CONTINUE TO SITE »
or wait 15 seconds

Blog

What the FFIEC is doing to protect FIs and consumers against hackers

July 27, 2011 by Robert Siciliano — speaker, IDTheftSecurity.com

FFIEC is the Federal Financial Institutions Examination Council, which is a government body empowered to prescribe uniform principles, standards and report forms for the federal examination of financial institutions by and for numerous other government, public, private and financial entities.

If there is a “good” place for your tax dollars to head, it’s to the FFIEC. Very recently the FFIEC issued updated guidelines for financial institutions in regards to their cyber security and new threats your bank needs to counter.

Over the past decade as we have all (mostly) banked and bought stuff online, criminals have formed organized Web mobs to sniff out transactions and take over existing accounts, and in some cases, open up new accounts.

The FFIEC has certainly pointed this out, and at the same time, has made additional security recommendations based on new kinds of criminal hacking and new technologies to combat it.

Hacking in its many forms involves compromising a system from numerous vantage points. A network can be hacked from the inside by an employee or former employee with credentialed access or from the outside by seeking vulnerabilities in a network's technology. But more often hacking takes place when an account holder's access information, such as username and passwords are compromised.

To defend against all of these hacks, the FFIEC recommends to financial institutions what’s called a “layered approach” of anti-fraud tools and techniques to combat crime. Meaning, it’s not simply a matter of applying a firewall and having anti-virus to protect the network, but going much deeper in protecting many interaction points within the banking site (not just login) and using a variety of proven fraud prevention solutions.

This includes sophisticated methods for identifying devices and knowing their reputation, including past and current behavior and other devices they are associated with, the moment they touch the banking website.

The FFIEC has recognized complex device identification strategies as a viable solution that’s already proven strong at very large financial institutions. ReputationManager360 by iovation leads the charge with device reputation encompassing identification and builds on device recognition with real-time risk assessment, uniquely leveraging both the attributes and the behavior of the device.

Robert Siciliano is a consultant and identity theft expert and contributor to iovation. To visit his YouTube channel, clickhere.

About Robert Siciliano

None

Connect with Robert:

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
Eurasian Bank selects Diebold Nixdorf's self-service software
First National Bank to open 30 branches
Romanian man arrested for alleged cash trapping ATM scheme
Replacing the ATM: Pros and cons of new vs. remanufactured
Chase partners with The Points Guy for Make-A-Wish sweepstakes


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'