Internet Banking Faces A New Threat
The recent announcement of the multi-channelled Zeus attack on a user’s internet banking account is an interesting hypothesis and surely will not be the last when it comes to beating the ever advancing online banking systems. The attack method currently seems to use the mobile phone as a forwarding device for any one time password that is delivered to the customer. It’s unclear whether or not the mobile phone hack would hide the incoming SMS from the customer, however if it doesn’t, then if banks ensure they include relevant transaction details in the SMS - amount, and beneficiary - it could allow the legitimate customer to detect that something has gone wrong prior to money being lost.
However, if this is the beginning of these types of attacks, we can be sure that the sophistication will also ramp-up as time passes. It’s easy to imagine a few other tricks that could be implemented in the mobile phone side of the attack to further mask the attack. Banks need to keep on top of these threats by maximising the technology they use in Out of Band communication and not simply using it as a basic notification service.
Having the customer respond or sign a transaction via the Out of Band channel could cut down on the potential for abuse since the bank would be able to look at the incoming mobile phone number to help authenticate the transaction. All of this, however, further points to the fact that our most advanced and innovative protection methods will inevitably be defeated as the never-ending game of cat and mouse progresses. When the locks on the door cannot fully protect, the banks will always have the incredibly robust suite of transaction behaviour detection tools available to them.
Regardless of what technology is sitting at the front gates, there is always a way to detect abnormal behaviour when it's occurring, and banks will always keep these systems honed to ensure customers' money is protected.
Fraud & Risk Solutions Consultant
Related blog posts
Mobile is Transforming the Travel Sector
February in South Africa means long, hot days, and seemingly endless sunshine (interrupted only by the occasional thunderstorm). Temperatures often top 30 Celsius (that’s mid-eighties for my American friends) and nearly every day is deserving of a braai (that’s barbeque for the rest of the world). But I do spare a thought for my colleagues and friends in Boston, New York, Munich and London (amongst others) at this time of year, as they slog it out through the darkest and coldest months of winter. Who’s to blame them for seeking a bit of light escapism as they plan and book their spring and summer vacations?
Connected Devices are Opening Up New Forms of Payments and Partnerships
Of all the trends that are currently shaping – or re-shaping – the nature of payments, none is more significant than the rise of the Internet of Things (IoT). We often talk about the payments ‘ecosystem’ and the complexity that exists between the many participants that are part of this ecosystem, but this complexity will expand exponentially as millions – no, billions – of devices become internet capable.
Busting Bitcoin Myths
Bitcoin has attracted its fair share of media attention – and some negative perceptions held by merchants and consumers are hard to shake. To what extend is this justified? Or are there myths that can be dispelled? Bernard Kaufmann, General Manager, Payment21 contributed the following guest blog post to do some cryptocurrency ‘mythbusting.’
Opportunities and challenges in Middle East and North Africa
HyperPay – a Gate2play product – launched in 2013, and is the fastest growing payment gateway in the Middle East and North Africa region. Providing a range of processing services that help businesses sell online and offline, HyperPay delivers the region’s leading payment gateway, enabled by the UP eCommerce Payments solution. We spoke with Alaeddin Elmajed, Payment Services Director at HyperPay, about the region's challenges and opportunities.
Addressing the Challenge of Advanced Remote Management of Payment Forms
Payment forms (also known as payment widgets) are an invaluable payment technology, not only because they are simple to integrate, but also because they give merchants full flexibility in the design of their checkout pages.
Open API Architecture is Now a Prerequisite for Merchants
Next generation merchants, including global players such as Uber and Airbnb, have built their success on openly accessible APIs and technologies that are constantly evolving to meet market needs. Because they have built their products and services on openness, they also expect an open technical setup from their payment providers. This puts pressure on payment providers to deliver state-of-the-art payment technology.
Peak Trading Is About More Than Black Friday And Cyber Monday
Many merchants will have now experienced their biggest single trading day of the year, either Black Friday or Cyber Monday, and alongside these peak trading days have focused their efforts on effective fraud managements and delivering a seamless and secure checkout experience. However, this is not universally the peak for all merchants.
Analyzing Annoyance Online Shopping Behavior at the Checkout
If you’re standing at the checkout in a brick-and-mortar store, it’s easy enough to see when fellow customers become agitated and annoyed. Impatiently checking the time, audible ‘harrumphs’ and negative body language are all tell-tale signs that the payment process is not proceeding as smoothly as desired. But how does this frustration manifest itself in online shopping behavior?
Connecting European Merchants and Chinese Shoppers via Alipay
Despite its size and reach, Alipay is still an emerging player outside its home country, China. Launched in 2004 as part of the Alibaba Group, its e-wallet is the world’s leading third party payment platform. Part of its success stems from the fact it is embedded in many of the Alibaba Group’s merchant services; including Taobao, an online consumer-to-consumer shopping platform; AliExpress, an online retail service for small Chinese merchants selling outside China; and TMall, an online platform for global brands selling to affluent Chinese shoppers.
Risky Business? Open Invoice Payments In Germany
PayProtect is used by merchants and payment service providers to manage the risk around 'purchase on account' – a payment method that is a must when operating in the large German eCommerce marketplace. Jens Kühle, MD of GPP, a company of the GFKL-Lowell Group, sat down with us to explain the specifics of eCommerce risk management in the German market.