Your source for the latest technology information of interest to community banks across America.
Subscribe to our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.
Dell announced an expansion to the 13th generation of PowerEdge servers, with two new tower models and two new rack mountable versions geared for small to midsize organizations. All of the servers come with Dell OpenManage software which allows for out-of-band management. The PowerEdge T130 and T330 are the tower servers, while the R230 and R330 are the rack-mountable servers. All of these models support the latest DDR4 SDRAM in their configurations.
Self-encrypting drives (SEDs) perform data encryption and decryption operations on a dedicated crypto processor which delivers performance-related benefits. However, these drives can be insecure by default when the laptops they are installed in are powered on or in sleep mode. In order to secure them, users should always power off their laptops or put them in a hibernation state when they leave them unattended. IT administrators can also disable the sleep mode through policies. Plus some experts are recommending that IT administrators also disable Windows' option to automatically restart on BSOD and lock down BIOS/UEFI so that attackers can't boot from external media.
~~~
Looking for anything out of the ordinary in log files is an almost impossible task without some sort of log consolidation and analysis system. Loggly offers a cloud-based service that mines large amounts of log data in real time. The platform uses existing software rather than proprietary agents, and can consolidate any text-based logs from any source whether server or client. It also helps you to gain visibility into values and counts on all fields so you can spot anomalies, filter out noise, and understand the magnitude of problems.
IsItYou offers a Mobile Face Recognition solution that they say works in every context from almost complete darkness to bright sunlight, and pretty much in any pose. They say that they have developed a learning system that means that IsItYou can start working with minimal training, and that it will remain effective over time. The Israeli company states that their software is robust enough to reject not only a photograph, but it is able to tell the difference between a real user and a 3-dimmensional mask of their face.
~~~
Auriga, a provider of omnichannel banking solutions, offers ATM deployers their WWS ATM management package which is a scalable 3-tier client-server solution. ATM services are centrally managed and deployed on any combination of vendor ATMs and models. WWS ATM is fully compliant with CEN ISSS/XFS 3.x, EMV, and PA-DSS standards and is certified on Windows XP and Windows 7-based terminals. The software includes terminal driving, cash reconciliation, remote key management, proactive network monitoring, trouble ticketing, software download management, and one-to-one personalized marketing.
Lockpoint announced the launch of its Gryphon3 intelligent vault protection system. The U.K.-based ATM security technology provider says that their system is designed to prevent explosive attacks. The solution uses a system of interlocking "intelligent" electronic steel doors intended to make robbery unattractive because only one of four cash drawers can be open at any time. The firm also notes that their design makes it extremely difficult to break into an ATM, even if attackers manage to remove it from the premises. The Gryphon system can be retrofitted to both hole-in-the-wall and free-standing ATMs.
~~~
The Visa Mobile Location Confirmation service (MLC) uses mobile geo-location data to match the location of transactions with the location of the user`s mobile device. Emirates NBD claims to the first financial institution in the world to sign on with the solution that uses a consumer`s phone to confirm a credit card purchase when made outside the consumer`s home area. They say that the geolocation data provided through the mobile banking app will be used for the intended purpose of fraud risk management only.
Rumors are abounding that Apple will introduce a payment system that would let people transfer money directly to each other via nearby smartphones. They are reportedly in talks with major money center banks to help them launch their encrypted person-to-person payment system. An Apple approach would likely require the two phones to be close together and be tied into users' existing accounts.
According to a survey by RemoteDepositCapture.com, 77% of responding FIs do not charge for remote deposit capture (RDC). Among financial institutions that do, most fees are assessed to small-business and corporate users. In terms of loss control, here are the most popular methods employed:
- deposit value limits
- image quality analysis
- various duplicate-detection systems
- volume limits
- geo-location
Slightly over half of respondents that had sustained mRDC losses reported making adjustments to their risk management policies, while the remainder did not because losses were very small or were within expected ranges.
~~~
The FFIEC has updated their cybersecurity expectations for senior management teams and Boards of Directors via their Management Booklet which is part of the FFIEC Information Technology Examination Handbook. The agency made these updates:
- IT governance for boards of directors: They must review and approve IT strategic plans that include security strategies for addressing ongoing and emerging threats, including cyberthreats
- Risk management for operational risks: Institution management should ensure that effective IT controls are in place, either through direct oversight or by holding lines of business accountable
- IT risk management: Management should identify IT assets that are controlled internally or by third parties and ensure they are adequately measuring and mitigating risks to those assets
The concept of layered security has been around for decades, but some security professionals express concerns that too many layers can be self-defeating. They point out that it leads to complexity and that by purchasing too many technologies, IT Departments may be left with unmanaged or undermanaged systems. Other issues include: overspending on individual products; buying overlapping systems; integration challenges; or leaving unsecured gaps between layers.
~~~
Core Systems:
Supporting Omnichannel Delivery with the Core System
 |
 |
 |
~~~
Facebook is hosting Boost Your Business events across the country aimed at training small business owners on how to best use the social media service to promote their companies. They provide tips on creating engaging content, connecting with consumers and measuring results. One thing that they emphasize is making your material personal and fun - and visual. That is because posts with photos perform better than text-only posts, and posts with videos do better than photo posts. The social media giant also highly recommends closely monitoring your Facebook Insights page to see how your ads are doing and tracking demographics like age, gender, and location.
~~~
Online Banking/E-Commerce/Website Design
Meniga offers a personal financial management (PFM) solution that they say enables banks to develop next generation personalized digital banking. It includes detailed transaction categorizations, wide ranging financial activity feeds, advanced search capabilities, peer Comparisons, targeted messaging, spending and savings goals, net worth calculations and more. Their current implementations are serving more than 25 million consumers worldwide.
~~~
In traditional network designs, you have a physical appliance for a router, another for a VPN, and yet another for the firewall. Going forward with software-defined networking (SDN) and network function virtualization (NFV), many of these aspects are going virtual and sharing the same resources. With SDN, there is a great deal more intelligence and control. Many companies are working on SDNs, and Intel is taking steps towards more sophisticated networking devices. For example, they just introduced their FM10000 Ethernet multi-host controller which is the first Intel product to integrate a switch and an Ethernet controller. It supports network services headers (NSH) and has an integrated engine to drive packet processing up to 960 million packets per second and can route traffic from the data center to the network through multiple Ethernet speeds (1/10/25/40/100 gigabit).
Verisign's Q3 2015 DDoS Trends Report reveals that an on-premise DDoS appliance with a 1 Gbps capacity would be ineffective in at least 59% of attacks, while a 10 Gbps appliance might be ineffective in handling 20%. The firm noted that the Financial and Payments sector represented 15% of all of their mitigations. They recommend a cloud or a hybrid approach to DDoS protection; some vendors that can help are Akamai, Imperva Incapsula, RadWare and Cloudflare. Many experts strongly recommend never paying hijackers since there is no guarantee that they will honor the agreement and it may encourage others to launch attacks.
Advanced IP Scanner is a freeware IP traffic monitoring tool that will run on Windows 7 and 8. The utility gives you access to shared folders and HTTP/FTP servers, scans all network devices, provides remote control of computers (via RDP), and can even remotely switch computers off. In action, you only need to open the app and click the Start button and your scan is off and running.
~~~
Contact centers have had the ability to integrate MMS/SMS texts into their operations for quite some time, but many have not taken advantage of it and those that do often limit it to surveys and password resets or for notifications and marketing. Some contact center experts believe that Millennials, particularly, would prefer to see more customer service options with texting. However, texting - like chat and social media - requires speedy responses since many people expect a response within 5 minutes, but no more than an hour after initial contact. Configuring your system to provide auto-text answers upon first contact assures them that their message was received and they can expect a more detailed reply within a certain amount of time. Some options for vendors that can help with texting integration include: HeyWire, OneReach, and In The Chat.
~~~
