August 14, 2018 - Frederik Mennes
overlay attacks

The growth of mobile technology and the increased importance of cybersecurity have dominated news cycles in the past year. At the same time, one of the biggest threats we’re seeing against mobile are overlay attacks – combining social engineering with inherent security weaknesses found in mobile apps, these attacks take advantage of users to trick them into sharing sensitive data…. Read more

  •  
  •  
  • 3
  •  
  •  
  •  

New iOS 12 Feature Risks Exposing Users to Online Banking Fraud

Security Code AutoFill is a new feature for iPhones in iOS 12. It is supposed to improve the usability of two-factor authentication, but could expose users to online banking fraud by removing the human validation aspect of the transaction signing/authentication process. Two-factor authentication (2FA), which is often referred to as two-step verification, is an essential element of many security systems,… Read more

  •  
  • 7
  • 106
  •  
  •  
  •  

Julie Conroy

When it comes to fraud, financial institutions (FIs) find themselves trying to address competing priorities. On the one hand, the need for strong authentication and security continues to rise. Fraud and hacking attempts become more sophisticated each year, and new laws and regulations require stronger customer authentication security – potentially adding more friction to the customer experience. However, consumers have… Read more

  •  
  •  
  • 2
  •  
  •  
  •  

selfie

The Economic Growth, Regulatory Relief, and Consumer Protection Act was just signed into law by President Trump.  Also known as the Dodd-Frank Repeal, the new law removes many of the regulations imposed on banks after the financial crisis and the Great Recession of the late 2000s.  As with most laws, the Act includes numerous provisions. Among these is Section 213,… Read more

  •  
  •  
  • 1
  •  
  •  
  •  

mobile

As part of a secure and seamless mobile first strategy, banks, credit unions, and other financial institutions must rethink the customer journey. Financial institutions strategically aim for customers to do more with mobile while minimizing fraud exposure tied to untrusted, high-risk devices. To enable growth in the mobile channel, financial institutions need to provide fast, convenient, and frictionless high-value services… Read more

  •  
  •  
  • 9
  •  
  •  
  •  

Frederik Mennes

One of the most discussed requirements of the final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and Common and Secure Communication (CSC) under PSD2 is the requirement to perform so-called “dynamic linking” to authenticate a financial transaction. The dynamic linking requirement has three parts. First, it requires a payer to authenticate a financial transaction by calculating an authentication… Read more

  •  
  • 5
  • 9
  •  
  •  
  •  

Mobile Banking

The mobile channel doesn’t grow itself. It requires a strategy, a team committed to execution, and constant care and grooming. As financial services organizations embark on mobile-first initiatives or offer more and more mobile services to their customers, they prioritize three goals: 1. Optimize both user convenience and security 2. Stay ahead of the curve on mobile security and authentication… Read more

  •  
  •  
  • 2
  •  
  •  
  •  

Multi-Factor Authentication

The following article, authored by Michael Magrath, Director, Global Regulations & Standards, first appeared 2/28/18 on CSO Online. The New York State Department of Financial Services (DFS) regulates over 1,400 insurance companies and approximately 1,500 banks and financial institutions1. Not surprisingly, with New York being the “financial capital of the world,” the overwhelming majority of U.S. financial institutions and many… Read more

  •  
  •  
  •  
  •  
  •  
  •  

swipe

The following article, authored by Giovanni Verhaeghe, Director Market and Product Strategy, VASCO, first appeared 2/4/2018 in the Financial IT.net blog. Mobile banking apps and the devices they run on are increasingly at risk for compromise by cybercriminals. New, sophisticated methods of attack have rendered the classic username-password scheme outright obsolete. Even the more secure but still basic two-factor authentication… Read more

  •  
  •  
  • 9
  •  
  •  
  •  

Face ID

Face ID is fast becoming a differentiator for organizations that want to provide a frictionless mobile experience. While biometric authentication remains the exception and not yet the rule, the analyst community strongly believes digital businesses, especially banks, need to pay attention. For example, in the recent Hype Cycle for Digital Banking Transformation, 2017, Gartner recommends that digital businesses develop world-class… Read more

  •  
  •  
  • 130
  •  
  •  
  •