With governments, retailers, banks and (not least) consumers increasingly crying out for a means of confirming someone’s identity beyond any doubt, the search for a common, international standard of payment authentication is in full flow.
Banks are at risk from a new kind of ‘client side injected malware’ attack, in which attackers install malware on the customer’s device and use it as a base for injected ads, spyware scripts, unauthorised cookies and fake surveys designed to look like they are part of the bank’s website or app, but which actually steal a customer’s private information.
More than 30% of all suspicious transaction reports in the European Union are triggered by the use of cash, according to Europol, with the €500 note – not widely used for payments – still in demand.
Banks will always be targeted by criminals and cyber attacks have become their most vulnerable attack surface. It isn’t simply about technology. It extends through people and process, and reaches from the central infrastructure all the way out to end users conducting online banking or financial transactions on laptops, tablets or smart phones. Because banks and financial firms have very large and sophisticated systems, this means that end-to-end security is notoriously difficult
The Biometrics Institute, Mobey Forum and Natural Security Alliance have launcehd a cross-association collaboration to promote the use of biometrics in digital services. The organisations plan to have their inaugural meeting, on biometrics for non-government services, in Paris on 1 July.
Financial services organisations can, and do, prevent many criminal acts through adequate controls, proper supervisory procedures, and sophisticated detection and incident management technology. However, there are a handful of shortcomings that derail the best preventive measures and result in negative news headlines and increased regulatory scrutiny for individual employees and entire institutions alike
US post-trade utility the DTCC is reporting that almost half of the respondents in its most recent Systemic Risk Barometer Study cited cyber security as their top concern, making it the single largest fear and doubling its rating compared to just 12 months ago.
The financial sector is a slow mover in innovation, however no single industry is leading the way in the Digital Identities economy. Banking is one sector that can take advantage of Digital Identities to better develop customer experience given the nature of the engagement and relationship between Banks and their customers. Banks fulfil a very […]
Anti-money laundering legislation cuts through the Gordian knot of bringing cases against companies at a stroke – it doesn’t require a ‘controlling mind’. In fact, it almost demands the opposite. A UK-wide system of velocity checking would go further in combating crime and protecting Money Services Businesses.
The Italian Financial Police (Guardia di Finanza), supported by Europol, arrested 10 members of a transnational criminal group yesterday. The criminals, mainly Nigerian citizens, were involved in laundering the proceeds of online fraud, amounting to more than €2.5 million.
As greater convergence between asset classes and the unification of trading desks and trading strategies across multiple asset classes becomes more common, the opportunities for sophisticated market abuse may be on the rise. That may mean that the need for surveillance is greater than ever, according to Tony Sio, head of SmartsTrade Surveillance, exchange and regulators at Nasdaq.
Security specialist RiskIQ says the growth in digital business is producing an increasing threat to banks across the world, with the largest banks owning an average of 7,500 public facing digital assets – 60% of which are outside the company firewall.
A former head of the UK Security Service better known as MI5 says banks need to beware the danger of state agencies and others stealing or destroying confidential information.
Singapore’ DBS Bank has begun a major overhaul of its financial crime prevention strategy, as the bank seeks to upgrade its suspicious activity monitoring, due diligence and risk tools.
Banks need to recognise that building a wall to keep cyber security threats out will not work. With breaches from both sides of the wall inevitable, financial institutions would do better to pare down their activities and focus on defending their core assets – including intellectual property and transactional systems.
Bankers should watch what they say in public, or risk a devastating computer network attack on their business from state-sponsored hackers. This was the stark warning offered by speakers at the FIX Trading Community conference in London yesterday.
Swift has added peer assessment to its Sanctions Testing service. An optional service it will allow financial institutions to compare the performance of their sanctions filters against those of other participating institutions.
To counter cyber-crime, an organisation must have a person providing leadership and oversight in the strategic planning, execution, and assessment of security strategies, policies, procedures and guiding practices. Ensuring compliance with legal obligations in respect of information and information security is also a key responsibility. What many companies need is a chief information security officer
In a joint international operation Europol’s European Cybercrime Centre seized servers said to have controlled the Ramnit botnet that had infected 3.2 million computers internationally. The operation involved investigators from Germany, Italy, the Netherlands, and the UK – which led the operation – along with partners from private industry.
Financial institutions are being urged to revisit their cyber-security following revelations that an online gang using the Carbanak malware stole up to $1 billion from banks in 30 countries around the world in a series of highly-sophisticated attacks over the last two years.
The cyber-attack on Sony Pictures at the end of last year highlighted something that IT and security people in financial services have known for some time – the modern networked environment is far less secure than most people are prepared to admit …
Protecting your banking infrastructure from cybercriminals is one of the toughest IT challenges in banking. It keeps getting harder, even though banks are working tirelessly to protect both customers and assets. Attacks are growing in size, and new developments such as the Internet of Things mean attack surfaces are growing, as well as the number of endpoints that can be used to launch attacks.
Fear of fraud is the main factor slowing the adoption of smartphone-based payments among UK consumers, though a third believes that credit and debit card payments will no longer be the preferred method of payment in 2020.
Securities market regulators are beginning to clamp down on market abuse linked to complex high-frequency trading strategies – but there is much more to be done, according to a new report by financial consultancy Kinetic Partners.
A range of social, political, cultural and economic factors drives cyber attacks. How well banking and financial institutions understand the drivers for an attack and how effectively they respond in the 48 hours following the discovery of an attack has a major effect on the resultant impact.
RBS’ global transaction services business is exploring collaboration with a number of startup companies as a way of combining its own services with the innovation provided by smaller companies, through API agreements. The move comes as banks around the globe increasingly seek to bring products to market faster and reap the rewards of innovation.
The global financial crisis triggered an avalanche of fierce criticism for the financial industry, the repercussions of which are still being felt. In its wake industry bodies around the world introduced stringent regulations that require in-depth auditing to achieve compliance and complete corporate accountability.
With Sony the latest victim of hacking, large organisations are witnessing yet again how data breaches cause serious damage, to the tune of millions. The prevalence of hacking in the media begs the question, what’s in store for 2015?
Digital and alternative currencies, including Bitcoin, can now be used for transactions in California, following the implementation of bill AB129 on 1 January 2015. The new bill is a step forward for cryptocurrencies which have faced tough opposition and scrutiny from global regulators. However, serious doubts about the safety of digital currencies have been voiced by banks.
A platform for sharing cyber-security threat intelligence among financial services companies has been launched by US post-trade utility the DTCC and non-profit security organisation FS-ISAC. Called Soltra Edge, the platform gathers data about cyber-security threats and converts it into a standardised format for sharing.
Market participants are worried about data and are deeply concerned about their ability to monitor transactions following a string of major fines to global financial institutions, according to a new report by NICE Actimize.
As Bob Dylan, famously sang, The Times, They Are A-Changin’. Once, the tools required to carry out a bank raid usually comprised a shotgun, old stockings and a bag labelled “swag”. Today, it’s a laptop, computer programming skills and patience. And the nature of the crime is changing too – previously, the goal was often to get away with a few thousand pounds, before lying low for a while. Now, the “prize” sought may be the theft of millions or the personal details of thousands, to be then sold on.
Fraud and financial crime are growing substantially in their nature and complexity as we continue to evolve into an ever more connected world. New technologies, particularly the spread of mobile devices, have opened up different avenues of attack for technically sophisticated and well organised gangs of fraudsters and criminals. The social and economic costs of organised crime in the UK alone are estimated to be £24bn, of which £8.9bn are associated with fraud.
Greater information sharing and closer collaboration between the public and private sectors are needed to combat cyber-attacks, which are now the principal concern of the financial services industry, according to the DTCC. A top priority should be the creation of global industry working groups to engage with national regulators on the development of cyber-security regulations that address the real-time and evolving nature of cyber-threats.
The recent nomination of the British Banker’s Association as an intelligence node and source of benchmarks and practices in the UK’s financial infrastructure, via CBEST, has pushed the role of the banking sector in detecting and remediating breaches into the spotlight. So what can banks do to ensure their cyber defences are up to the task?
As banks develop new retail styles, they face new security challenges as the changing use of space in-store means surveillance and alarm systems must evolve in tandem.
The internet has opened the door to purchase almost anything from any part of the world through electronic payments. As globalisation continues to flourish – especially in the banking industry – it’s now possible to transfer money across different countries with ease and speed. While this has increased the opportunity for businesses to extend their reach globally, it also creates an appealing opportunity for criminals.
The threat of banks de-risking and exiting regions and businesses in fear of sanctions-related fines is upon us, said Juan Zarate, the ex-deputy national security advisor for combating terrorism to US President George W Bush. Zarate was speaking at a Standard Chartered session yesterday morning about his new book, Treasury Wars: The Unleashing of a New Era of Financial Warfare.
While the average bank heist averages $6000, a cyber-thief can make off with millions. Last year 552 million identities were breached, while every call about a compromised credit card costs a bank $4.
Regulators in the US and Europe are stepping up investigations into dark pool activity, market abuse and manipulation of financial benchmarks following a spate of damaging incidents in recent months. Tougher regulatory oversight could have a significant impact on all three areas, according to a new report by financial services technology provider SunGard.
