The popularity and pervasiveness of online banking is good news not only for financial institutions but also for cybercriminals, who see easy targets in online banking customers. Cybercriminals have figured out how to convince customers to surrender their usernames, passwords and other types of personal information through phishing requests or via malware. In fact, there has been a fundamental shift in the way online crime takes place. It is happening on an immense scale that was simply not possible just a few years ago. This property and asset theft is being undertaken by skilled, organized, professional groups of people who use increasingly sophisticated techniques and collaborate to target organizations.
The threat landscape continues to evolve at a rapid rate that threatens to outpace today’s protection approaches and strategies. Looking at digital security in the context of the banking industry, it is clear that banks are currently struggling to find the optimal balance between customer service excellence and fraud prevention.
Simply increasing the amount of conventional protection is not the answer. This is because traditional approaches, ranging from heightened authentication requirements to complicated and frustrating verification processes, not only fail to effectively prevent fraud but can actually negatively impact the bank’s business. Instead, banks should focus on creating better systems and techniques to collect and analyze internal and external data, develop more meaningful algorithms and profiles, execute penetration testing against current strategies, detect changes in transaction patterns and develop more effective solutions. This approach could be thought of as collective defense.
As banks successfully transform themselves, we will ultimately experience the modernization of information security by the banking industry. One important element of this modernization will be a shift in banks’ threat protection operations. Rather than concentrating only on what happened in the past, the emphasis will move to understanding what is likely to occur in the future.
The challenges of fraud prevention and recommendations for how to get a better grip on security, regulation and compliance are discussed in further detail in a new IBM white paper. Through the transformation and modernization of banking industry security, fraud will be further reduced, customer service and satisfaction will impove, and banks will be able to grow and pursue their business goals with both confidence and agility.
Read the Paper: Modernizing Digital Security to Protect Banks from Fraud
IBM Distinguished Engineer and CTO IBM Security Europe
Martin Borrett is an IBM Distinguished Engineer and CTO IBM Security Europe. He advises clients at the most senior level on policy, business, technical, and ...