What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.
Despite previously announced plans to appeal last month's ruling in the ACH fraud lawsuit filed by Experi-Metal Inc., Comerica Bank now says it has resolved to pay the $560,000 in damages and close the case.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
ThreatMetrix's Taussig says strong authentication should be part of every financial institution's layered security approach. And according to expected changes to the Federal Financial Institutions Examination Council's 2005 online authentication guidance, that means proven measures to enhance device identification.
Wire fraud incidents from China prove current security measures, including multifactor authentication, are too easy to bypass. And security pundits say it all points back to why the financial industry needs more guidance about adequate online security.