New threats are emerging every day, and banks and credit unions have to make sure their mitigation strategies keep pace, Conroy says in an interview with Information Security Media Group. "If bankers are not constantly engaging, they can be sure the bad guys are," she says.
As a featured panelist at ISMG's Fraud Summit Chicago, Conroy, along with Ed Monteagudo, executive vice president of First American Bank, will explore such topics as mobile malware and fraud risks linked to mobile payments during their discussion, "Mobile: Fraud's New Frontier."
Conroy says U.S. banking institutions can soon expect to see mobile-banking logins overtake online-banking logins. She says her research shows fraudsters are putting more effort into mobile attacks. "We're seeing a wide variety of attacks. We are seeing cross-channel attacks, phishing attacks on mobile channel in the form of smishing and vishing, and we are seeing a lot of rogue apps out there."
In addition to devising ways to mitigate emerging mobile risks, banking institutions should be bracing for increased regulatory oversight of mobile transactions, she adds. "For the time being, banks and credit unions have been operating under the assumption that mobile is within the scope of existing authentication guidance [issued by the Federal Financial Institutions Examination Council]," Conroy says. But she predicts that new authentication guidance specifically for mobile banking could be unveiled later this year.
Conroy says the key questions bankers should now be asking themselves are: "What are the security measures you have in place? And how do you address high-risk transactions?"
During this interview, Conroy also discusses:
- How the U.S. compares to other international markets where mobile banking and payments are widely used;
- The varying attack methods fraudsters have used in other markets that could offer lessons for the U.S.;
- How mobile banking executives are improving their security by working with executives from the e-commerce sector.
For more information about the May 14 Fraud Summit, which will be held at the Westin Chicago River North, check out our schedule.
The Chicago Fraud Summit will be followed by five other events:
- Toronto - Sept. 9
- London - Sept. 23
- New York - Oct. 21
- Orlando - Nov. 4
- Dallas - Nov. 18.
At Aite, Conroy covers fraud and data security issues. She has more than a decade of hands-on product management experience, working with financial institutions, payments processors and risk management companies, including a number of years managing the product team at Early Warning Services.