Fraud Prevention: Utilizing Mobile Technology for Authentication & Transaction Verification
It's no longer just about mobile banking. Mobile technology today is deployed by leading-edge institutions for out-of-band user authentication, transaction verification and to help prevent fraud via real-time security alerts.
How can your institution crack down on fraud and maximize its mobile investment?
Join Tom Wills, internationally-recognized banking and mobility expert, as he discusses:
- Online authentication and security, and how mobile technology can be used as an additional security layer;
- Mobile's role in preventing and detecting ACH/wire fraud;
- Lessons learned from the case study of an Asian bank that deploys mobile as an element of its layered security controls.
See Also: Effective Cyber Threat Hunting Requires an Actor and Incident Centric Approach
Because fraud knows no boundaries, banking institutions worldwide now deploy new layered security controls to authenticate online transactions.
In the U.S., the Federal Financial Institutions Examination Council (FFIEC) has issued authentication guidance that specifically lists out-of-band verification among recommended security controls. As the FFIEC details in its guidance:
"Out-of-band authentication means that a transaction that is initiated via one delivery channel [e.g., Internet] must be re-authenticated or verified via an independent delivery channel [e.g., telephone] in order for the transaction to be completed. Out-of-band authentication is becoming more popular given that customer PCs are increasingly vulnerable to malware attacks. However, out-of-band authentication directed to or input through the same device that initiates the transaction may not be effective since that device may have been compromised."
With mobile technology, institutions can instantly verify user ID by sending out confirmation messages to the account holder via text message or mobile app -- an out-of-band authentication solution that users two devices, two channels.
But mobile has uses beyond authentication, says Tom Wills, global banking/security strategist. Mobile is also an effective tool for transaction verification and for issuing customer alerts. And as an out-of-band security control, it falls within the FFIEC's recommendations for methods to help detect and prevent fraudulent ACH/wire transactions.
In this session, Wills shares his insights about mobile technology as a security control, including:
- How out-of-band authentication works and why it is critical to today's banking relationship;
- How mobile compares to other emerging out-of-band authentication methods, such as biometric voice recognition;
- Case study of OCBC Bank in Singapore, where mobile is already being used for out-of-band authentication, transaction verification and customer alerts;
- Strategies for evaluating vendors of mobile technology solutions.
You might also be interested in …