Today, cybersecurity and data breach threats are at the forefront of every company’s security plan, and if they are not, they should be – for the security of the company, as well as the security of their employees, customers and end users. This is especially true in the financial industry where consumers are plagued with concern over the safety and security of their financial and personal data, especially when engaging in digital banking and e-commerce transactions.
With more and more countries moving to chip based (EMV) payment cards for the added security the cards provide to consumers as well as the reduction in card present fraud that is realized, but there is now a shift in fraud models. With the mass adoption and implementation of EMV cards, fraud is now moving from card-present transactions to online channels of card-not-present (CNP) fraud. Today, CNP fraud is the fastest growing type of fraud worldwide and occurs during online and mobile transactions. That being said, there are many security features available today that allow digital banking and e-commerce transactions to be secure and transparent to the user.
Central to the problem is also the solution – a secure identity. While identities can be easily compromised, they are also easily secured. Today, nearly 100% of breaches start with a stolen identity or credential. It is important that when financial institutions look at ways to increase their level of security that they look to solutions like multi factor authentication (MFA) and transaction push notifications which allow the user to confirm their identity, transactions and purchases on their mobile device. Adding MFA security simply means increasing the security of the transaction by adding something that a fraudster would not have access to in order to complete the transaction. Examples of a “second factor” are a user personal identification number (PIN) or a push notification to a user’s enrolled mobile phone.
In an effort to help the nation combat cyber criminals, the White House recently announced a comprehensive Cybersecurity National Action Plan which will increase the nation’s cybersecurity budget by more than 35% and address the severity of the cyber security problem in the United States. The President calls for constituents to increase their awareness of cybersecurity and to ensure that their identity is secure by moving beyond using just a username and password when logging on to an account, he is calling for multiple layers of authentication when logging-in to online accounts.
Compromised identities can happen at any time, to anyone, but financial institutions, enterprises and governments alike are taking action to ensure that their consumer’s transactions are secure. As more and more applications move to the cloud and as users continue to adopt various devices for transacting, securing just a perimeter is no longer sufficient. Today and into the future, the traditional security risks will remain and will continue to require vigilance. However, going forward it will be important that the entire ecosystem of an organization be secured, from cloud applications to on-site servers to user identities. By ensuring layers of security to the entire ecosystem, consumers will benefit from not only secure transactions and identities, but also easy-to-use and complete digital banking and e-commerce transactions.