Your source for the latest technology information of interest to community banks across America.
Subscribe to our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.
An Effective Strategy to Prevent All Browser-Borne Cyber Attacks
The Web browser has become the primary target for cyber attacks on credit unions and financial institutions in general. Advanced malware is increasingly undetectable and designed to exploit the vulnerabilities of every browser. This informative Webinar will explore ways to help make the Web browser an effective security tool that literally prevents all browser-borne malware attacks.
What you will learn:
• How and why cyber criminals are targeting Web browsers
• Why credit unions are now in the crosshairs of these cyber-criminals
• Why traditional security technologies have not been effective
• Browser strategies that can safely empower employees with Web freedom
Who Should Attend: Credit Union CIOs, CISOs, IT Directors, Security Professionals, and Risk & Compliance professionals.
Speaker: Franklyn Jones is a Vice President at Spikes Security. He has been involved in cyber security technology companies in Silicon Valley for more than 20 years, and has held management positions at Palo Alto Networks, Bromium, and Blue Coat. Over the years, he has spoken at security industry conferences across North America, Europe, and Asia, including IDC, Infosec, Interop, IANS, and others.
Date: Wednesday June 25th from 1 – 2:00pm Central
Costs: Complimentary
To Register: http://www.banktt.com/webinars.htm
WatchGuard announced that its UTM (unified threat management) and NGFW (next generation firewall) appliances allow users to deploy, configure and manage both wired and wireless network security through a single device in a 'single pane of glass' view. Version 11.9 of WatchGuard's Fireware operating system eliminates the need for additional wireless network management solutions and includes other services such as: AntiVirus, AntiSpam, Application Control, ATP and DLP.
Hewlett-Packard announced updates to the all-flash HP 3Par StoreServ 7450 Storage array that can push its cost below $2 per usable gigabyte. The company notes that this is the tipping point where flash goes from pricier to about the same as traditional 15,000-rpm HDDs (hard disk drives). HP claims that the 7450's deduplication algorithms help the system scale to higher capacity than arrays from other vendors, plus the 7450 can take in 460TB and deduplicate it without incurring a speed penalty.
|
Hardware Section Sponsored by
MVi |
Software Updates
Malwarebytes Anti-Exploit is a very light weight (3MB) background protection program that runs alongside traditional anti-virus software. It is low-maintenance because it doesn't use or need any malware signature updates. The free version of Malwarebytes Anti-Exploit protects the leading Windows browsers and Java, and helps prevent them from executing exploit code. The premium version adds protection for the core Microsoft Office applications (Word, Excel and PowerPoint), Adobe Acrobat and Reader, and other popular applications.
FICO is integrating 41st Parameter's TrustInsight with their Falcon Platform, which is used by more than 9,000 financial institutions worldwide. TrustInsight solution provides a real-time analysis of a transaction, crowd-sourced from a network of merchants, that produces a TrustScore. The TrustScore, integrated with the FICO Falcon Fraud Manager Platform, provides a link between data the merchant knows and data the issuer knows to enable issuers to utilize additional information that is not currently available in their fraud detection process, including the identification of a cardholder's "trusted devices." The companies believe that issuers can recover more than 30 percent of transactions declined for fraud reasons that are actually false positives with this new system in place.
|
Software Section Sponsored by
Raddon Financial Group (RFG) |
Wincor Nixdorf released the latest version of its PC/E Direct Marketing software and they say that it provides banks with an effective tool to individually address customers on ATMs, self-service terminals or digital signage screens. The software enables banks and external advertising partners to convey tailored messages to their customers, and it can also advertise offerings from other companies via various output media. A Java-based interface simplifies the connection to existing CRM systems and now allows dynamic data to be used. Advertising messages can also be defined for specific times, regions or events.
Using an old manual they found online, two ninth-graders in Canada placed a Bank of Montreal ATM into operator mode. They could view the amount of cash in the ATM, the number of withdrawals that day, and the day’s total of surcharges. They also found a way to change the surcharge amount, so they changed the surcharge amount to one cent and notified the bank of their actions and lack of basic security and password controls on the ATM.
Many anti-skimming devices have been successful in distorting card data which makes it difficult for criminals to extract card data from their skimming devices. However, a new form of skimming technique called stereo skimming undermines anti-skimming solutions. Through the use of two heads, the scammers can record both the jamming signal and the card data signal. The card data signal is then excluded from the jamming signal and converted into an analogue or digital format. While there is no evidence that these devices have been successfully deployed as of yet, the cost of ATM skimming incidents in the U.S. has risen to $50,000 on average, up from $30,000 a few years ago. Last year, ATM skimming attacks jumped by 12 percent and now represent 92 percent of all fraud at the ATM — making skimming the number one ATM crime globally.
|
ATMs/Kiosks Sponsored by
Heritage Industries |
A new report by the Center for Financial Services Innovation reveals that 10 percent of consumers using a smartphone to deposit a check had it returned to the originating institution due to fraud -- a rate more than double that of other check cashing methods. Going to a check cashing outlet right after depositing the same check via smartphone is the most common fraud scheme. "For providers, it is unclear who should absorb the losses -- the institution that processed the check first or the institution that possesses the physical check," the report states. "While regulation may favor the entity that possesses the physical check, obtaining reimbursement can be arduous."
Consumers making contactless payments via mobile devices will number 300 million worldwide by 2017, a near tripling from the 110 million in 2013, according to a new report from Juniper Research. The report finds issuers and hardware manufacturers seeding the market by pumping out more contactless cards and contactless-capable terminals, but faults the industry for stressing faster throughput at the point of sale while ignoring the potential for consumer engagement and product upselling.
CyberSheath’s analysis of 10 of 2013’s most notable cyber attacks found that privileged accounts were on each attacker’s critical path to success 100 percent of the time, regardless of the perimeter attack vector. The survey concludes that organizations have more privileged accounts than they know about and the risk of exposure they represent makes them urgent priorities.
Java has a bad legacy when it comes to security which is why security experts do not recommend installing Java on every desktop and server. A big problem is that in many companies, application compatibility prevents Java from being patched in a timely manner, e.g., monthly. Many security experts state that if you can't keep any software patched all the time on a regular basis, it is highly advisable to get rid of it.
Online & Mobile Banking:
Online and Mobile Banking – Improving & Bridging the Digital Channels
 |
|
Bluepoint Solutions - http://www.bluepointsolutions.com
Read Andrew Tilbury's comments: http://www.banktt.com/Bluepoint.pdf |
 |
 |
|
|
 |
|
Javelin Strategy & Research - http://www.javelinresearch.com
Read Mark Schwanhausser's comments: http://www.banktt.com/Javelin.pdf |
 |
|
Mercator Advisory Group -http://www.mercatoradsvisorygroup.com
Read Pradeep Moudgal's comments: http://www.banktt.com/Mercator.pdf |
By some estimates, acquiring new customers can cost eight to 10 times more than you would spend cross-selling products and services to existing customers. Cross-selling and up-selling efforts are not only more cost effective, but lead to much better customer loyalty. For example, one recent study showed that, on average, a consumer using one product will stay with a financial institution for 18 months while a consumer using three products will remain with that institution for seven years – almost 5 times longer.
Online Banking/E-Commerce/Website Design
The Aite Group just issued a report projecting that 70% of all U.S. credit cards, and about 41% of debit cards -- 1.1 billion cards in total -- will be EMV-enabled by the end of 2015. The move to EMV is expected to cost U.S. retailers and FIs several billion dollars. By some estimates, there are 13 million point-of-sale systems around the country that have to be upgraded or replaced to support EMV transactions. The research firm expects that big banks will spend around $1.30 for each EMV card while smaller institutions could pay between $3 and $5 per card.
Mercator Advisory Group's most recent Insight Report from their latest CustomerMonitor Survey Series reveals that 84% of U.S. consumers now perform banking activities to manage their account information using their home computers or mobile devices, of these 69% only use their computers to do so. Online banking is pervasive, and consumers are increasingly receiving alerts from their financial institutions and accessing online banking websites by mobile devices when they are on the go. Online banking is becoming critical and the preferred source to learn about new financial products and services, as Mercator Advisory Group's survey finds that over half (53%) of consumers prefer to be notified electronically, mostly by email (36%) and more than in person (26%).
Palo Alto Networks' annual threat analysis of customer network traffic shows that botnet-controlled malware that makes its way into enterprise networks almost always uses the User Datagram Protocol (UDP) to communicate. According to Palo Alto’s “Application Usage and Threat Report” on network traffic, the stateless, transaction-oriented UDP is the overwhelming choice in botnet command-and-control systems to maintain communications with malware.
Comcast Business will deploy a new all-in-one D3 wireless device: the Comcast Business Wireless Gateway (BWG). The Business Wireless Gateway provides Comcast Business Internet customers with:
- Business IP Gateway
- Private WiFi network for business use
- XFINITY WiFi Hotspot service
Smaller organizations can assign one private wireless signal for back office and a separate public signal (Xfinity WiFi) for visitors.
A recent survey from Ventana Research revealed that the majority of the call centers surveyed allocated less than half a day per month for agent training. This amounts to a mere 2.5 percent of the agent’s time. Even more surprising, their report, Insights on Contact Center Agent Productivity, showed that more than one-third of call centers set no coaching targets at all. Contact center experts agree centers must find a way to make coaching and training a priority. One way to accomplish this goal is to provide individualized coaching. In some centers, top-tier agents are commissioned to provide best practices coaching, advice, and tips to other less experienced agents.
