Community

@Bjorn - Biometric templates are usually unique and secured while scanning ( Atleast Morpho devices) requires unique scan ID created with keys and difficult to break.

How can a transaction be posted with such unique ID with biometric authentication by Melware?

Actions welcomed from SWIFT. Look forward to further announcement of Five Point Security Plan by SWIFT.

Curious to know if SWIFT explores and includes -- Biometric Authentication of Transactions (for High value txns - Single or cumulative) needed before posting it to SWIFT - (may be pipe dream of mine ).

Certification and Audit are welcomed ( I assume it will be more serious now).

Thanks Ketharaman for the sharing it.

Most of Fintech startups being light weight and innovative can standalone can perform but after acquition they meet the fate, what a feather meets when a drops of water falls on it.

I think it will remain SEE SAW game before dust settles down.

HSBC India's branch network nevver went beyond Urban cities. Customer segementation was in upper band of HNI never came to the lower customer segments apart from corporate banking.

It looks like branch network consolidation as almost 50% of branches will be shut assuming customers are served through Hub Spoke clusters. 

Good strategy but doubtful whether it conicides with Indian banking scenario.

The modue operandi as per Kaspersky Labs report about the melicious code getting installed.

1. Core of the Cash Machine i.e. mainly OS of MS Windows 7/8. 

2. It's basically Terminal software clone getting injected into the ATM by hackers which gets activated as menu driven program.

3. If any one who worked on Diebold ATMs i1062 old machines which has similar functionalities ( OS was OS/2 WARP) of its TCS (Terminal Control Software). With supervisor ATM access password, ATM can be emptied easily as well as had option of read tracks and PIN entries as part of TRACE.

As far as PIN block is concern, if EPP can be controlled by such as marvel piece of software (sorry to appriciate melicious code) it matter of few commands to get the EPP codes.

ATM vulnerability which are specific to the above - USB ports on ATM being exposed for porting the melicious code or through internal network as mentioned by Kaspersky Lab.

SWIFT can take some best practices of Securities trading platforms which has more tight control for system control access.

SWIFT can build message gateway for External interfaces and PC based front and back office applications to post transactons. It can be further cascaded with fraud and risk module on same gateway for all such external interfaces before posting their transactions.

Joining Dotted lines - Bangladesh, X Bank of Y Country ( Swift did not disclose it) and Now Vietname belong to Asian region.

This seems to big cyber crime ring.

There can be two possibilities: 1. Asian hackers attacking asian countries - Less chances of such

2. Europe/Russian/African hackers attacking asian countries - I have seen it works in most of the attacks with history as old as year 2000.

You are as safe as your weakest Link.... more than decade old Security rule again proves right.

Bank has smartly put a model to underwrite the lending risks. Clever product.