"Simple passwords alone do not provide sufficient commercially reasonable security," says Jim Payne of fraud victim Choice Escrow. "Where is the principle of doing what is right and just?"
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Information Security Media Group announces the launch of FFIEC Authentication Guidance, a resource center dedicated to providing in-depth news and views on the pending online authentication guidance.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
"I'd like to make sure our recommendations fit with what the FFIEC is recommending, to continue to help us mitigate risk," says Michael J. Wyffels, SVP and CTO of QCR Holdings Inc. "But the hackers seem to continue to find new ways to exploit vulnerabilities."
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
For nearly two years, banks and businesses across the U.S. have been plagued by a wave of corporate account takeover. And while there's no one answer, Texas bank examiner Phillip Hinkle sees ways that institutions can better detect and prevent these crimes.
New authentication guidance, when it is passed down, needs more attention on mobile, says Fraud Red Team's David Shroyer,a former Bank of America security executive.
After one commercial customer fell victim to corporate account takeover, this institution suffered significant losses and learned that legal disputes rarely favor the bank.
As the financial industry anxiously awaits the release of new online authentication guidance from the FFIEC, experts speculate about what steps banks and credit unions should be taking now to prepare.
The FDIC's Donald Saxinger says vendor management programs are getting more scrutiny from regulators, especially in areas of emerging technology such as cloud computing and mobile banking.
In light of the pending update to the FFIEC's 2005 online authentication guidance, customer awareness is one area banks and credit unions should take very seriously, says Aite analyst Julie McNelley.
Two stories stand out when I look back on the month of May: the POS PIN pad swap scheme that hit Michaels crafts stores in more than 20 states and the insider job at Bank of America that led to $10 million being stolen from some 300 customer accounts.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.