Staying One Step Ahead of the Cyber Criminals
The latest Symantec report suggests that the number of worldwide malware samples increased by an astonishing 71% in 2009 compared to the previous year. According to the report, this increase stems from the growing popularity of easy to use toolkits that novice cyber criminals are using to turn out their own malware. In our experience, banks and their customers are one of the key targets for this new breed of criminal. While customers need to be more aware of online security risks, banks are also doing their bit to protect their customers. The challenge for banks, however, is to remain one step ahead of the criminals.
The latest technique to be used by fraudsters is to implant a code in the customer’s browser to gain control of their banking session while using the same IP address of the legitimate user. These so-called ‘man-in-the-browser’ attacks are capable of moving funds out of a user’s account without the bank or the customer being aware until transactions have been clocked up on credit cards or the balance on their current account begins to dwindle unexpectedly.
Man-in-the-browser viruses are difficult to detect as often standard security measures do not even reveal the presence of the virus. However, financial institutions can reduce the effectiveness of man-in-the-browser attacks by gaining a better understanding of a customer’s online banking profile and their regular interactions online, so suspicious activity can be recognised more quickly and easily. Banks can also use out-of-band communication, such as a mobile phone, as an additional method of authentication to confirm the transaction details and verify the user. This makes it more difficult for fraudsters to operate, as they have to simultaneously compromise multiple channels.
The findings from Symantec’s latest report, highlight the importance for banks of taking a layered fraud prevention approach - one that analyses the log-in, the transactions, and risky sequences of events – to give banks the best chance of minimising online banking fraud, thwarting attacks and ensuring the industry doesn’t continue to contribute to the rising malware attack figures.
Fraud & Risk Solutions Consultant
Related Blog Posts
Customer Innovation: Erste Bank [Q&A]
The global banking sector is becoming both more strategically focused and technologically advanced, responding to rising consumer expectations while trying to defend market share against an increasing array of competitors. A great deal of emphasis is being placed on digitizing core business processes, and reassessing organizational structures and internal talent to be better prepared for the future of banking.
Regulating for Real-Time: The Role of Government in Payments Modernization
Dr. Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments and the findings of the new white paper, Get More from Real-Time.
Issuing and Acquiring in a Real-Time and Open Payments Ecosystem – The Global Picture
Dr Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments, stemming from the findings of the new white paper, Get More from Real-Time. See part one.
Four Questions to Drive Your Retail Banking Payments Strategy in 2019
I keep hearing that it’s “an exciting time to be in payments,” and I certainly agree that there is a lot of noise. However, when I look below the surface, I’d argue that the interesting activity is not with the payment itself, but with all the related events and steps in the value chain.
What Can the Re-Regulation of Other Industries Tell Us About Open Banking One Year On?
UK Open Banking just reached its first birthday milestone (on January 13 to be precise) and given my own commentary – including in the ACI blog – on this topic, the first anniversary of Open Banking in the UK certainly won’t pass without a debrief on the progress that’s been made and what challenges lie ahead.
Instant Payments in Italy – And Beyond: Lessons from Il Salone dei Pagamenti
ACI was invited back to Il Salone dei Pagamenti – Italy’s premier payments event organized by the Italian Banking Association (ABI) – to participate in a panel, “SEPA Inst – the Future.” As expected, the session was packed with stats and advice for a more efficient roll out of instant payments – in Italy and beyond.
To Regulate Or Not To Regulate – Is That Thy Question?
Debates are healthy, and as someone who spent a little time during my college years dabbling around the edges of the speech and debate team, I can tell you it’s something that I personally relish. A chance to really talk through the pros and cons of an argument and lay out the bare facts… and then be judged based not only on those facts, but on the presentation and power of persuasion—sign me up!
Request for Pay – What Does It Mean For Financial Institutions?
What do banks – one with $60B+ in assets, one a mid-size regional bank, and one, a small innovative credit union – have in common with payment networks and the ‘Big 4’ consulting firms? They were all part of the first ACI #PaymentsForBreakfast event in North America! The theme was real-time payments, but the focus was more specifically on Request for Pay.
Why Open Banking Might Need to Rely on a Magic Illusion of 24x7 Availability
The adage “the more things change, the more they stay the same” appears to ring true when applied to the early phases of the evolution of open banking (or open payments). Especially when you contrast it with the early days of ATM withdrawals; particularly those made in the dead of night so you could pay cash for your after-party greasy feast.
Sibos Preview: The Five Trends Transforming Real-Time Payments
Real-time is now a reality, with more than 30 schemes live around the world. And real-time is in the spotlight as banks and financial service providers make their way to Sydney for Sibos 2018. What better time to look ahead at the key trends that are going to shape the ongoing development of real-time payments.