Memento provides next-generation technology and solutions that enable financial institutions to rethink and improve the way they combat fraud and manage compliance. Memento customers realize unmatched business value and rapid ROI.

Home > Forums > Bank Fraud Forum > Insights and Opinions > Data Breaches - Part Two

RECENT NEWS

View All

Expect More From Case Management

 2011_Memento_Case_Mgr_Brief_img_88x114         

Enabling better fraud and compliance decisions and more efficient case creation, management, and resolution.

Download the Case Manager Brief

bank fraud forum
< Back to listing

Data Breaches - Part Two

September 21, 2011 by Mike Mulholand
0 comment(s)

“We all have a part to play, and playing as a team we will be so much more effective than as individuals trying to do our solitary best.” That is a quote from a blog post I wrote back in June on how data breaches are more pervasive and premeditated than many understand. Because of this, we need to take extra precautions by having multiple security check points in addition to a robust back-end detection system. This is exactly the concept behind layered security.

At this point, many of us recognize that there are no silver bullets in the ongoing fight against fraud. Fraudsters use a variety of tools and they collaborate. Fraud prevention specialists such as ourselves need to do likewise.

Front-end protection and monitoring systems can provide excellent contextual information to back-end monitoring systems. The exposure that fraudsters face is that they have to come in through the same channels their victims use and those channels are monitored at least from the standpoint of logging activity. There are some excellent front-end products that do a much better job than just logging.

So let’s say we have a back-end monitoring system that is watching the output of the payments systems being accessed by the front-end applications. What happened before the monetary transaction was generated provides context for the transaction. That context will help the back-end system distinguish between unusual and risky. This improves alert quality and reduces false positives.

It’s not just the data the front-end systems can provide, they can provide alerts as well. If we know that xyz front-end system generated three alerts in the last week on this customer, and we know the circumstances of the alerts, we have a much better picture of the environment in which the transactions were processed. The more we know about my customer, the better we can determine if the behavior we’re seeing is them or not and more accurately assess the risk of the transaction.

I, for one, applaud the FFIEC for recognizing that it takes a multidiscipline team to effectively combat the ever more sophisticated fraudster we are facing, even though it felt a bit like a belated birthday card. It may not always feel like it, but layered security is a good thing, and it certainly beats the alternative: losses, law suits, customer bad will, brand depreciation, and mistrust.

 

Posted in: New Account Fraud Account Takeover Identity Theft Collusive Networks
Tags: data breach

Make a Comment

* = Required
*
*
*
*
 
Solutions Overview
Technology
Approach
Forums
About Memento
WE CAN ALSO BE FOUND:
  • facebook
  • linkedin
  • twitter

©2012 Memento, Inc. All rights reserved.
55 Network Drive Burlington, MA 01803
1-877-371-0673 |

Privacy/ Usage Agreement | Contact Us | Sitemap