Tech Talk: Virtual data tracking, innovative lending programs, emerging fraud, and more!
- Regulator investigates data leak
- NYDFS chief champions for consumer protection
- Virtual "dye packs" track stolen data
- New mobile banking trojan has emerged
- Instant bank transfers via Venmo
- Emerging payments bring emerging fraud
- New digital lending platform
- Crowd-designed mortgages
- The power of APIs and open banking
- Spam, Scams & Breaches
- Updates, Patches & Alerts
- and on the lighter side...
Regulator investigates data leak
Having cybersecurity regulations and guidance in place for financial services firms and other companies to comply with is just one step in the fight against cybercrime. Putting the appropriate measures in place to comply with those standards and being held accountable when firms fail to do so are key elements to protecting consumer data. The SEC (Securities and Exchange Commission) has announced the launch of its investigation into First American Financial for the breach disclosed in May that occurred because of a "design defect" in the firm's website, exposing more than 885 million personal and financial records tied to mortgage applications going back to 2003. Krebs on Security has the details.
NYDFS chief champions for consumer protection
Recently confirmed, the New York Department of Financial Services (NYDFS) Superintendent Linda Lacewell is directing her efforts on fintech, cryptocurrency regulation, and consumer protection. Lacewell has announced the formation of a Research and Innovation Division to encourage innovation in the financial services marketplace. In addition to promoting fintech developments, including licensing and supervising virtual currencies, Lacewell has stated that her office will also focus on anti-money laundering enforcement and push hard on consumer protection issues, reports Bloomberg Law.
Virtual "dye packs" track stolen data
Many financial institutions use dye packs in teller cash drawers to aid in the tracking and apprehension of bank robbers who get away with stolen loot. To aid in the apprehension of today's virtual bandits targeting banks with cyber heists, a new type of tracking method known as beaconing can help financial firms track data in the event of a breach. The latest version of the proposed Active Cyber Defense Certainty Act (ACDC) – commonly referred to as the hack back bill – would revise the Computer Fraud and Abuse Act (CFAA) to absolve companies from legal ramifications for pursuing defensive cyber activities and using beacons. CIO Dive has the details and the potential pitfalls of these defensive measures.
New mobile banking trojan has emerged
Old-school bank robbers used demand notes and armed weapons as their modus operandi to pilfer cash from banks and banking customers. Today's tech-savvy thieves are taking advantage of the booming malware-as-a-service market to get the job done. A new Android banking trojan with some unusual features, such as being able to determine if its running in a sandbox or live environment and coming fully equipped with infrastructure support, has emerged in underground forums. Dubbed Cerberus, banks should be on the lookout for this innovative banking malware that researchers predict has the potential to become a major mobile banking threat. Threatpost has the details.
Instant bank transfers via Venmo
Last year, PayPal-owned Venmo added a new feature to its digital wallet service that enabled users to instantly transfer money from their Venmo account to an eligible Visa or Mastercard debit card within minutes (for a small fee). The popular P2P (peer-to-peer) payments provider is rolling out another transfer option. In lieu of waiting several days for a standard bank transfer, the new feature will allow users to transfer funds to their linked bank accounts within minutes (for the same small fee). Banking Dive has the details.
Emerging payments bring emerging fraud
The global payments market is experiencing exponential growth as the way consumers pay for goods and services – and their choice of digital payment providers – are increasing. The challenge for many banks struggling to meet the growing demand in digital payments lies in pairing emerging payments technology with legacy systems or upgrading to complex infrastructure while mitigating risks. According to recent research conducted by global research firm Forrester and commissioned by Visa, 61 percent of financial institutions and merchants surveyed believe that evolving payment options will result in an increase in fraud. Dark Reading has the details.
New digital lending platform
One of the world's largest banking and financial services providers has teamed up with one of the industry's leading technology platforms to streamline online personal loan applications. In partnership with Amount, HSBC has launched a new digital lending platform that enables consumers to evaluate loan options, submit applications online, receive a credit decision within minutes, and (if approved) get funding as early as the next day. Finextra.
U.K.'s digital challenger bank Tandem is taking a non-traditional approach to mortgage lending. The mobile-only bank is developing crowd-designed mortgages and leveraging open banking to implement a new credit scoring method, reports Finextra. Saddled with regulatory constraints, the financial services industry was hesitant to adopt cloud technology. With regulator attitudes and support for the technology changing with the times, financial services firms are increasingly embracing the cloud as part of their digital transformation strategy. ComputerWeekly has the details.
The power of APIs and open banking
Not that long ago, to meet evolving consumer needs banks and credit unions had to make costly, time consuming upgrades to core legacy systems. Today, open banking and APIs (application programming interfaces) are helping financial institutions of all sizes quickly and seamlessly integrate new technologies, reports Finextra. Driven by increased competition from fintech players, open banking and APIs are one of the top emerging trends in the financial sector. With significant impacts of this growing trend on the financial services industry, banks should make the move now to an API ecosystem that enables them to provide a more customer-centric experience. Finextra has the details.
Spams, Scams and Breaches
- Sophos: Android users vulnerable to pre-installed malware
- CIO Dive: Hackers breaching legacy, unpatched office printers
- Help Net Security: Personal and biometrics data of more than 1M people exposed
- Krebs on Security: Detecting fuel pump payment skimmers? There's an app for that!
- Krebs on Security: Phishing email led to ransom attack targeting QB cloud hosting firm
Updates, Patches and Alerts...
- US-CERT: Current Activity
- Help Net Security: Optimizing the patch management process
- Bleeping Computer: Microsoft's August 2019 Patch Tuesday fixes 95 vulnerabilities
- ZDNet: Adobe security patch update tackles Photoshop, Acrobat, Reader, and more
See what other current hot cyber and technology topics affecting financial institutions BOL users are discussing in the Technology Forum.
And on the lighter side...
Technology has evolved exponentially over the last several decades. Some of us more "seasoned" folks have fond memories of how things used to be before technology took over. The Baby Boomer generation will fondly remember those nostalgic days with a little trip back in time (while the younger generation will probably be thankful for the tech they have today).
First published on 08/16/2019