Financial institutions need to be vigilant against ID-based attacks

Entrust gives a step-by-step guide to winning the battle against identity thieves

Tags: Cyber crimeEntrust, Inc (
  • E-Mail
Financial institutions need to be vigilant against ID-based attacks Mark Reeves, senior vice president, International, Entrust.
By  Mark Reeves Published  February 17, 2014

3. Take a layered approach

It is worth noting that no single authentication or traditional fraud-detection solution can stop advanced malware on banks and other FIs.  It is the layering of different complimentary security technologies such as strong authentication; behavioural fraud detection; out-of-band transaction verification; mobile authentication; and extended validation SSL digital certificates that provide the best method of protecting customer identities and transactions in a banking environment.  

4. Explore advanced authentication techniques

The good news is that today, there are a wide range of strong advanced authentication techniques available. As online fraud attacks increase in sophistication, so does the innovation in authentication technology required to stop these attacks in the consumer space.

FIs should explore these advanced techniques like mobile-based transaction verification and dynamic device authentication, including one-time session cookies and digital fingerprints, rather than broadly using static-device cookie-based approaches.

Remember however, threats are ever-changing and growing. This means FIs must have an ongoing programme of investment to evolve their technology, people and processes. Security in this area should not be a one-time exercise.

5. Enhance customer awareness and education

Finally, we also advise that FIs involve the customer as much as possible to help fight fraud. Ongoing education and training programmes should be in place to ensure that everyone does their best to help protect and mitigate today's threats.  For example, some progressive banks are deploying security measures that notify customers when suspicious transactions are in progress and ask the customer to confirm that a given transaction is valid.

It is vital that consumer confidence is maintained. No bank or FI can afford the reputational damage that an online attack can cause. Continuous investment in security systems, processes and people is a must rather than a nice-to have, otherwise banks risk leaving customer data vulnerable to attack.

If you are interested in finding out more, you can download Entrust's latest whitepaper.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code