Best Practices for Switching from Hardware to Software Tokens

The smartphone has become indispensable. According to Deloitte’s latest Global Mobile Consumer Trends1 report, a survey of 17 developed countries found that one in five consumers checks their phone >50 times a day. The explosive adoption of mobile apps and devices is changing how banks authenticate customers in the digital world. One trend we expect to continue into 2018 and beyond, is the drive to upgrade customer authentication technology from… Read more


PSD2: How the Final RTS Requirements Will Impact You - Update

On November 27, 2017, the European Commission published its final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) under PSD2. With the release of the final PSD2 RTS requirements, banks of all sizes can now take action to develop a compliance strategy and implement effective security solutions for electronic remote payment transactions. The Revised Payment Services Directive, known as PSD2, harmonizes security requirements for… Read more


How Will the Final PSD2 RTS Requirements Impact You?

On November 27, 2017, the European Commission published its final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) under PSD2. With the release of the final PSD2 RTS requirements, banks of all sizes can now take action to develop a compliance strategy and implement effective security solutions for electronic remote payment transactions. The Revised Payment Services Directive, known as PSD2, harmonizes security requirements… Read more


Faces of Fraud

Analysts wonder whether recent hacks like that of Equifax might serve as the tipping point for banks to rollout new anti-fraud measures, while in tandem, more than half of financial institutions surveyed lack confidence in their current ability to detect and prevent fraud. At least that’s what the 2017 Face of Fraud Survey, conducted by ISMG, experts in risk management research and data security analytics, and commissioned by VASCO recently… Read more


The Berlin Group’s NextGenPSD2 conference

Many European banks, banking associations and fintech companies are currently waiting for the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) to be adopted by the European Commission and Parliament. These RTS define the technical requirements for the communication interfaces (APIs) that banks have to provide to Third Party Providers (TPPs) in the future, and specify how banks have to authenticate users when… Read more


Behavioral Biometrics: Improving Security and the Customer Experience

Before the Internet, customers who wanted to transact with their bank had only one option – a visit to their local branch for a face-to-face transaction. Now, in the mobile age, customers expect their banks to provide secure and easy access to the full suite of banking services via their mobile device. New channel, new challenges This demand for mobile transacting introduces banks and financial institutions to new challenges inherent… Read more


Protecting against the BankBot Android banking malware using RASP

Earlier this month the Dutch company Securify came across a new sample of the BankBot Android mobile banking malware. While older samples of BankBot mainly targeted Russian financial institutions, the latest sample shows that BankBot now targets European and American banks as well. More specifically BankBot now targets over 420 leading banks in countries such as Germany, France, Austria, the Netherlands, Turkey and the United States. VASCO’s Threat Research analysts… Read more


iris scab

Before there were ‘preppers’ there were the sign holders, who would boldly proclaim, “The End is Near” on street corners, in football stadiums, and in fact anywhere large crowds gathered. Today, there are pundits (and others) in the security industry heralding a similar message, the end, or to really put a fine point on it, the death of static passwords is near. No surprise, really, on all the reasons why… Read more


Are you part of the 200,000,000 club?

If you’re doing internet-banking, playing online video games or simply logging on to your company’s network, there’s a good chance the answer to this question is “YES” and here’s why. Many of these types of applications require users to login with a VASCO DIGIPASS® authenticator or token. DIGIPASS authenticators come in all shapes, sizes & colors (there are even software & mobile DIGIPASS authenticators available) but they all have one… Read more