Over the past six months, there have been a number of changes in the way the big payment and mobile technology players have approached security for payment apps. Read more
ATM skimming remains a big business for organized crime rings. According to a recent article in ATMMarketplace.com, card skimming accounted for more than $2 billion in losses. One new approach that banks are exploring to mitigate this particular vector of fraud, is the notion of using smartphones as a second factor of authentication since most people always have their phone with them. But the question remains: can smartphones solve the growing problem of skimming or do they have their own particular vulnerabilities that might present a new avenue for hackers? Read more
Human-based Computation Games, also known as Games with a Purpose, have been used by the software industry to accomplish tasks that although trivial for human beings, still pose a big challenge for even the most advanced computing mechanisms. GWAPs take advantage of the human willingness to collaborate or simply desire to have fun in order to collectively solve large-scale computational problems through online games. Read more
In my experience as a fraud prevention consultant, I constantly have discussions with financial institutions and with different profiles of fraud prevention managers. Each with its own way of visualizing fraud and thus its own strategy to reduce it. The fact is that regardless of the institution and the fraud managers’ profile, there are three key considerations to be given before deciding how to deal with fraud, keeping in mind that it is virtually impossible to eliminate. Read more
Phishing costs businesses over $2 Billion in losses every year, but email remains a critical communication channel. DMARC (Domain Message Authentication Reporting and Conformance) is a free standard that stands to change all that by providing visibility into email flows, telling email receivers to delete spoofed messages, and ensuring that only legitimate emails are delivered to inboxes from protected domains. Read more
A couple of weeks ago, we posted a piece discussing how the implementation of same-day Automated Clearing House (ACH) transactions would affect the fraud operations of American banks. Essentially, same-day settlement would provide a very small window of opportunity to stop or reverse payments once authorized and completed. Read more
We often hear fraud managers being dissatisfied with their current anti-fraud posture and believing that comprehensive protection is overly complicated and overly expensive. Not only is integrating separate solutions from a variety of vendors difficult, costly and time consuming, but oftentimes different services from the same vendor are nearly impossible to effectively integrate. Even if you do manage to get two solutions working concurrently, you have to flip back and forth between different portals that don’t share information and are essentially silos of walled-off data. With so many moving pieces, it’s a chore just to figure out of which tool has the crucial piece of information you need to stop an attack in progress. And every second you’re digging through a mountain of data and alerts is another second not used to stop an attack.
With iOS and Android’s dominance in the mobile operating system market, it can be easy to overlook that a still-significant portion of the world’s smartphone and tablet owners use other operating systems. Windows Phone and Blackberry are not as popular in the US as iOS or Android, but their usage is considerably more common in many European, Asian and Latin American countries. This proportion of Windows Phone and Blackberry users also rises significantly higher when focusing on the enterprise and government sectors, where tight security and lack of exposure to malware is held in higher esteem compared to the general population. The tendency is for many major app developers is to concentrate on iOS and Android and let other mobile operating system applications languish for months without updates. But financial institutions should resist this temptation, not only because it leaves a chunk of customers with no way to securely perform mobile transactions, but also because it denies banks a way to offer these customers value-added activities that can generate revenue. Read more
Easy Solutions expert commentary on the topic of how to reduce spam and phishing with DMARC was recently featured in Dark Reading. While email is a mission-critical communication channel for most companies, it has also become an untrusted one.
DetectID, Easy Solutions’ flexible authentication platform, just made strong mobile authentication for businesses and their users even simpler. The newest version of DetectID expands the functionality of the SDK-based mobile authentication solution. Mobile Authentication is built from the ground up to provide frictionless authentication using native push notifications, soft token and QR Code. The new features in the latest edition of DetectID include: Read more