From the exposure of thousands of Citi cardholders to the Michaels debit breach, fraud continues to impact card issuers. Involving the consumer in prevention is a step financial institutions must take, says Javelin's Phil Blank.
A new consumer survey suggests healthcare organizations still have a long way to go in educating patients about the benefits of electronic health records and easing their concerns about security issues.
Former banking regulator William Henley has simple advice for banking institutions wondering how to comply with the new FFIEC authentication guidance update: "Start immediately, develop a plan, and document your progress."
Now that the FFIEC Authentication Guidance update has been issued, there is no more important task for banking institutions than to conduct their risk assessments, says Matthew Speare of M&T Bank Corp.
Doug Johnson of the American Bankers Association says banking institutions should spend the next five months focusing on their risk assessments, as they work to meet the FFIEC's new authentication guidance update.
Multifactor authentication and layered security are steps financial institutions should take to protect their customers. But certain strategies are more problematic than successful when it comes to preventing fraud.
RSA customers who feel victimized by last March's breach of the security vendor's computers have viable options that include continued use of the SecurID authentication tokens, those offered by competitors, or something entirely different: biometrics.
Despite increased incidents, major U.S. card issuers receive poor marks for card fraud prevention, according to a new study from Javelin Strategy & Research. The biggest area of concern: card-not-present fraud.
"I think we'll see some additional investments in fraud prevention tools as a result, and it could be EMV tokens or neural networks," says Jim Schlegel of ACI Worldwide, following the Fed's move on debit interchange fees.
"We appear to be asking DHS to take on new cybersecurity roles and missions while it is establishing its basic core competencies," Melissa Hathaway says. "Is this reasonable? Do we want DHS to become a first party regulator?"
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.