PSD2: Creating a Secure Execution Environment for Mobile Banking Apps

The revised Payment Services Directive, also known as PSD2, pays a lot of attention to the security of mobile banking apps, mobile payment apps, mobile wallets, and other apps that offer payment functionality. The most important requirements related to mobile app security are present in Article 9 of the final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and… Read more


New iOS 12 Feature Risks Exposing Users to Online Banking Fraud

Security Code AutoFill is a new feature for iPhones in iOS 12. It is supposed to improve the usability of two-factor authentication, but could expose users to online banking fraud by removing the human validation aspect of the transaction signing/authentication process. Two-factor authentication (2FA), which is often referred to as two-step verification, is an essential element of many security systems,… Read more


Matthias Valcke

Finding the best fraud detection and prevention solution for your organization can be challenging. Requirements from internal stakeholders and vendor fact sheets can give an overwhelming impression that your solution needs to have it all and then some. In reality, your choice should simply tick all the boxes on your must-have list and cover your business use cases. It should… Read more


Julie Conroy

When it comes to fraud, financial institutions (FIs) find themselves trying to address competing priorities. On the one hand, the need for strong authentication and security continues to rise. Fraud and hacking attempts become more sophisticated each year, and new laws and regulations require stronger customer authentication security – potentially adding more friction to the customer experience. However, consumers have… Read more


selfie

The Economic Growth, Regulatory Relief, and Consumer Protection Act was just signed into law by President Trump.  Also known as the Dodd-Frank Repeal, the new law removes many of the regulations imposed on banks after the financial crisis and the Great Recession of the late 2000s.  As with most laws, the Act includes numerous provisions. Among these is Section 213,… Read more


Online Banking

In recent years, open banking has received a lot of attention in the financial services sector. Open banking means that banks open their systems to authorized third-party financial service providers, so these companies can initiate and process payments and financial transactions at the request of the bank’s customers. Open banking promises to unlock innovation that will profoundly improve the banking… Read more


Digital Encryption

Seven years ago, the Obama Administration published the National Strategy for Trusted Identities in Cyberspace (NSTIC).  NSTIC called for an Identity Ecosystem, “an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities.” Born out of the NSTIC and operating under grants from the… Read more


mobile

As part of a secure and seamless mobile first strategy, banks, credit unions, and other financial institutions must rethink the customer journey. Financial institutions strategically aim for customers to do more with mobile while minimizing fraud exposure tied to untrusted, high-risk devices. To enable growth in the mobile channel, financial institutions need to provide fast, convenient, and frictionless high-value services… Read more


Capture GDPR Consent and Sign GDPR Contracts with E-Signatures

On May 25, 2018, the General Data Protection Regulation (GDPR) becomes the main legal framework for data protection in the EU. Under the GDPR, EU citizens must consent to the processing of their personal data – and data controllers must meet strict requirements for capturing that consent. In fact, the conditions to obtain consent have been fundamentally redefined compared to… Read more


Mobile App Shielding

We regularly host webcasts on topics such as mobile app shielding, fraud, authentication, RASP and risk analysis to provide guidance on how to protect your customers and data. If you missed our latest webcast, Delivering Trust Through Mobile App Shielding and Hardening, here is the 5-minute summary. The full presentation is available on-demand. As mobile devices and apps proliferate, organizations are increasingly… Read more