A rash of denial of service attacks hit major US banks this week. These are scary incidents that wreak havoc for banks and their customers. For now at least, these attacks appear to be limited to online sites, and are therefore interrupting the online banking activities of the US public. Online banking is a mainstream [...]

Last Friday, the press began reporting about a major data breach at Global Payments, a large US card processor. As always in the early stages of such events, there were plenty of rumours and speculation with various sources reporting stolen card numbers to be as low as 50,000 or as high as 10 million. This [...]

Just about one year ago, the Chase website suffered a major outage. Today, chase.com is down again, this time with a revoked security certificate: This is a major issue, as no bank wants its customers to be presented with the message, “you may be communicating with an attacker.” This is how the browser (Google Chrome) [...]

Last week the FFIEC issued the long awaited Supplement to Authentication in an Internet Banking Environment. I read through the 12 page report (it’s actually 8 pages with a 4 page appendix), and kept reminding myself that I should try to look at this in a cup half full manner. Yes, I can be a [...]

The BAI Retail Delivery conference is just coming to a close, and I attended along with the my colleagues in the Celent banking team. Attendance definitely appeared to be up over last year. The 2009 event was depressing from an attendance perspective, and I was happy to see the ramp up. The Las Vegas venue [...]

I just returned from the Digital Insight National Client Conference in San Antonio. I was invited to speak on social media for banking, and I also took some time to attend several of the sessions. One of the sessions I attended was a panel discussion with a group of four commercial businesses. These middle market [...]

I recently blogged about why Businesses Require Better Protection Online. The writeup was based on a warning from the FDIC that was aimed at businesses who bank online. Last week, a firm called Genlabs Corp. had $437,000 fly out of their account. Username, password, and token were compromised as fraudsters gained access to the account. [...]

Banks have taken many steps to protect customers online. Multifactor authentication (MFA) , policies for online banking, and consumer education, are among some of the sentries in place. The FDIC however issued a warning last week specifically aimed at the business online banking / cash management space. The alert relates to financial institutions that provide [...]

Banks have been issuing tokens to their business and corporate customers for some time. These multifactor authentication devices typically generate a one-time password that the user is required to provide upon login or to confirm a specific activity (e.g. the release of a wire transfer). Customers with multiple banking relationships end up lugging around a [...]

Tough times bring about some pretty unfortunate acts. Disgruntled employees are a huge risk as they can do quite a number on bank assets and customer information. There is no doubt, the number of internal fraud incidents we are hearing about these days are on the rise. It’s unfortunate but true. However, internal fraud is [...]