Category Archives: Fraud & Security

Fraud & Security 5 Reasons Cyber Scoring Is the Next Big Idea for Credit Unions

Cybersecurity posture score dial
Mar212017

The greatest risk to credit unions and CUSOs today is the loss of your members’ trust and financial safety. Can your institution survive a cyber breach? Understanding your cyber risk is a critical part of protecting yourself and your members. That’s why we launched the FICO® Enterprise Security Score last year. And now, our cyber score has been selected as one of 5 big ideas to be presented at the National Association of Credit Union Service Organizations (NACUSO) 2017 Network Conference “Next Big Idea Competition.” Why is cyber scoring the next big idea for credit unions? Fraud/cybersecurity is the top priority for credit union CEOs and, by extension, CUSOs. Today’s breach risk measurements are inadequate and inaccurate. They’re manual rather than scalable, judgmental rather than empirical, point-in-time rather than predictive. ESS is rapidly deployed. You don’t install software, you just throw a switch. ESS is multi-tenant, so CUSOs can rapidly... [Read More]

Leave a comment

Fraud & Security Why the Panama Papers Leak Was Good for KYC

Panama Papers illustration
Mar132017

For many banks, KYC — Know Your Customer — means asking them how they intend to use a product, where the funds are coming from for their new account, etc. At the same time, the bank will check the customer against sanction lists, PEP (politically exposed persons) lists, and so forth. It’s not enough. Some hard evidence that it’s not enough came in 2016, when the so-called Panama Papers leak revealed that thousands of people worldwide owned a shell company in one of the countries covered. This was, needless to say, not something those individuals had disclosed to their banks. Should banks care? Absolutely. Under the KYC requirements that are part of current regulations, such as the 4th EU Money Laundering Directive and the fifth pillar of the BSA, the bank needs to know the business of their customers. If a customer owns an offshore company, it’s quite possibly so... [Read More]

Leave a comment

Fraud & Security Hackers vs. Dracula: Biometrics Are No Silver Bullet

Bela Lugosi as Dracula
Mar082017

I’m not a big fan of vampire movies—I’d pick Blackhat over Abraham Lincoln: Vampire Hunter any night of the week—but there are a lot of similarities between hackers and vampires. First, they’re afraid of the light. What hacker wants his true identity to be revealed? Second, they suck the blood out of their victims. Whether stealing data or demanding payment for ransomware, “bloodsucking” is one of the kinder adjectives used to describe cyber criminals. However, even though vampires are theoretically immortal, vanquishing them is pretty straightforward; any True Blood fan can tell you that a wooden dagger or silver bullet will do the trick. It’s not quite so easy to stop hackers in their tracks.  Encryption can be effective …  … but it’s not a stake through the heart of hacking. Data encryption is a highly effective defense against hackers, particularly in achieving HIPAA compliance to protect Protected Health Information... [Read More]

Leave a comment

Fraud & Security Why Do Hackers Commit Cyber-Attacks?

Dick Dastardly
Mar062017

Cyber-attacks are hitting the headlines on a daily basis and a lot of effort goes into both preventing them and dealing with the consequences when they have happened. Understanding the motivation behind attacks can help organisations understand more about the risks they face so that they can tackle them. So why do cyber-attacks happen? 1. For financial gain This is the most likely reason an organization get attacked. Criminals are looking to gain financially in three main ways: Data breaches to feed identity theft. Third-party fraud is fuelled by identity theft, and breached data gives criminals the information they need to take over someone’s identity. In the UK the CIFAS Fraud Scape 2016 highlighted a 49% growth in identity theft over the previous year. Criminal gangs are well-organised and operate on a commercial basis – there is a supply chain, those that steal data are unlikely to be the same criminals... [Read More]

Leave a comment

Fraud & Security Are Your Fraud Alert Replies Being Spoofed?

SMS screen with fake response to bank inquiry
Mar012017

As banks try to improve customer experience, reduce fraud and cut operational costs through interactive SMS, criminals have moved in to take advantage of the channel. The latest fraud scam involves ‘spoofing’ CLI (calling line identity) numbers to respond to SMS fraud alerts intended for customers. “Spoofing” SMS or texts might seem like something teenagers would do, perhaps sending fake texts on Valentine’s Day appearing to be from someone else. Instead, what’s happening is more sinister. If a credit/debit card transaction is deemed as suspicious, banks can alert customers through SMS, as well as through automated voice, mobile application push notifications and emails. If the transaction is genuine, the customer simply needs to respond to the SMS to confirm this, without actually having to speak to an operator in a call centre. What the fraudsters are doing is making a fraudulent transaction using a compromised card and then successfully ‘spoofing’... [Read More]

Leave a comment

Fraud & Security The 4 Questions to Ask When Choosing a Cybersecurity Score

Cybersecurity posture score dial
Feb272017

Cybersecurity scoring is similar in many respects to scoring for credit risk. Credit scores are widely used to underwrite loans large and small, and are trusted by both lenders and regulators as reliable, quantitative tools for assessing risk at both the loan level as well as the portfolio level. They enable lenders to price for risk, and have served not only to expand the availability of credit to consumers of all stripes, but also add valuable elasticity to the economy. As with credit scores, the best cybersecurity scoring solutions use empirically derived predictive analytics to profile business systems and the environment they operate in – including inferred behavioral and policy indicators – to derive a score. These scores can tell you how likely your organization is to suffer from a data breach – they provide a forward-looking assessment of an organization’s overall cybersecurity posture. Cybersecurity scoring is a relatively new... [Read More]

Leave a comment

Fraud & Security Report from RSA: Bangers, Mash, Security and OpportUNITY

Feb162017

The RSA Conference has descended upon San Francisco’s Moscone Center, bigger and more energizing than ever. With security an agenda-topping concern of many CIOs in 2017, the fervor to fight cybercrime is at an all-time high. While there was a wide range of top-of-mind topics being discussed, two topics in particular continued to show growing interest – artificial intelligence and cyber insurance. More on that in a minute. The theme of this year’s RSA Conference was “The power of opportUNITY,” and we had plenty of opportunities in San Francisco to showcase FICO’s unity with security professionals and industry influencers on similar missions. Two of these events took place in informal settings designed to encourage networking and dialogue: The Cyber+IoT Bangers and Mash Roundtable Breakfast, held on Tuesday morning in conjunction with the San Diego industry organization CyberTECH. This panel session focused on “Securing the Smart City” and featured guests such... [Read More]

1 Comment

Fraud & Security AI Meets AML: How the Analytics Work

Brain with AML highlihgted in neural pathways
Feb152017

The focus on financial crime, and the money laundering that funds terrorist attacks and other criminal activities, has forced the industry to look for smarter approaches. In the previous posts in this mini-series, TJ Horan noted that AI is the newest hope for compliance, and Frank Holzenthal explored the benefits that AI can bring to compliance officers. Now it’s my turn, and I’m going to explore the AI and machine learning technologies my team has integrated into the FICO TONBELLER Anti-Financial Crime Solutions. We have built on top of the FICO TONBELLER solutions using FICO’s battle-proven and patented artificial intelligence and machine-learning algorithms, which are used in FICO Falcon Fraud Manager to protect about two-thirds of the world’s payment card transactions. Industry experts have begun to realize the significance of analytics in combatting anti-money laundering. For instance, Aite Group LLC in its 2015 report Global AML Vendor Evaluation noted that... [Read More]

Leave a comment

Fraud & Security Stamping Out Financial Crime in Kathmandu

Feb132017

It’s not often that we enter a greenfield market that is just on the cusp of significant growth, but earlier this month FICO announced its entry in the Nepalese financial market. Nepal is looking to grow its economy and the government recently called for enhanced risk management compliance capabilities to help combat cases of financial crime in the country. “There is clear evidence that economic and financial crimes are some of the fastest growing offences globally,” said Dr. Chiranjivi Nepal, governor, Nepal Rastra Bank. “In Nepal, we can ill afford for these activities to drain our economy or to destroy business and banking confidence. It is therefore imperative that we match the technologies of sophisticated organized criminal groups, with advanced analytics to help banks closely monitor the vast volume of financial transactions they handle on a day-to-day basis.” With the perspective of regulatory compliance turning increasingly global, the Nepalese banks... [Read More]

Leave a comment