USD300million and rising, will security catch-up?

The breaking news from the US indicating that over 160million credit and debit card numbers have been stolen, whilst not unpredictable, is still quite staggering. Early estimates suggest around $300 million dollars has been stolen, but this figure looks likely to increase dramatically.

It appears that a group of criminals utilising malware to infiltrate large US companies and over time steal payment related data, which then was passed onto a second group who inserted this data on to magnetic stripes to clone bank cards, and completed the fraudulent transactions by either withdrawing cash from ATMs or making purchases.

Securing data is now at the forefront of many financial institutions minds, and as the methods by which hackers compromise our personal information becomes more sophisticated, so must our approach to security. 

Every time that a fraud hits the headlines there is naturally a huge focus on how the crooks got hold of all those personal banking details. But there is often less attention given to how they were then able to use the customer details to extract money from customer’s bank accounts.

Unfortunately fraudsters will always find methods to compromise our personal data. While that in itself is a major concern the solution lies in ensuring the abuse of such data can be detected and prevented. The key lies in real-time detection, prevention and immediate resolution enabled by the empowered customer. Technology is available today to absolutely achieve this, in real-time, totally privacy sensitive, highly secure and yet totally intuitive from a customer standpoint. In fact, in many cases the customer is not even aware that security is being applied as many of the techniques used are completely invisible. The answer is robust customer authentication and transaction verification, relative to the bank’s perceived risk of the transaction. It must have speed (real-time), strong security, efficiency, good customer service and ease of use, while shutting down the scope for fraudsters to benefit from their crime. Similar stories (while on a smaller scale) have been publicised for over a decade, and invariably the issues remain the same, surely it is now time for financial institutions to step up and utilise effective security systems that can protect against such massive theft of payment credentials and the inevitable fraud fall-out that has already occurred and will continue for some time to come.