It's no longer just about mobile banking. Mobile technology today is deployed by leading-edge institutions for out-of-band user authentication, transaction verification and to help prevent fraud via real-time security alerts.
How can your institution crack down on fraud and maximize its mobile investment?
Join Tom Wills, internationally-recognized banking and mobility expert, as he discusses:
Online authentication and security, and how mobile technology can be used as an additional security layer;
Mobile's role in preventing and detecting ACH/wire fraud;
Lessons learned from the case study of an Asian bank that deploys mobile as an element of its layered security controls.
Because fraud knows no boundaries, banking institutions worldwide now deploy new layered security controls to authenticate online transactions.
In the U.S., the Federal Financial Institutions Examination Council (FFIEC) has issued authentication guidance that specifically lists out-of-band verification among recommended security controls. As the FFIEC details in its guidance:
"Out-of-band authentication means that a transaction that is initiated via one delivery channel [e.g., Internet] must be re-authenticated or verified via an independent delivery channel [e.g., telephone] in order for the transaction to be completed. Out-of-band authentication is becoming more popular given that customer PCs are increasingly vulnerable to malware attacks. However, out-of-band authentication directed to or input through the same device that initiates the transaction may not be effective since that device may have been compromised."
With mobile technology, institutions can instantly verify user ID by sending out confirmation messages to the account holder via text message or mobile app -- an out-of-band authentication solution that users two devices, two channels.
But mobile has uses beyond authentication, says Tom Wills, global banking/security strategist. Mobile is also an effective tool for transaction verification and for issuing customer alerts. And as an out-of-band security control, it falls within the FFIEC's recommendations for methods to help detect and prevent fraudulent ACH/wire transactions.
In this session, Wills shares his insights about mobile technology as a security control, including:
How out-of-band authentication works and why it is critical to today's banking relationship;
How mobile compares to other emerging out-of-band authentication methods, such as biometric voice recognition;
Case study of OCBC Bank in Singapore, where mobile is already being used for out-of-band authentication, transaction verification and customer alerts;
Strategies for evaluating vendors of mobile technology solutions.
Wills is a Fintech architect and strategist specializing in payments, security and digital identity. For more than two decades, he has guided organizations such as Visa, Bank of America, Wells Fargo Bank, UnionBank of the Philippines, VeriFone, Intuit, Richemont, Ping Identity and multiple startups to build and secure their digital platforms. Career highlights of Wills include leading the development, launch and operation of Visa's core transaction fraud management services and VeriFone's digital wallets, merchant e-commerce platforms and payment gateways, as well as secure platform/product design for Visa's prepaid card management system, national mobile payment networks in the Dominican Republic (tPago), Bangladesh (bKash), a Philippines' major credit card issuer and the Manila public transit network. He has also served as a CISO for CrossCheck and Intuit subsidiary PayCycle.com, and as a mentor for StartupBootcamp FinTech and four Asian payment startups. In addition, he is a tenured speaker and media commentator on security in digital transactions. He holds both CISSP and CFE certifications. A resident of Singapore, Tom has also lived and worked in the US, UK, UAE, Philippines and Dominican Republic.