Tech Talk: Bank attacks, mobile tools, call center fraud, and more!
- North Korean attacks on banks
- Fed's fraud working groups established
- Worldpay merger and a tech partnership
- Cross-platform core banking solution
- Mobile tools for community banks
- Criminals targeting financial call centers
- Malicious threats from within
- A risk-based authentication solution
- Banks considering digital currency
- Spam, Scams & Breaches
- Updates, Patches & Alerts
- and on the lighter side...
North Korean attacks on banks
According to a new report released by a panel of UN security experts, North Korea is evading international sanctions by launching cyberattacks to illegally force the transfer of funds from financial institutions and cryptocurrency exchanges. To help stop North Korea's actions and attempts to avoid sanctions, the panel included several recommendations in their report, including advising member states to share information about North Korea's capabilities with banks and other financial institutions. Finextra has the details.
Fed's fraud working groups established
In an effort to enhance the quality and consistency of ACH, wire, and check fraud data and improve the U.S. payment system, the Federal Reserve has established fraud working groups. Members of the Fed's Fraud Definitions Work Group that will work collaboratively with Fed leaders to examine existing payments fraud definitions and formulate recommendations for improving the payment system have been announced. Participants of the Fed's Fraud Definitions Community Interest Group will provide input and follow the efforts of the working group. ATM Marketplace has the details.
Worldpay merger and a tech partnership
In line with the "if you can't beat 'em, join 'em" philosophy, merger is becoming a strategic move in the payments industry game. Bank software and payment technology provider FIS has announced their acquisition of payments company Worldpay at the hefty price tag of $35 billion, reports Forbes. In a separate deal, Worldpay has partnered with tech giant Amazon to enable Amazon Pay as a checkout option for its merchants in the U.S. Finextra has the details.
Cross-platform core banking solution
One of the growing operational challenges facing banks today is the use of outdated, core legacy technology that inhibits their ability to offer more innovative products and services. To help financial institutions facilitate transactions across multiple channels and provide a unified view of accountholder information, information and technology solutions provider VSoft has launched a cross-platform core processing system built on advanced browser-based technologies. The Wings platform provides real-time, high-volume transactions across multiple channels and features customizable business rules and thresholds for configuring and launching new products quickly, reports ATM Marketplace.
Mobile tools for community banks
To help level the playing field for smaller banks struggling to compete against the bigger bank players in the digital banking game, fintech firm Urban FT Group has partnered with ICBA Bancard to launch mobile banking tools for community banks. The Community Access program features financial tools that include program setup and compliance, card issuance and fulfillment, instant account opening, and cardholder support. Banking Technology has the details.
Criminals targeting financial call centers
With the widespread adoption of digital banking channels, customers rely on call centers when they need help navigating online banking, mobile banking apps, and P2P (person-to-person) payments. A new report on the state of call center authentication released by TRUSTID found that financial services call centers have become the top vector of choice for criminal attacks. As criminals continuously up their game to penetrate call center security, banks need to arm their call centers with defensive measures to authenticate customers and mitigate fraud. Business Wire has the details and a link to the full report.
Malicious threats from within
Careless workers, disgruntled employees, malicious insiders, and irresponsible third parties pose the greatest risk to organizations from the insider. According to the 2019 Verizon Insider Threat Report, 20 percent of all cybersecurity incidents and 15 percent of data breaches in 2018 were caused by employees or partner organizations. Financial gain is one of the primary motivators in most cases involving insider fraud, while some malicious players do it just for fun or as an act of espionage. Threatpost has the details.
A risk-based authentication solution
With the exponential growth in global digital commerce, CNP (card-not-present) fraud is on the rise. According to a recent Juniper Research report, retailers could lose $130 billion by 2023 to CNP fraud incidents. To help mitigate CNP fraud, global payments technology firm FSS (Financial Software and Systems) has launched a risk-based solution for digital transactions with behavioral analysis and biometric verification measures to authenticate cardholders and defend banks and customers against CNP fraud while delivering a frictionless transaction experience. PR Newswire has the details.
Banks considering digital currency
With the potential for increased revenue opportunity and faster real-time transactions with reduced settlement times, tech giant IBM reports that more banks are considering jumping on the bank-backed digital currency bandwagon. Last month, JPMorgan announced its plans to issue JPM Coin and use the bank's private blockchain to speed payments among corporate customers. IBM is working with multiple U.S. banks on digital currencies and is allegedly in talks with two financial firms interested in issuing stablecoin – a digital token that is pegged 1:1 to an established currency like the U.S. dollar. Bloomberg has the details.
Spams, Scams and Breaches
- CIO Dive: Cybercrime's monetary toll on businesses
- Security Week: Hackers bypassing MFA on cloud accounts
- Help Net Security: Massive drop in DDoS attacks, thanks to the FBI
- Threatpost: Lenovo patches Intel firmware flaws in multiple product lines
- Krebs on Security: The insecurity of phone number verification and authentication
Updates, Patches and Alerts...
- US-CERT: Current Activity
- Sophos: Intel releases patches for code execution vulnerabilities
- SC Magazine: WordPress releases 14 fixes in latest security updates
- eWeek: Mozilla improves web browser security in Firefox 66 update
- Security Week: Chrome, Firefox get Windows Defender Application Guard extensions
See what other current hot cyber and technology topics affecting financial institutions BOL users are discussing in the Technology Forum.
And on the lighter side...
Not all "scams" are perpetrated online. If you’ve ever checked in for a flight at the airport with an overweight bag, you've probably been subjected at one time or another to the luggage weight scam by the airlines as they do everything they can to get an extra dollar out of you when you exceed their weight limits.
First published on 03/22/2019