Payment fraud

There is always the chance that privileged employees will either become bad actors who use their access to confidential data for their own gain, or that they will succumb to a hacking attempt and thereby open the door to an external bad actor, says Unisys' Maria Allen.

If firms don't enroll consumers quickly for card accounts, it suggests other elements of the institution may also be suspect, says Kofax's Dermot McCauley.

The mobile payment revolution has made mobile banking apps even more lucrative and attractive to crooks.

Visa is offering four new security tools to assist merchants, acquirers and card issuers by disrupting fraud in real time.

Digital incentive marketing, gift cards and loyalty points creates more information to attract crooks, says PerimiterX's Omri Lluz.

Machine learning can build a layered defense, and analysts don't have to spend as much time combing through data to spot threats, says Exabeam's Anu Yamunan.

U.S. firms have been reliant on data aggregators like credit bureaus and other data companies to provide identity verification services, says Entersekt's Jennifer Singh.

The Gulf region poses significant and unique challenges in AML, KYC and other compliance checks, according to Accuity's Nirhjar Daripa.

The difficulty of detecting synthetic fraud has caused it to quickly develop into the primary method of attack for criminals, says Monica Eaton-Cardone, COO of Chargebacks 911 and CIO of its parent company Global Risk Technologies.

Developers have expanded availability of digital identity and biometrics, but traditional methods are holding strong as most companies still rely on usernames and passwords.

There is no silver bullet when it comes to cybersecurity—and that goes double for the cloud, says Justin Fier, director for cyber intelligence and analysis at Darktrace.

Many businesses are not doing enough to protect their client sensitive PII information. They do not realize that internet and cloud services are not bullet-proof, says Pravin Kothari, founder and CEO of CipherCloud.

Under the regulation, banks and financial services providers must secure their own systems as well as implement third-party risk management programs, which can mitigate insider threats from third parties, says Michael Magrath, director of global regulations and standards for OneSpan.

Most cloud storage systems have gaps that open the door to account takeover, API attacks and other threats, argues Pravin Kothari, founder and CEO of CipherCloud.

To address users’ privacy concerns, secure data and avoid litigation or fines while delivering a competitive customer experience, financial institutions must adopt a customer digital identity and access management (CIAM) strategy, says ForgeRock's Ben Goodman.

A traditional rules-based fraud system will not be capable of detecting synthetic identity fraud. A combination of supervised and unsupervised machine learning algorithms must be implemented to process the data necessary to effectively segment good and bad identities, says Steven D'Alfonso, research director at IDC Financial Insights.

Artificial intelligence software could even be used to analyze and score credit transactions as is done for banking transactions, writes Monica Eaton-Cardone, COO of Chargebacks 911 and CIO of its parent company Global Risk Technologies.

As strategic planning season kicks off, credit union boards and executives must consider whether they’re doing enough to prevent evolving cybersecurity issues, including account takeovers.

The bank is taking a concept that has worked for years in the credit card world — artificial-intelligence-based fraud detection — and applying it to corporate customers' transactions.

From data rights to common security measures, organizations that provide clarity on how companies handle financial data and access can pave the way to more fruitful relationships, writes Steve Smith, chairman, CEO and co-founder of Fincity.