Stronger customer authentication only way to mitigate risk of bank fraud

Posted on: December 19th, 2012 by Art Barger

Sitting at the core of every financial transaction is trust. Without it, or worse, relying on  unvalidated resources like personal identifiable information (PII) to identify customers, puts every banking transaction at risk.

The recent article, “$850 Million Scheme Exploited Facebook: Authentication, Secure Browsing Would Have Reduced Losses,” illustrates just how important customer authentication is. Even after the FBI arrested 10 individuals residing around the world in connection with a banking Trojan that stole credit card and bank account details from Facebook users who were duped into opening phishing emails they thought were from their trusted online friends, security experts don’t believe it will stop attacks on the popular social networking website.

Much like any other banking channel, financial institutions need to strengthen their customer authentication if they expect to stop fraud in the financial services industry, said Neil Schwartzman of secure messaging infrastructure provider, Message Bus.

“Real two-factor authentication would have made a difference here, on the bank side and prevented some of the financial losses that resulted after PCs were infected. Within the next two to five years, we will see stronger authentication everywhere, because the banks are going to get sick of the losses.”

Many banking institutions today still take phone calls without adequately validating the incoming call. As a result, they are putting themselves, their customers and accounts at risk of fraud. In short, operating without at least two-factors of authentication is a losing proposition in today’s volatile remote banking environment.

Whether a bank is communicating with customers in person, online or over the telephone, two-factor authentication is absolutely paramount for preventing fraudulent transactions and the monetary losses relating to illegal bank transfers, identity theft and credit card fraud.

To mitigate fraud over the telephone channel, the TrustID® network-based Physical Caller Authentication uniquely validates inbound contact center calls before they are answered. By validating the actual location of the telephone, financial institutions that were once susceptible to Caller ID spoofing and social engineering schemes can once again use the Caller ID and ANI as trusted sources for authenticating customers over the phone. This allows banks to proactively identify which calls can be trusted and which calls are high-risk, while adding an extra layer of authentication to better protect their customers’ bank accounts and confidential business information from telephone fraud, no matter if the criminal is attempting to commit fraud domestically or internationally.