A couple of weeks ago, we posted a piece discussing how the implementation of same-day Automated Clearing House (ACH) transactions would affect the fraud operations of American banks. Essentially, same-day settlement would provide a very small window of opportunity to stop or reverse payments once authorized and completed. Read more
We often hear fraud managers being dissatisfied with their current anti-fraud posture and believing that comprehensive protection is overly complicated and overly expensive. Not only is integrating separate solutions from a variety of vendors difficult, costly and time consuming, but oftentimes different services from the same vendor are nearly impossible to effectively integrate. Even if you do manage to get two solutions working concurrently, you have to flip back and forth between different portals that don’t share information and are essentially silos of walled-off data. With so many moving pieces, it’s a chore just to figure out of which tool has the crucial piece of information you need to stop an attack in progress. And every second you’re digging through a mountain of data and alerts is another second not used to stop an attack.
With iOS and Android’s dominance in the mobile operating system market, it can be easy to overlook that a still-significant portion of the world’s smartphone and tablet owners use other operating systems. Windows Phone and Blackberry are not as popular in the US as iOS or Android, but their usage is considerably more common in many European, Asian and Latin American countries. This proportion of Windows Phone and Blackberry users also rises significantly higher when focusing on the enterprise and government sectors, where tight security and lack of exposure to malware is held in higher esteem compared to the general population. The tendency is for many major app developers is to concentrate on iOS and Android and let other mobile operating system applications languish for months without updates. But financial institutions should resist this temptation, not only because it leaves a chunk of customers with no way to securely perform mobile transactions, but also because it denies banks a way to offer these customers value-added activities that can generate revenue. Read more
Easy Solutions expert commentary on the topic of how to reduce spam and phishing with DMARC was recently featured in Dark Reading. While email is a mission-critical communication channel for most companies, it has also become an untrusted one.
DetectID, Easy Solutions’ flexible authentication platform, just made strong mobile authentication for businesses and their users even simpler. The newest version of DetectID expands the functionality of the SDK-based mobile authentication solution. Mobile Authentication is built from the ground up to provide frictionless authentication using native push notifications, soft token and QR Code. The new features in the latest edition of DetectID include: Read more
Like an iceberg, a large portion of the Internet is obscured from easy view. That’s right. It is literally a “hole” new world. This unindexed section of the Internet is dubbed “the Deep Web” and more and more criminal activity is moving away from the light of day and into to the shadowy corners. Read more
Last November, we launched a new product called DMARC Compass. DMARC Compass is designed to provide organizations with instant visibility into how many criminals are using their domain to send spam and phishing attacks. DMARC Compass has been a huge success and early feedback from our clients has been extremely positive. Read more
In the last two days, we have seen a lot of media coverage around Apple Pay being used for fraudulent activities by criminals with stolen identities and credit cards. The news were first reported by The Guardian. Many of the articles highlight that fraud is stemming from a back door in the activation process called the “yellow path”. The yellow path is the process by which the bank can put the card activation on hold to do additional verifications. Read more
The implementation of same-day Automated Clearing House (ACH) transactions has been getting a good amount of media attention lately. In a letter to NACHA (the Electronic Payments Association) on February 4, the American Bankers Association expressed their support for a proposal to implement same-day ACH transactions. ABA believes that widespread adoption of same-day ACH transactions represents a fundamental step to promote faster payments across the entire industry, as it would level the competitive playing field for all financial institutions while allowing account holders to benefit from expedited settlement. Read more
Man-in-the-Browser (MITB) and web injection attacks are the most devastating threat on the Internet today, resulting in infinite number of compromised accounts. These attacks infect a webpage by taking advantage of security vulnerabilities in browsers and common web plugins, modifying web pages and transactions as they are happening in real time. Cybercriminals launching an MITB attack can intercept and change the content on a website by injecting new HTML code and perform unauthorized transactions while a customer has an online banking session open, but the client will only see the transaction performed as they intended on their screen. Read more