Connect with us

Finance

Staying safe when using financial apps and technology

Published

on

Staying safe when using financial apps and technology 1

With more people doing more things online, understanding the risks as well as the opportunities is essential. Whether you’re thinking of banking online or just want to learn more about the risks and how to mitigate against them, this page will walk you through everything you need to know.

Jamie Kavanagh

Jamie Kavanagh

With banks closing branches all the time, online banking is now mainstream. Whether cause or effect, online banking and banking apps are taking over from the brick and mortar branches and every bank has their own app. But how secure are they? Jamie Kavanagh, a Contributor at Broadband Genie talks through what the risks are when using them and what you can do if you have been a victim of online fraud.

Potential risks with financial apps and the internet in general

There are a number of risk factors with internet banking, apps and general internet use. These risk should never put you off using the web as it really is a force for good but you should always be aware of the potential risks you may face.

Common risks online can include:

  • Viruses and malware
  • Phishing
  • Spyware
  • Ransomware
  • Eavesdropping
  • Targeted attacks

Let’s take a quick look at each…

Viruses and malware

Viruses and malware are probably the oldest computer threats. Viruses are much rarer now as hackers have shifted towards malware and ransomware but they are still out there. Viruses and malware will infect your device through a download of some kind and will usually delete all your files or otherwise render them inaccessible.

Phishing

Phishing describes an email that pretends to be from your bank, government, tax office or other official entity. They are usually very realistic and look exactly like the real thing. These will include a URL of some kind that will take you to a realistic looking web page where you will be asked to enter account details or other private information.

Spyware

Spyware is a type of malware that spies on you. It usually includes a key-logger or something that records keystrokes to try to collect usernames and passwords. The spyware will then secretly send this data back to a central server to be used in crime.

Ransomware

Ransomware is relatively new but evil. It works like malware and downloads onto your device. Rather than destroying your data, it will encrypt it and hold you to ransom. It will demand payment in cryptocurrency to unlock your files. There is never a guarantee of your data being unlocked even if you pay.

Eavesdropping

Eavesdropping is where someone sets up a fake WiFi hotspot or hacks your wireless networks and collects all the traffic on it. This can provide them with logins, credit card details and all manner of private information.

Targeted attacks

Targeted attacks differ from all the above. Rather than a hacker throwing their net wide to see who they can catch, a targeted attack will focus on you. They will learn everything there is to know about you and will try to trick you into giving them information such as account details, name, address or whatever they need to steal your identity.

Staying safe online

Don’t let that list of potential risks put you off as there are simple ways to combat all of them. Some involve using tools while others use behaviours. Either way, follow the suggestions to avoid 99% of internet risks.

Keep your devices up to date

Whatever device you use and whatever applications you have installed, keeping everything up to date is essential. Most operating systems will manage updates automatically. Most applications will also automatically update when one is available. Regularly check to make sure as updates will contain security fixes that can protect against risks. Don’t neglect firmware updates for hardware, either, especially vital devices such as Wi-Fi routers.

Always download apps from official app stores

In the case of any app but especially financial or banking apps, always make sure to use a legitimate source. That could be downloading from the bank directly or from Google Play

Store or the Apple App Store. Don’t download from anywhere else.

Always use security software

Every device you use should have a software firewall and antivirus running at all times. Computers should also have a malware scanner. These programs should always be set to automatically scan and automatically update. Some programs are free while others will cost money. The free programs have the same level of protection but fewer features. You do not compromise protection by using free security.

Use strong unique passwords

Every website you log into will use a password as part of account security. The importance of a strong password that is unique to that login and not used anywhere else cannot be overstated. It is essential to make the password as strong as possible and to never use it elsewhere. There are password managers available which allow you to securely store all your logins without having to remember the details for each.

Use multi-factor authentication wherever possible

If a website or app you use offers multi-factor authentication (MFA), use it. This is a valuable extra protection. It requires an extra step to log into your account, such as a random code sent to your phone, but can make it much more difficult to hack an account. Without that MFA code, even if a hacker had your username and password they would not be able to log in. It’s a free but very useful extra security measure.

Enable account notifications

Many web apps and websites have the option to notify you via email of logins or suspicious activity. Always have these enabled. Should your details be hacked, you will be notified of any access by email or text and can act quickly to prevent any loss or damage to that account or quickly change your password.

Use Wi-Fi safely

Wi-Fi is a risk as it’s possible for data to be intercepted. But it’s too useful to avoid using altogether, so you can get a Virtual Private Network (VPN) on your device to encrypt all your data. VPNs create a secure tunnel between your device and the VPN server that protects your data. Even if you accidentally connect to a fake Wi-Fi hotspot, your traffic is unreadable so is useless to the hacker.

Watch where you surf

Being aware of where you are on the internet is essential. Always check the URL, hover your cursor over a URL on a page or in an email to check it before clicking it and make sure you always use trusted websites. Be very cautious if a site is not encrypted using HTTPS. This will be indicated in the web browser URL bar, and if it’s not then your data could be at risk. Never enter any kind of information into a site which is not protected with HTTPS.

Know how to remote lock or erase your phone

If you use financial apps, banking apps or have personal data on your phone, it makes sense to familiarise yourself with the remote locking and erasure feature. Android and Apple both have a feature to remotely locate, lock or wipe your phone in case yours is lost or stolen.

What to do if you’re a victim of cybercrime

If you find yourself a victim of cybercrime, there are things you need to do to protect yourself. Exactly what depends on what has happened. The one universal requirement is to act quickly.

Be proactive

If you’re subject to any kind of crime or hacking online, you have to be proactive about the situation. That means actively changing affected passwords, contacting any related organisation, stopping credit cards, informing your bank and alerting the necessary authorities.

Here are some practical tips for actions to take:

  • If your security program detects spyware, scan your system and allow it to clean the device.
  • If you suspect you have received a phishing email, delete it and never click a link within it.
  • If you think you have landed on a fraudulent website, close your web browser and perform a full antivirus and malware scan.
  • If you are subject to a ransomware request, don’t pay. Wipe your device and rebuild it or have a professional do it.
  • If your bank alerts you to strange behaviour on your account, independently verify and then phone your bank or credit card company using the number on the card.
  • If you see strange debits on any account, alert the bank, change associated passwords and report the fraud to police.

Prevention is always better than cure but it isn’t always possible to avoid risks on the internet completely. If you follow the advice in this article, you will avoid the vast majority of risks out there and be able to enjoy the internet in the way it was originally designed to be enjoyed. Good luck out there!

Finance

The value of digital identity in payments

Published

on

The value of digital identity in payments 2

By Vince Graziani, CEO, IDEX Biometrics ASA

In ever more challenging times, the payments industry needs to maintain trust by finding a way to protect consumers from the constant threat of payment fraud and theft. Consumer’s wishing to limit physical contact during the current pandemic has led to the popularity of contactless payments which has accelerated in multiple territories.

In the US, one in five shoppers have made a contactless payment for the first time during the pandemic according to research published in August by the National Retail Federation and Forrester. The bad guys have unfortunately taken note. This has led to a real need for the industry to fight back with enhanced security.

At the 2019 Money2020 Europe conference, there was a universal call for a comprehensive form of digital identity (ID) to enable digital payments. A form of digital identity that would make cashless payment interactions – secure, intelligent, efficient and private. The feeling was unanimous: without functioning digital ID, the payments revolution will stall.

Unlocking the payment ecosystem

In an increasingly connected world, consumers find themselves needing to authenticate their identity daily. Whether that be with financial institutions, retailers, government departments or healthcare providers. Yet, it is rarely known where consumer data is stored, how secure it is or how it may be traded. Privacy regulations such as the European Union’s General Data Protection Regulation (GDPR) have attempted to restore some trust, but the industry still has a way to go.

Currently, authentication is fragmented and unwieldy. It requires a mix of hardcopy documents, online login credentials and digital wallets. This is not only frustrating for consumers but leads to the reuse of passwords and PINS that make the user vulnerable to fraud. Mastercard believes there is a clear need for a verified identity that is accepted globally and across multiple digital touchpoints and doesn’t involve aggregating more information in potentially vulnerable data stores, but instead gives the individual control over their identity data.

An integrated digital ID scheme would enable the payments industry to fight fraud on a global scale. It would also meet the pressing need for a payment authentication system that consumers can access anytime, anywhere, and on any device. This joined-up approach is vital to ensure no consumer is left behind as the world continues its digital transformation.

Providing access to a singular, unified digital ID will not only streamline the identity process, but also unlock new and enhanced consumer experiences during this digital transformation. Particularly in the new breed of smart buildings and cities, where everything from travel to payment systems will be connected to a user’s identity.

What form should our digital ID take?

While the need for digital ID is well established, the form it will take is less clear. There are two main challenges that payment providers need to overcome with a potential new identity solution: onboarding new users and ensuring the digital ID is compatible with all transactions.

Placing individual consumers at the centre of their own digital interactions will ensure confidence and broader adoption of new technology payments and services. Yet, for this to be successful, the payments industry must adopt a process that is simple, familiar and easy to understand.

Fingerprint biometrics as a digital identity

The use of fingerprint authentication to unlock a smartphone is now deeply entrenched. As far back as 2016, 89 percent of users with compatible iPhones were using fingerprints to unlock their devices. The solution for a frictionless onboarding has been at our fingertips the whole time.

Payment providers can incorporate fingerprint biometric sensors directly into their new breed of smart payment cards. A biometric payment card may be a new concept, but payment providers and retailers across the world are already using contactless card technology in the payment process, so it is the next logical step. Consumers are now used to carrying a card and tapping it for contactless payments. Plus, as we have seen, consumers are used to using their fingerprint as an authentication mechanism. Perhaps biometric cards could be the catalyst for financial inclusion desired by the World Bank, as they don’t require the ownership of expensive smartphones in developing nations.

Building a chain of trust with biometrics

Continuous developments in payment regulation mean that secure authentication is imperative. Under the second Payment Service Directive (PSD2) European banking regulation, all payment transactions will soon require Strong Customer Authentication (SCA) to validate users at the point of transaction to reduce fraud and increase security for customers. SCA requires two forms of authentication for every transaction above the contactless limit. While one is generally something you have like a smart card, the second can be something you are like a fingerprint.  Using a fingerprint means that it can be used across multiple platforms and is always at hand. There should be no trade-off between convenience and privacy and fingerprint biometrics delivers on that expectation.

Biometrics can play an essential role in digital ID, significantly limiting exposure to potential fraud and criminality. The addition of a biometric sensor onto a payment card creates a secure ‘chain of trust’ that indelibly connects the user to the card. Furthermore, digital ID has the scope to be extended far beyond payments and used as a unique identifier in areas such as access, government ID and even across IoT devices.

Securing the future of the payments industry

While the world is becoming ever more cashless, commentators and analysts all agree – without a fully functioning digital ID, the payments revolution will stall. As Tony McLaughlin, Emerging Payments and Business Development at Citi put it recently: “If we fix digital identity, we fix payments”. I couldn’t agree more. Both consumers and the payments industry need a user-centric digital ID that is owned and managed by the individual, so they can unlock the full advantages of a transformative digital payment ecosystem.

Using fingerprint biometrics as a digital ID in a payment card will transform the way people authenticate transactions. This integration would enable consumers to confirm their identity wherever they are, on any device, and across every transaction. It will change the face of digital identity as we know it.

We believe that digital interactions should be privacy-enhancing, secure, intelligent, and efficient. To facilitate this, consumers require a user-centric digital identity that is owned, managed, and controlled by the individual. It is time to place individuals at the heart of their digital interactions globally.

Continue Reading

Finance

It’s time to press ‘reset’ on travel and expense processes

Published

on

It’s time to press ‘reset’ on travel and expense processes 3

By Rudy Daniello, EVP of Corporations, Amadeus

Travel & Expenses(T&E) is a large spend category for companies across the globe. In fact, for many firms, T&E is the second largest indirect spend category. While we all know the inherent value personal, face-to-face meetings bring, it’s important to quantify and manage the cost, especially in today’s climate.

While business travel has slowed due to COVID-19, many companies have accelerated their digital transformation during this period, especially in the way their teams work. One area that is under the spotlight as organisations look to transform digitally and control costs and processes better, is T&E.

Poor business travel spend management can frustrate staff, and lead to cost and productivity inefficiencies. Within the context of COVID-19, controlling T&E spend is likely to be even more important, so companies need a clear strategy around their travel and expenses.

To understand how organisations were assessing their T&E at this extraordinary time, Forrester Consulting conducted research on behalf of Amadeus, surveying more than 550 key decision makers involved in T&E solutions at large organisations worldwide.

The report, titled Digital Transformation For Travel & Expense: Balancing Process Efficiencies, Compliance, And Employee Experience highlights the challenges organisations face as they assess their T&E systems and processes before business travel picks up again.

The good news is that nearly three quarters (74%) of respondents agree that the improvement of T&E management processes and tools is critical to reducing costs, increasing efficiency, improving employee engagement, and forms part of their digital transformation.

All of these factors are key business objectives, so how can organisations address their T&E?

Focus on Systems

The research found that a lot of organisations are still relying on outdated systems to manage their travel and expenses. More than one in five (22%) of centralised companies still use spreadsheets to track expenses and just 15% of organisations use a cloud-based T&E solution.

Many decentralised companies also still rely on manual processes – either fully or partly – for their T&E. These outdated processes and systems add pressure on staff, managers, auditors and accountants. Reassess T&E Processes

Having the right systems in place will help rethink T&E processes, from researching hotels and appropriate transport, to making expenses claims post-trip. Travel managers surveyed difficulties around compliance-related expense tracking, reconciliation and auditing as a key challenge.

Three quarters (74%) of travel management leaders want to increase automation to reduce their reliance on manual processes. However, one in five (20%) organisations do not feel they are getting the analytical and reporting capabilities they need, despite data being a core priority.

The research shows that Human Resources (HR) and IT have key roles to play in redefining their organisations’ T&E processes.

Enable Smarter Booking

The research also finds that T&E leaders want to be able to manage the huge amount of content out there so that they can make clear decisions when making travel bookings. Multinational organisations need a global solution so that they can access the best deals and make more informed business travel booking decisions.

Integrated T&E solutions deliver cost and efficiency benefits

According to the research, those organisations that use an integrated T&E tool are much less likely to receive complaints from their traveling staff. More than a quarter (27%) of organisations that use an integrated T&E solution reported zero complaints from employees.

Integrated T&E solutions are essential for companies as they help their employees, take advantage of the best offers for the business trip. They also streamline expense processes, making it quicker and easier to claim and have their expenses approved and paid back.

Firms that do not have integrated T&E solutions report a 29% increase in delays in reimbursing expenses. Almost all (96%) of organisations interviewed that use integrated tools are satisfied with their T&E processes. Nearly three quarters (73%) of them even plan to expand or upgrade further.

Improving T&E is a team effort

What the Forrester Consulting research demonstrates clearly is that there is consensus across the board that T&E systems and processes can be improved.

Three quarters (74%) of IT leaders are focused on improving end-to-end experience of T&E processes, and 73% are committed to improving integration between T&E tools and other systems (73%).

And it’s not just IT leaders who see the value in integrated T&E solutions. More than four out of five procurement managers see improvement of T&E tools and processes as a key part of their organisation’s digital transformation, the highest of any group interviewed by Forrester.

While online conferencing has become the norm for many organisations, nothing can replace the value of face-to-face meetings. When business travel picks up again, companies with integrated T&E systems and processes will quickly see the benefits.

Continue Reading

Finance

Covid-19 and the rise of remote payment fraud: how do we catch a digital thief?

Published

on

Covid-19 and the rise of remote payment fraud: how do we catch a digital thief? 4

By Evgenia Loginova, co-founder and co-CEO of Radar Payments

Covid -19 is finding different ways to hurt our finances – and like the virus, the threat is invisible.

Each time we tap our payments cards or make a purchase online, there’s always a risk of getting caught out by a digital fraudster. Yet during the global pandemic, the issue has not only escalated, but the ways in which people are conned have changed to reflect new social distancing and lockdown behaviours.

Indeed, the crisis has transformed the way we buy and shop – and those that are being targeted most are the millennial generation.

What are we doing differently?

It’s all down to the way we are interacting with service providers.

Lockdown behaviour

Since the World Health Organisation issued a pandemic in March, global payment fraud went up 5% with 100 million suspected fraud attempts from the period between March – April.

According to TransUnion, the firm analysing the data, billions of people around the world have been forced to spend time at home, which has led to industries such as financial services, ecommerce and healthcare to experience disruption in ways that have not been seen for generations.

This is due to the spike in online transactions, as more people adjust to the new normal of spending less time at the shops and more time doing everything on their digital devices.  And with so many transactions shifting online – fraudsters are spending more time there too. These culprits are fully remote and are always on the lookout for vulnerable victims – as well as vulnerabilities within the payment systems.

Digital savvy criminals

Businesses that come to grips with the problem will manage to stay afloat – but they won’t be able to do it without fraud prevention tools that can identify suspicious activity without adding friction to the customer payment experience.  In other words, customers must be protected from theft – as well as the truth. They shouldn’t even know that they’re under attack in the first place. It’s all about prevention- or at least as much as what technology can provide.

Without some technological intervention, there won’t be prevention, as companies simply cannot keep up with the proliferation of digital thieves.  Culprits are operating individually or in criminal gangs or both – and usually in countries that are often forgotten by global leaders.  For example, the telecommunications sector witnessed a 76% increase in card fraud a month after the global pandemic was declared – and the top country for suspected fraud origination was Timor-Leste – how many people even know where that is? (East Timor – formerly part of Indonesia, if you must ask!). Financial services saw an 11% increase in identity theft that same period – with most suspected culprits based in war torn Syria.

Exploiting vulnerabilities

Despite their location, fraudsters are quickly adapting to consumer behaviour, and finding ways to attack. With less in-person transactions taking place, criminals are doing things like infecting online points-of-sale with malware that enables them to skim credit card details of previous customers.

Evgenia Loginova

Evgenia Loginova

From our experience with our fraud detection networks the numbers point out that missing card fraud, in particular, has shot up by 70% over the past few months. This is where people’s card details are being used by criminals to make purchases, when they are not in possession of the card. They’ve just stolen the numbers and additional critical security information such as expiry date and CVC2/CVV2.

Identity theft is also on the rise, as well as phishing and social engineering attacks. For example, in the UK alone there’s been a rise in criminals impersonating trusted organisations like the NHS or HMRC to trick people into going online and paying for services that are fake or giving away their money and information to charities and other organisations that are fake.

Local councils in Britain have noted  a 40% increase in reported scams since the start of the pandemic, while Citizens Advice believes one in three people have been targeted by a Covid scammer.

This is a problem that is too big to ignore. The moment the fraudsters have your payment details – whether they’ve stolen it or you’ve given it to them under false pretences, the problem leads to losses for the victim and the businesses and organisations too.

With Covid and lockdown, fraud has gone fully remote and everything from e-commerce and digital banking has been a target for abuse.

In this ‘new normal’ world we find ourselves, the prevention of suspicious transactions through customer profiling and enhanced analytics, use of AI and machine learning models becomes very important.

Fortunately, digital theft is now being taken seriously.  Spending on security has skyrocketed in recent years, and the sector supplying protection predicted to grow by $6 Trillion by 2021.

Businesses that survive the pandemic must be able to anticipate and strive to block 100% of the digital theft they encounter. But to win the war against these online criminals they require a robust security strategy.

Here are some tips to consider.

Security policies should be enforced internally and across payment channels and distributed networks. This includes the core and cloud networks as well.

Security gaps should be closed.  A lot of risk can be mitigated by performing regular checks and plugging security holes, settling on a unified security framework based on interoperability, centralising visibility and control, segmenting the network to restrict the fluidity of malware and high performance, and deep integration.

Invest in AI capabilities.  Artificial intelligence possesses the sophisticated power to replicate the analytical behaviour of human intelligence, as well as enable decision-making in real time and offer predictive security notifications.

Investing in AI based security systems can significantly reduce digital attacks and spot suspicious activity.  The best ones are integrated with artificial neural networks (ANN), which combined with deep-learning models, can speed up data analysis and decision-making. It also enables the network to nimbly adapt to new information it encounters in the network.

Prevent fraud in online and then investigate. It is crucial to stop fraud before it happens. As most of the payments became remote, reaction should be super fast: high-risk transactions should be declined, low-risk passed with no friction and suspicious challenged. This raises the importance of finding the balance between customer experience and risk mitigation as never before. And even with AI and enhanced analytics for complex cases an expert with natural intelligence should be equipped with all needed information for relevant and adequate decision-making.

Lingering problem

Digital crime won’t disappear as long as there’s an opportunity that criminals can exploit. As the world braces for a new wave of lockdown measures, businesses operating in the online sphere must remain vigilant and prepare for more attacks – or face losses that could be impossible to recover from during these challenging economic times.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2020
2020 Global Banking & Finance Awards now open. Click Here

Latest Articles

The Future of Software Supply Chain Security: A focus on open source management 5 The Future of Software Supply Chain Security: A focus on open source management 6
Top Stories2 hours ago

The Future of Software Supply Chain Security: A focus on open source management

By Emile Monette, Director of Value Chain Security at Synopsys Software Supply Chain Security: change is needed Attacks on the...

Overcoming Barriers That Threaten Your Creative Output 7 Overcoming Barriers That Threaten Your Creative Output 8
Business2 hours ago

Overcoming Barriers That Threaten Your Creative Output

By Charlie Worrall, Digital Marketing Executive, Imaginaire Working in a creative field doesn’t happen by chance. Years of study and...

Seven easy ways to maximise online sales by expanding your marketplaces 9 Seven easy ways to maximise online sales by expanding your marketplaces 10
Business2 hours ago

Seven easy ways to maximise online sales by expanding your marketplaces

By Nate Burke, CEO and Founder of Diginius, a UK provider of proprietary software for digital marketing and ecommerce solutions, shares...

The future of offshore banking 11 The future of offshore banking 12
Banking2 hours ago

The future of offshore banking

By Granville Turner, Director at Turner Little. Despite its misconceptions, the popularity of offshore banking is growing. Not only is...

On the Frontlines of Fraud: Tactics for Merchants to Protect Their Businesses 13 On the Frontlines of Fraud: Tactics for Merchants to Protect Their Businesses 14
Top Stories3 hours ago

On the Frontlines of Fraud: Tactics for Merchants to Protect Their Businesses

By Nicole Jass, Senior Vice President of Small Business and Fraud Products at FIS Fraud isn’t new, but the new...

Online retailers to accelerate growth plans to combat the COVID-19 crisis 15 Online retailers to accelerate growth plans to combat the COVID-19 crisis 16
Business4 hours ago

Online retailers to accelerate growth plans to combat the COVID-19 crisis

New Paysafe study reveals that despite the impact of COVID-19, businesses are still innovating to maintain plans for future growth...

Online networking is crucial to the future of small business growth 17 Online networking is crucial to the future of small business growth 18
Business4 hours ago

Online networking is crucial to the future of small business growth

By Trudy Simmons, business and clarity coach We have all had to find a lot of new ways of being...

Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos 19 Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos 20
Banking4 hours ago

Hong Kong’s First Multi-Cloud Challenger Bank Goes Live with Temenos

WeLab Bank designed, built and launched using cloud-native Temenos Transact in less than 10 months WeLab offers next generational digital...

Reconnecting the retail brain: learning from the octopus 21 Reconnecting the retail brain: learning from the octopus 22
Business1 day ago

Reconnecting the retail brain: learning from the octopus

By John Malpass, Retail Consultancy Practice Lead at Teradata An octopus has nine brains: one for each tentacle and plus one at...

How robotic technology will disrupt the manufacturing industry 23 How robotic technology will disrupt the manufacturing industry 24
Technology1 day ago

How robotic technology will disrupt the manufacturing industry

By Marga Hoek, author of The Trillion Dollar Shift Robotics technology has the potential to disrupt industries across all sectors...

Newsletters with Secrets & Analysis. Subscribe Now