New authentication guidance, when it is passed down, needs more attention on mobile, says Fraud Red Team's David Shroyer,a former Bank of America security executive.
After one commercial customer fell victim to corporate account takeover, this institution suffered significant losses and learned that legal disputes rarely favor the bank.
As the financial industry anxiously awaits the release of new online authentication guidance from the FFIEC, experts speculate about what steps banks and credit unions should be taking now to prepare.
The FDIC's Donald Saxinger says vendor management programs are getting more scrutiny from regulators, especially in areas of emerging technology such as cloud computing and mobile banking.
In light of the pending update to the FFIEC's 2005 online authentication guidance, customer awareness is one area banks and credit unions should take very seriously, says Aite analyst Julie McNelley.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
The fate of pending regulations, an upcoming HIPAA Security Rule compliance toolkit and a crackdown on records snoops were among the most popular news items on HealthcareInfoSecurity in May.
Many have been asking lately if the Department of Health and Human Services' Office for Civil Rights has been effective in carrying out its HIPAA enforcement role. The question is a fair one.
High-profile legal wrangles over ACH- and wire-related fraud remain at a standstill, despite the industry's ongoing discussions about corporate account takeover and how to fight it.
It's been nearly two years now since the corporate account takeover spree began. So, what exactly are the courts, institutions and the financial services industry doing today to prevent further incidents of fraud?
SWIFT's Gottfried Leibbrandt says conflicting regulatory mandates could further fragment the international payments market, if banks and governments don't align their strategies. Communication among governments, regulators and global financial institutions is critical.
ThreatMetrix's Taussig says strong authentication should be part of every financial institution's layered security approach. And according to expected changes to the Federal Financial Institutions Examination Council's 2005 online authentication guidance, that means proven measures to enhance device identification.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.