UK BANKS STRUGGLE IN WAKE OF DATA SECURITY BREACHES

LOSSES & LAWSUITS

Data security losses are occurring so frequently that banks need to continually modernise their anti-fraud defences to keep pace. Exposure on the same scale happened in the US, with the Bank of America and TJX data loss scandals, but most monitoring systems designed to pick up unusual account activity are not designed to operate on this scale of exposure.

Fraudsters could create new accounts or, more likely, hijack existing ones. "The risk of existent accounts being taken over by fraudsters is greatest. Once you've bypassed the initial authentication process, you can do wire fraud, online fraud, via the call centre, and that's where the risks lie," says Amir Orad, executive vice-president and chief marketing officer for risk management software firm Actimize.

Existing monitoring systems need to strike a difficult balance between under-monitoring a vast exposure, and over-monitoring, which leads to an increased level of false positives, creating cost, inconvenience and inefficiency for banks and customers.

"The only way around the problem is to improve analytics and false positive rates. An enterprise-wide approach is needed to look at risks across the internet, automatic teller machines and elsewhere - combining systems," says Orad.

The cost of parallel investigations on different aspects of the same fraudster's activities have led many to extol the virtues of an umbrella enterprise risk management approach, which would force the fraudsters to continually move around to probe weaknesses.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact [email protected] or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact [email protected] to find out more.

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here: