A few months ago, when the OPM breach first hit, and the OPM said it would leverage a third-party to send out notification emails to affected individuals about the compromise, we warned of the dangers of this approach. Read more
Detect Safe Browsing (DSB), our secure browsing solution, now makes it even easier to defend users against the advanced malware that enables man-in-the-middle and man-in-the-browser attacks. Read more
Last night, password management company LastPass notified users in a blog post that it had been the target of a hack that accessed users’ email addresses, encrypted master passwords, and reminder words and phrases the service asks users to create for those master passwords.
In general, we are not a fan of password management tools. While they provide convenience, a central repository of any sensitive data is always going to garner greater attention from hackers.
Last week, millions of government employees were probably quite nervous to hear that their personal data had been stolen by hackers (likely from China), who gained access to a trove of data from the Office of Personnel Management. This week, the same office is opening up even more government employees to more risk, based on their response to the breach. The OPM announced that they will notify all impacted individuals by email, which makes not only the affected individuals, but also anyone else who is worried that they might be affected, now a ripe target for a phishing attack.
ATM skimming remains a big business for organized crime rings. According to a recent article in ATMMarketplace.com, card skimming accounted for more than $2 billion in losses. One new approach that banks are exploring to mitigate this particular vector of fraud, is the notion of using smartphones as a second Read more
With iOS and Android’s dominance in the mobile operating system market, it can be easy to overlook that a still-significant portion of the world’s smartphone and tablet owners use other operating systems. Windows Phone and Blackberry are not as popular in the US as iOS or Android, but their usage is considerably more common in many European, Asian and Latin American countries. This proportion of Windows Phone and Blackberry users also rises significantly higher when focusing on the enterprise and government sectors, where tight security and lack of exposure to malware is held in higher esteem compared to the general population. The tendency is for many major app developers is to concentrate on iOS and Android and let other mobile operating system applications languish for months without updates. But financial institutions should resist this temptation, not only because it leaves a chunk of customers with no way to securely perform mobile transactions, but also because it denies banks a way to offer these customers value-added activities that can generate revenue. Read more
DetectID, Easy Solutions’ flexible authentication platform, just made strong mobile authentication for businesses and their users even simpler. The newest version of DetectID expands the functionality of the SDK-based mobile authentication solution. Mobile Authentication is built from the ground up to provide frictionless authentication using native push notifications, soft token and QR Code. The new features in the latest edition of DetectID include: Read more
In the last two days, we have seen a lot of media coverage around Apple Pay being used for fraudulent activities by criminals with stolen identities and credit cards. The news were first reported by The Guardian. Many of the articles highlight that fraud is stemming from a back door in the activation process called the “yellow path”. The yellow path is the process by which the bank can put the card activation on hold to do additional verifications. Read more
The implementation of same-day Automated Clearing House (ACH) transactions has been getting a good amount of media attention lately. In a letter to NACHA (the Electronic Payments Association) on February 4, the American Bankers Association expressed their support for a proposal to implement same-day ACH transactions. ABA believes that widespread adoption of same-day ACH transactions represents a fundamental step to promote faster payments across the entire industry, as it would level the competitive playing field for all financial institutions while allowing account holders to benefit from expedited settlement. Read more
Fraud managers spend a staggering amount of time making sense of the data resulting from fraud intelligence tools. The newest version of our proactive fraud intelligence and brand protection solution, Detect Monitoring Service, now allows fraud managers to build customized reports with all of the anti-fraud information that Detect Monitoring Service collects, personalized to meet their specific needs. Read more