Identity fraud is up, but banks are up to the security challenge
Posted on 14 March 2013.
In 2012, the total losses resulting from account takeover and new account fraud each rose by approximately 50% over the previous year. These two fraud types impact consumers most severely, and are historically more difficult for FIs to prevent and detect than any other major fraud type.

Today, Javelin Strategy & Research releases the firmís 2013 Banking Identity Safety Scorecard. For eight years, Javelin has evaluated the top 25 FIs by deposit size based on their consumer‐facing security features in the three fraud stages of Javelinís Protection, Detection, and Resolution Model.

Javelinís security research found that 5 of the top 25 FIs prohibit the use of the Social Security number (SSN) to authenticate a userís identity, up from none in 2011. While this represents a major improvement, 20% adoption is still distressingly low, especially with account takeover fraud at a seven‐year high. Yet, a promising consumer empowerment trend is finally gaining momentum among FIs Ė 40% of FIs are leveraging customersí unique knowledge of their own financial behavior to prevent fraud by blocking types of transactions the customer knows he or she would never initiate. User-defined limits and prohibitions (UDLAPs) are a powerful security supplement to behavioral and transaction monitoring.

Fraud prevention is a winning security strategy to both attract and retain account holders, as consumers strongly value security when choosing a new institution and the perception of security is a critical factor in attrition. Bank of America earned Best in Class for Bank Identity Safety, as well as Best in Prevention and Detection.

Bank of Americaís winning performance is due in great part to high scores in fraud prevention and detection, coupled with a strong fourth-place showing in resolution. JPMorgan Chase takes the Best in Resolution Award, which focuses on the FIís ability to effectively use customer service to restore consumersí funds, peace of mind, and confidence in the FI.

ďThe best security model is one where FIs and their customers partner together in securing financial accounts,Ē said Al Pascual, Industry Analyst Ė Security, Risk & Fraud at Javelin Strategy & Research. ďBy focusing on educating and engaging the consumer in security authentication decisions and procedures, the FI can most effectively prevent attacks and threats from plaguing their valuable customer base.Ē

Javelinís scoring system for FIsí identity safety capabilities is devised around the premise that preventive measures offer the greatest return to both the consumer and the FI. Prioritizing security features designed to prevent fraud can save FIs and consumers money well beyond the compromised funds themselves.

While early detection, efficient and comprehensive resolution may mitigate the impact of frauds which have already occurred, successful prevention deflects fraud attempts, reducing the costs associated with detection and resolution.

Javelin Strategy & Researchís 2013 Banking Identity Safety Scorecard evaluates financial institutions on their ability to prevent, detect and resolve emerging threats and attacks on their customers. It is based on the analysis of the top 25 financial institutions, by deposit size, based on their consumer‐facing security features and two online surveys of more than 11,000 consumers.

The report contains 66 pages and 42 graphs. The report evaluates: Bank of America, Bank of the West, BB&T, BBVA Compass, BMO Harris Bank, Capital One, Citibank, Citizens Bank, Comerica, Fifth Third, HSBC, Huntington, JPMorgan Chase, Key Bank, M&T Bank, Navy FCU, PNC Bank, Regions Bank, Sovereign, SunTrust, TD Bank, U.S. Bank, Union Bank, Wells Fargo, and Zions Bank.





Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //