Regulation and legislation are working in banking institutions' favor, helping them enhance fraud prevention and detection investments for debit and online banking.
"Organized crime sees that this is a good business to come in, exploit and take advantage of the loopholes," says L.T. Lafferty, criminal defense attorney and mortgage fraud expert, on the schemes that cost banks billions each year.
The FDIC is yet again a target for phishing, with fraudulent e-mails urging business owners to click malicious links purporting to provide FDIC information about their financial institution.
Debit fraud and skimming are growing problems, and they're why California-based Fremont Bank is switching from mag-stripe to chip-based debit cards, says Chris Olson, the bank's chief operating and enterprise risk officer.
A months-long investigation led Australian investigators to more than 50 stolen POS terminals, dozens of card skimmers and more than 18,000 blank and counterfeit cards. So far, 25 people have been arrested and charged for their parts in the alleged scheme.
Phishing e-mails, feigning to be from the Internal Revenue Service, are reportedly targeting consumers with claims that tax accounts have been locked and require immediate action to reopen.
Eduardo Perez says, simply, the "time was right" for Visa's introduction of chip-based payments incentives for U.S. merchants. Visa's new mobile-to-EMV program offers PCI-audit-compliance waivers to qualified merchants who implement dual-interface contact and contactless acceptance.
Adoption of chip technology will not only help the U.S. payments infrastructure prepare for expected acceleration in mobile-based payments, Visa says, but will improve transaction security by providing dynamic authentication.
With the extension of ENISA's mandate into 2013 by the European Parliament & Council, the agency can continue to educate and collaborate with other nations on cybersecurity issues, an area of constant importance.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
"You can do everything, but if you forget to change the keylocks on your dispensers, then you can be breached," says Gray Taylor, security expert at the National Association of Convenience Stores.
"If left unaddressed," GAO says, "these issues will continue to increase FDIC's risk that its sensitive and financial information will be subject to unauthorized disclosure, modification or destruction."
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.