Your source for the latest technology information of interest to community banks across America.
Subscribe to our monthly newsletter and stay on top of the latest technology trends in Hardware, Software, ATMs, Biometrics, Wireless, Online Banking, Marketing, Security, Internet Access and Call Centers.
As SSDs (solid state drives) deliver higher performance and continue to increase in capacity, their prices are simultaneously decreasing. A thin SSD layer can boost performance when placed alongside traditional hard disks (HDDs). For example, storage vendor HPE indicates that the addition of flash as a read cache can reduce latency up to 70 percent, and employing the flash as a performance tier boosts performance up to 90 percent. Their systems also support Archive Tiering which moves rarely used data from the performance HDD tier (traditional 10K and 15K HDDs) to the nearline tier, thus maximizing storage capacity.
Cisco introduced the Catalyst 3650 “Mini” for small offices and branches. It is a 1RU Gigabit Ethernet switch with 24 or 48 fixed PoE+ ports, and four SFP and/or SFP+ uplinks. It supports Cisco`s StackWise technology for linking multiple switches into a single logical switch; and Converged Access for allowing one management policy to be used for both wired and wireless traffic.
~~~
NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports, etc. without putting any traffic on the network. The company has just come out with the 2.0 version of their product that collects data (such as forensic evidence) about hosts on the network. The new version 2.0 of NetworkMiner has a built-in filtering capability for the data displayed in the following tabs:
- Files
- Parameters
- DNS
- Messages
- Sessions
The Veeam Availability Suite is a backup, recovery and replication solution for VMware vSphere and Microsoft Hyper-V environments. Veeam Availability Suite combines the backup, restore and replication capabilities of Veeam Backup & Replication with the monitoring, reporting and capacity planning functionality of Veeam ONE. The company guarantees recovery time and recovery point objectives (RTPO) of less than 15 minutes for all applications and data. Admins can restore entire VMs in minutes with Instant VM Recovery or recover individual files with Instant File-level Recovery.
~~~
Fiserv's Popmoney peer-to-peer money-transfer service will soon enable recipients to go directly to an ATM to retrieve funds. Popmoney Send Cash will use tokens and a software update to ATMs that use Fiserv`s Accel debit network. The recipient receives a text or email notification of the transfer, along with an 11-digit passcode that they will need to retrieve the money at the ATM. Upon arrival at a Popmoney-enabled ATM, the recipient enters the passcode after pressing the Popmoney button on the ATM display.
Security vendor Kaspersky says that a modular malware program known as Metel or Corkow has infected computer systems belonging to Russian banks and has been used to reverse ATM transactions. The gang uses spear phishing emails with malicious links to the employees of banks to gain access to the systems that control transactions. They then automate the rollback of ATM transactions for particular debit cards issued by the institution that are under their control. The transactions are automatically reversed so the account balances never change.
Ally Bank has rolled out an Android Wear app, called the Android Wear ATM Locator, which provides ATM addresses, distances, and directions to Android smartwatch users. They also released a similar app last fall for users of the Apple Watch.
~~~
Fing is a powerful wireless network scanner that runs on Android. Fing will do the following and more:
- Discover all devices connected to a Wi-Fi network
- Display the MAC Address and manufacturer of the devices found
- Allow you to enter your own names, icons, notes, and location
- Do a full search by IP, MAC, Name, Vendor, and Notes
- Show you a history of all discovered networks (this requires a Fingbox account)
- Do a service scan to find hundreds of open ports
- Run Ping and traceroute
- Do automatic DNS lookup and reverse lookup
Rogue app stores offer "free” versions of many of the most popular apps in the Apple and Google Play stores, but many times they contain malware. The apps can pilfer mobile banking credentials, install adware and other malicious apps, and even use the digital certificates of approved app stores to trick mobile devices into thinking they are legitimate. Unfortunately, mobile apps can proliferate from official stores throughout the app store ecosystem, spreading to new "stores" and web download locations without the owner's consent. Scanning services are available that monitor the public app stores and the web at large for pirated versions of apps. For example, RiskIQ Mobile Threats provides discovery across iTunes, Google Play and 150+ unofficial app stores, including focused coverage of high-risk stores and regions for brand impersonation, malware, and fraud.
~~~
Cyber-criminals package their pilfered data in many formats. Here is a partial list of what is available:
- Credit/debit card data
- Stealth bank transfer services
- Bank account login credentials
- Enterprise network login credentials
- Online payment service login credentials
According to Intel Security, the most in-demand type of data is credit/debit cards, the price goes up when more bits of sub-data come with the card data, such as the victim`s birthdate, SSN and FI account ID number. Accounts that are “fullzinfo” which include username and password can go for around $30 each.
Eliminating high-denomination currency notes ($100 bill, the 500 euro note, the 50 pound bill, and the 1,000 Swiss franc bill) would help deter tax evasion, financial crime, and corruption, according to Peter Sands, a senior fellow at the Harvard Kennedy School. "This is a bold, relatively simple-to-implement action that could have significant impact and has limited downside. High-denomination notes are arguably an anachronism in a modern economy given the availability and effectiveness of electronic payment alternatives. They play little role in the functioning of the legitimate economy, yet a crucial role in the underground economy," says Sands.
~~~
Addressing Insider Threats, Cyber Attacks & Data Security
 |
|
Accellion - http://www.accellion.com
Read Yorgen H. Edholm's comments: https://www.cunews.com/Accellion.pdf |
 |
|
Allied Solutions - http://www.alliedsolutions.net
Read Ann D. Davidson's comments: https://www.banktt.com/Allied.pdf |
 |
|
BrightPoint - http://www.brightpointsecurity.com
Read Ajay Nigam's comments: https://www.banktt.com/BrightPoint.pdf |
 |
|
Cummins Allison - http://www.cumminsallison.com
Read Dean Theodore's comments: https://www.banktt.com/CumminsAllison.pdf |
 |
 |
|
Easy Solutions - http://www.easysol.net
Read Daniel Ingevaldson's comments: https://www.banktt.com/EasySolutions.pdf |
 |
|
EnableSoft - http://www.enablesoft.com
Read Richard Milam's comments: https://www.banktt.com/EnableSoft.pdf |
 |
|
|
 |
|
Info@Risk - http://www.infoatrisk.com
Read David Trepp's comments: https://www.banktt.com/This email address is being protected from spambots. You need JavaScript enabled to view it. |
 |
|
InfoSight - http://www.infosightinc.com
Read Brian Smith's comments: https://www.banktt.com/InfoSight.pdf |
 |
 |
|
Millennial Vision - http://www.mviusa.com
Read Scott Cowan's comments: https://www.banktt.com/MVi.pdf |
 |
 |
|
Onbase by Hyland Software - http://www.onbase.com
Read Steve Comer's comments: https://www.banktt.com/OnBase.pdf |
 |
|
Pwnie Express - http://www.pwnieexpress.com
Read Paul Paget's comments: https://www.banktt.com/PwnieExpress.pdf |
 |
|
Securonix - http://www.securonix.com
Read Chris Inglis' comments: https://www.banktt.com/Securonix.pdf |
 |
|
SentinelOne - http://www.sentinelone.com
Read Scott Gainey's comments: https://www.banktt.com/SentinelOne.pdf |
 |
|
StrongAuth, Inc. - http://www.strongauth.com
Read Arshad Noor's comments: https://www.banktt.com/StrongAuth.pdf |
 |
|
Venminder - http://www.venminder.com
Read Aaron Kirkpatrick's comments: https://www.banktt.com/Venminder.pdf |
~~~
When it comes to social media marketing, most FIs stick to Facebook and Twitter and perhaps YouTube or Google+. But some observers contend that Snapchat has grown into a communications medium that organizations cannot afford to ignore. Case in point: AmroABN Amro uses the popular file-sharing app Snapchat as a channel for communications with its customers. Snapchat users can ask their representatives questions via the app and share financial tips on better budgeting.
~~~
Online Banking/E-Commerce/Website Design
A new service launched by Visa allows consumers to determine how, where, and when their credit and debit accounts can be used. The service dubbed Visa Consumer Transaction Controls offers spending controls that can be applied to different transaction types, date ranges, or overall card spending. Consumers also can temporarily suspend their accounts in cases where they lose a card or have it stolen. Issuers choose which features to provide their cardholders. The system supports a smartphone app, mobile wallet, or website. Alerts can be sent by text, within an app, or by email. According to Visa, cardholders who receive transaction alerts experience 40% less fraud than cardholders who do not.
According to Javelin's "Rethinking the Role of Bill Payment in Digital Banking" report, FIs are the first place that most consumers turn to handle their bill paying chores, instead of going directly to the biller. Bill paying totals over $3.5 trillion for seven key bills, including $442 billion made on smartphones and tablets. The research firm concludes that a strong bill pay program and sophisticated digital banking services in general compel consumers of all ages to consolidate their financial activity and purchases with an FI.
~~~
By some estimates, encryption today accounts for roughly one-third of all Internet traffic and is growing every day. Unfortunately, encryption allows cyber-criminals to conceal their exploits from security devices like firewalls, intrusion prevention systems and data loss prevention platforms. In response, organizations must decrypt and inspect inbound and outbound traffic with a dedicated SSL inspection platform that enables third party security devices to eliminate this blind spot. A10 is one vendor that is addressing this issue with their SSL Insight solution which is an essential feature in the A10 Thunder Application Delivery Controller (ADC). Thunder ADC decrypts SSL-encrypted traffic and forwards it to third-party security devices for inspection. Once the traffic has been analyzed and scrubbed, Thunder ADC encrypts it and forwards it to the intended destination. SSL Insight, also known as SSL forward proxy, is a technology consisting of two SSL termination devices that have separate secured sessions between server and client.
Logitech says that their recently announced video conferencing suite, the Group, is an affordable alternative to expensive conference equipment. The new speakerphone isolates the microphone and speakers for better audio quality and the microphone handles a distance of 20 feet, but it may support larger conferences of up to 28 feet with added expansion microphones. The Group`s camera offers 1080p video quality, a field of view of 90 degrees, H.264 scalable video coding and 10x lossless zoom. The Group offers support for a number of applications such as Microsoft Lync 2013, Skype for Business, Cisco Jabber and WebEx. On the hardware side, the Group can be connected on any device with a USB port.
~~~
Training is absolutely critical for new contact center hires, but some new trainers and subject matter experts make the mistake of trying to tell everything they know about a subject. Training and coaching experts say that the focus of the training must be on need-to-know information. Many new hires cannot take in an overload of information and need solid information on what they need to know to effectively do their jobs right now. Training experts recommend that the nice-to-know information (such as keyboard shortcuts, different places the same information can be accessed, etc.) should be made available electronically for the new hire to reference when they are ready to absorb it.
~~~
