found that over a quarter of Europeans – 27% – would be more likely to change … Continue reading Biometrics as a loyalty driver

Surveys continue to talk about the fear of fraud online. I am closely watching the sponsors of these surveys. This one is sponsored by The Cyber Security Industry Alliance. Finextra: Fraud fears scare off US Web shoppers The US-wide survey of 1150 adults conducted by Pineda Consulting found that only 44% feel their information is safe when engaging in e-commerce and only a third (34%) feel that Internet banking is as safe as banking in the branch. This group is a lobby group, and this is taken from their site. CSIA is the only advocacy group dedicated to ensuring the … Continue reading Fraud fears scare off US Web shoppers

 Much debate about the costs and benefits is taking place today in every bank. Senior management are often seeking the silver bullet, but the reality is that fraud has to be managed, and won't be eliminated.  There are too many variables, including the customer and their own behaviours.  This article covers it well. Banks Get Wise to Phishing Fraud – Enterprise Security – NewsFactor Network "No legitimate bank or e-commerce company is going to send its customers e-mails requesting security information," said Amanda Pires, a spokesperson for PayPal. "Nor is a bank going to send out an e-mail warning that … Continue reading Banks Get Wise to Phishing Fraud