Thursday, March 26, 2015

Gmail Bill Pay a Bigger Threat to Banks than Google Wallet

Google's planned integration of bill pay and presentment with its immensely popular Gmail service could quickly scoop away one of the stickiest offerings of online banking sites.

Image source: Article
The product, reportedly called "Pony Express," would allow Gmail users to examine and pay emailed bills without navigating to another site.

Does your CU typically rely on emailed notifications to prompt customers to log into your own site, where you can sell upgrades and provide customer service?

Wednesday, March 25, 2015

Dangerous 'Vawtrak Banking Trojan' Harvesting Passwords Worldwide

Security researcher has discovered some new features in the most dangerous Vawtrak, aka Neverquest, malware that allow it to send and receive data through encrypted favicons distributed over the secured Tor network.

Image source: Article
Vawtrak is a sophisticated piece of malware in terms of supported features. It is capable of stealing financial information and executing transactions from the compromised computer remotely without leaving traces.

What protection measures do you have in place to protect your systems and your members?

Monday, March 23, 2015

Facebook marks its territory in mobile payment with peer-to-peer tool

Facebook announced this week that it's adding a new payment feature to its Messenger app.

Image source: Wired
The peer-to-peer payments service, which will roll out in the U.S. in a few months, allows desktop and mobile users to link their debit card information to Messenger and instantly send money to Facebook friends through the app.

What, if any, implications the service will have for your CU and your members?

Friday, March 20, 2015

Data Breaches Hit Half of America: Verizon Report

Almost half of all American consumers (45%) said data security breaches have compromised their personal payment information or that of a household member, according Verizon’s 2015 PCI Compliance Report.

Image source: Hubspot
Verizon Enterprise Solutions, a subsidiary of the communication firm, published the report March 12. It was the fourth year Verizon has published the report, which looks into how firms comply with the Payment Card Industry Data Security Standard.

Are you using firewalls, antivirus, and authenticated access portals to protect your systems and your clients?

Tuesday, March 17, 2015

Cyber-Security Is Center Stage

Sen. Elizabeth Warren (D-Mass.) met with credit union executives following her general session address. The group discussed regulatory burden, cybersecurity and other key issues that concern credit unions.

Image source: Article
Cybersecurity emerged as the most prevalent theme, however, and every general address speaker covered the topic.

Do you share other CU executives' concern about cybersecurity?

Monday, March 16, 2015

Preparing for E-Discovery

One of the critical steps in managing litigation is properly handling electronically stored information, or “ESI.”

Image source: Article
The seismic shift to ESI is a significant challenge for businesses, but it doesn’t have to be overwhelming. Taking steps now to prepare for e-discovery will pay off in the future with significant savings in time and money. You can think about e-discovery in three stages: (1) prior to litigation; (2) anticipating litigation; and (3) during litigation.

Are you waiting until after you've been sued to think about e-discovery?

Friday, March 13, 2015

Hacking Update: Breach of Montana CU's Web Site Provides Vital Lesson

The recent hacking of a Montana credit union provides a stark lesson for CUs across the nation about the security of their web sites — namely that they aren't as secure as executives think.

Image source: Google Images
Last weekend, Southwest Montana Community FCU's web site was hacked by a group claiming to be the Islamic State (ISIS).

Read the full article>

MasterCard to Bring Biometric Security to Silicon Valley Credit Union

MasterCard is diving deeper into biometric security with a new credit union partnership, according to a Credit Union Times article by Roy Urrico. The company has teamed up with Silicon Valley’s First Tech Federal Credit Union.

Image source: Article
How the biometric technology will fit in with the rest of the security program is to be determined but MasterCard has confirmed that they will be exploring a multi-modal system employing face, fingerprint, and voice recognition.

Are you forward-thinking when it comes to biometric technologies?

Wednesday, March 11, 2015

The Best and Worst Credit Union Apps

Consumers want easy access to their funds and the ability to check balances on the go, make transfers in transit and deposit checks without heading into a local branch.

Image source: Article
Credit unions often get an unjust reputation as being behind the technological curve, but a 2014 analysis by Magnify Money shows 8 of the top 10 mobile banking apps were from credit unions.

Read the article to see which apps stand out from the rest. How do you stack up against the competition?

Tuesday, March 10, 2015

U.S. credit unions locked in cyber battle with their regulator

For Debbie Matz, the head regulator for 6,350 of the nation's credit unions, it's an easy answer: a cyber hacker sneaking in through a credit union vendor, cracking through to the larger U.S. financial system and wreaking havoc along the way.

Image source: Article
For years, Matz has warned about a general vulnerability of third-party vendors in U.S. financial markets, with little success.

Have you heeded the warnings?

Monday, March 9, 2015

XML Files Used to Distribute Dridex Banking Trojan

Cybercrooks have been leveraging malicious macros hidden inside XML files to distribute the Dridex financial malware, researchers have warned.

Image source: Article
It’s not uncommon for cybercriminals to use specially crafted Microsoft Office files that contain macros for malware distribution. However, attackers usually rely on Microsoft Word and Excel documents, not the XML (Extensible Markup Language) format.

Are you detecting these types of trojans?

Using Smart Phones to Improve Bank and Apple Pay Security

Recently, we've seen a lot of media coverage around Apple Pay being used for fraudulent activities by criminals with stolen identities and credit cards.

Image source: Article
Many of the articles highlight that fraud is stemming from a back door in the activation process called the “yellow path”. The yellow path is the process by which the bank can put the card activation on hold to do additional verifications.

Is your firm prepared to move beyond old fraud prevention technologies?
Post provided by:

Wednesday, March 4, 2015

How Same-Day ACH Transactions Will Affect Your Fraud Prevention Operations

by Damien Hugoo, Product Manager, Easy Solutions

The implementation of same-day Automated Clearing House (ACH) transactions has been getting a good amount of media attention lately. American Bankers Association (ABA) believes that widespread adoption of same-day ACH transactions represents a fundamental step to promote faster payments across the entire industry.

Image source: Article
Initial reaction has been that same-day settlement will pinpoint fraud more rapidly and as a result, customers will be alerted quicker. While part of this is true, there is major work to be done to pinpoint fraud faster.

In terms of fraud operations, right now most banks processes have a 2-day timeframe to tell the Federal Reserve that they want to return the ACH debit. With Same-Day ACH, banks will be forced to reengineer their entire fraud program and compress all their current processes into the 2-hour window. Subsequently, all ACH fraud prevention processes will have to start to be automated for those transactions.

Is your credit union prepared for these changes?

For information about real-time transaction monitoring download this whitepaper: An Introduction to Transaction Anomaly Detection.

Post provided by:

Tuesday, March 3, 2015

Apple Pay a haven for 'rampant' credit card fraud, say experts

Apple and its banker pals may have inadvertently lowered the barrier to credit card fraud by adding pay-by-wave technology to iPhones, security experts fear.

Image source: Article
Payment cards can be added to Apple Pay by taking a photo of the card, and allowing a device to run optical character recognition over the image to fill out the long card number, expiry dates and other details. These numbers can be entered manually, so physical access to a card is not needed.

Are you an early adopter putting your members at risk?

Monday, March 2, 2015

Brian Panicko demos CellTrust SecureLine for Good

With the integration of CellTrust SecureLine for Good and Good Work, financial advisors, agents, analysts, brokers and wealth managers can seamlessly and securely access corporate email, make secure phone calls to business contacts, and send secure text messages all from their personal device.

Because the employees’ personal devices are equipped with a second mobile business number, business and personal communications are kept separate and private.

Go to www.celltrust.com/finserv-good-knox/ to learn more about CellTrust SecureLine for Good for financial services organizations. Alternatively, if you're ready, give the app a try.

Mobile Security By The Numbers

As ubiquity of mobility paired with the availability of cloud continues to drive major technological disruptions within just about every type of enterprise transacting business today, CIOs and CISOs are increasingly put on notice to incorporate mobile into their security plans or risk irrelevance.

Image source: Article
Over the past several months, numerous surveys and studies have done a good job offering up some statistical proof points about the scope of the mobile security dilemma.

Read the article to see a collection of salient stats, including: