Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:34 PM
Dark Reading
Dark Reading
Products and Releases

2012 Faces of Fraud Survey: More Consumer Engagement Needed For Trust In Online Banking

While bank customers are not the root cause of fraud, they are actually one of the top sources for fraud detection, Authentify survey reveals

CHICAGO, APRIL 19, 2012 – Banks should be putting fraud monitoring tools in the hands of consumers for the highest levels of security, Authentify determined when analyzing the results of the 2012 Faces of Fraud Survey. The annual study of banks, conducted by Information Security Media Group (ISMG) and sponsored by Authentify and others, seeks to discover the latest fraud trends, how institutions are fighting back, and how they are progressing with creating and maintaining layered security controls in conformance with the FFIEC Authentication Guidance.

The survey results indicate that while bank customers are not the root cause of fraud, they are actually one of the top sources for fraud detection. Banks responding to the survey reported that the three leading causes of fraud they experienced were card-not-present (CNP) (56 percent), data breach at a retailer or processor (53 percent), and POS skimming (47 percent) – all root causes over which the consumer has very little control. However, when asked how a fraud incident was usually detected, 82 percent of banks said that it was when a consumer notified them.

“Many banks put anti-fraud measures in place that are invisible to the account holder so as not to be an inconvenience. Customers need to be given more credit – they know what is supposed to be happening in their account and can recognize a fraudulent transaction right away. This is evident in the survey, with banks recognizing that 82 percent of fraud events are brought to them by the account holder,” said Peter Tapling, Authentify president & CEO. “Today, with advances in out-of-band technologies and the proliferation of smart phones and other smart devices such as tablets, it is much easier to proactively engage the user in the war on fraud.”

Other positive news from the survey: one-third of the respondents did indicate plans to invest in out-of-band authentication in the upcoming year, while 70 percent of the respondents indicated that stronger authentication layers have already been implemented.

“From the results, it seems that banks are starting to recognize how valuable it can be to both engage and more strongly authenticate the end user. By taking these steps the bank strengthens the relationship and achieves an overall higher level of trust,” added Tapling.

Authentify’s new 2CHK app is an example of an economical way for banks to put fraud monitoring tools in the hands of their customers. Using a small, convenient app on their smartphone or PC, it enables the legitimate account owner to review and approve or, more important, perhaps cancel transactions that are about to execute against their accounts. For more information please visit: http://www.authentify.com/2chk/.

Additional aspects of this survey will be discussed in an April 25th webinar: “2012 Faces of Fraud Survey: Complying with the FFIEC Guidance,” presented by analyst George Tubin of GT Advisors and Tom Field, editorial director of ISMG.

About Authentify, Inc.

Authentify, Inc. is the world’s leading provider of telephone-based out-of-band (OOB) authentication services. Clients include five of the world's top ten banks, three of the five largest e-commerce websites and two of the top four insurance companies in North America. These multi-factor authentication (MFA) services enable organizations that need strong security to quickly and cost-effectively add two-factor or multi-factor authentication layers to user logons, transaction verifications or critical changes such as adding an ACH payee, resetting passwords or changing contact information. The company's patented technology employs a service-oriented message architecture and XML API to seamlessly integrate into existing security processes. Authentify markets primarily to financial services firms that need to protect their clients' online accounts, corporate security professionals managing access control, and e-merchants who want to limit fraud on their sites.

For more information, visit Authentify at: www.authentify.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...