A Summary of Finance News and Topics on Compliance and Privacy
We gather together and archive topics for the Finance sector
To avoid long load times news is archived periodically. If you can't find what you are looking for on this page please refer to our archives. Please use the search engine for ease of retrieval.
Main Finance News page |
Archives: (oldest)
1 |
2
(most recent)
See also Finance Mentor for general finance news and views
Online Banking Fraud in UK on the Rise
A surge in 'phishing' in the first half of 2006 has produced a sharp rise in the amount of money being lost to online banking fraud. UK banks reported a 55 per cent increase in losses from fraudulent online transactions for the first half of the year.
Phishing involves using fake web sites to lure people into revealing their bank account numbers. The number of recorded incidents rose 16-fold to 5,059, said the Association of Payment Clearing Services (APACS).
Losses totalled USD 42.8 million, up from USD 27.6 million from the first six months of 2005, according to APACS.
Read the article in SDA India
Banks Plot Rival Exchange
The stock exchanges have been among the biggest beneficiaries of the booming market, so it is hardly surprising that they have themselves been the subject of long-running global takeover battles.
Last week, the European exchanges faced a new threat when seven investment banks unveiled plans to create their own exchange. The plot, codenamed Project Turquoise, has been formed by Citigroup, Credit Suisse, Deutsche Bank, Goldman Sachs, Merrill Lynch, Morgan Stanley and UBS, which are responsible for 50% of volumes on the London Stock Exchange (LSE).
The banks claim the charges of all the European exchanges - in particularly the LSE - are too high and since their demands for the exchanges to lower fees have been ignored they have decided to create their own, mutually owned exchange.
Read the Times Online Business News article (foot of page 2 et seq)
Security firms clash over phishy e-mails
Banks and security experts cannot agree if it is safe for banks to use e-mail for communicating with their customers because the medium has been hijacked by criminals who try and fool online banking users into divulging their log-in details.
Last week, ZDNet Australia reported that an e-mail sent by Citibank confused both customers and security experts because neither group could distinguish the genuine e-mail from a phishing attack.
Security experts criticised Citibank because its e-mail asked recipients to update their online bank log-in details due to an update of the company's security system. Experts claimed the bank had contradicted its own security guidelines and confused its customers.
In response to the story, antivirus firm Sophos on Thursday highlighted the increasing number of phishing attacks but claimed that even though there is "little room for error", banks could safely continue using e-mail for contacting customers -- as long as they take precautions.
Read the article on ZDNet India , then join in the discussion
WestCom and VeriSign® Announce Strategic Alliance
WestCom Corp. and VeriSign, Inc., today (16 November 2006) announced a strategic alliance agreement to jointly market and deliver a suite of next-generation converged IP services to the global financial community. The Alliance brings together one of the world's largest providers of trader voice services, with the leading global provider of intelligent infrastructure services.
The Alliance enhances WestCom's existing voice and data network by embedding VeriSign's advanced routing and security technologies into the network. The companies will work together to create next-generation solutions supported by the VeriSign Network Routing Directory (NRD) to offer portal-based trader line mobility and other enhanced applications that help meet the demanding standards of the financial services community for secure, real-time communications.
Read the article
Citibank phishes itself! An email too far?
A seemingly innocent e-mail from Citibank Australia introducing a new online banking process has been mistaken for a phishing attack.
The e-mail (click it to enlarge in a new window) was sent last month and described a new sign-on procedure that promised to be "even more secure". As part of a security upgrade, customers were asked to update their log-in credentials.
The message also asked recipients to log on to the bank's Web site and authenticate themselves by entering their Citicard or credit card number, and ATM PIN.
The bank has a strict policy to safeguard customers from such scams. Its online security section says: "Customers should understand that Citibank will never send e-mails to customers to verify personal and/or account information… It is important you disregard and report e-mails which… request any customer information - including your ATM PIN or account details."
Read the article on ZDNet Australia, then tell us what you think
Two-factor technology opens new e-markets
UK businesses should soon be able to conduct trade electronically with their counterparts in Macedonia and with other states that have until now been deemed too great an e-commerce risk, thanks to an initiative between security techology firm VeriSign and the US Agency for International Development.
Banks in Macedonia, part of the former Yugoslavia, are poised to issue their customers with two-factor authentication devices to turn around the country's reputation as a risky trading partner for e-commerce.
Until now, the country has in effect been blacklisted by major e-commerce sites such as eBay and PayPal, stifling the ability of Macedonian firms to trade online.
The US Agency for International Development has partnered with VeriSign to provide Macedonia's banks with the smart tokens that will allow the country's citizens and businesses to trade securely online.
Read the full article in ComputerWeekly.com
Phishing reaches record numbers
Protecting the integrity of a brand is a top priority for all business. The damage caused to a brand due to a phishing attack can be far more severe than the funds or credentials compromised by the criminal groups perpetrating these acts. In July of this year the Anti-Phishing Working Group (APWG) reported a record number of legitimate "brands" hijacked. This group is reporting that 154 banks, financial companies, electronic retailers, or other organizations had their brands hijacked through phishing in July 2006 - a new record.
Security Focus goes on to say:
... They also report to have found 23,670 total phishing websites used to commit identity theft, fraud and other malicious activity in July 2006. This number is second only to the record 28,571 phishing sites found in June 2006, and is nearly double the 14,135 phishing sites found in July 2005. Of these sites, 14,191 are considered "new" phishing sites, compared to just 4,564 new sites found one year prior, in July 2005.
There is a full report available for download.
Read the full article at Security Focus
Bank fraud drives adoption of two-factor authentication
Banks will come under further pressure to adopt two-factor authentication technology following a 55% increase in the cost of online banking fraud over the past year.
Figures released today (7 November) by the Association of Payment Clearing Services (Apacs), show bank losses reached £22.5m in the first six months of the year, up from £14.m over the same period in 2005.
The increase has been driven by a dramatic rise in the volume of phishing incidents, which rose from 312 in the first six months of 2005 to 5,059 in the first half of 2006.
Several banks, including Alliance & Leicester and HSBC, are trialling two-factor authentication technology in an effort to stem the tide of phishing fraud. Apacs said it was working with banks and retailers to test what could become an industry standard version of two-factor authentication next year. The system uses low-cost handheld card readers to generate one-time passwords, which can be used to verify purchases online or over the phone.
Read the full article in Computer Weekly
High Assurance SSL
Apart from the actual security provided by digital certificates in a Web environment, in terms of encryption of data and authentication of participants, they are meant to be a confidence-boosting measure.
That little lock icon in the browser and the "https" in the address tell the user that the communications are secure. Users can also click through some dialog boxes linked from the icon to see specifics of the certificates for the site they are viewing and make a decision about the authenticity of that site. Of course, 99% of users never do any such thing, and probably very few even notice the relatively obscure lock icon.
Even the value of the lock icon has been diminished lately. There have been recent examples of scammers obtaining a certain kind of SSL certificate, called a domain-authenticated SSL certificate, that can be obtained with very little in the way of verification of the bona fides of the applicant. Even if the user takes care to look for the lock symbol, he or she can be fooled by such a certificate.
A new standard hopes to address this situation with a new class of certificate. Some reports indicate that the final official name for these certificates will be "Extended Validation," but they are more widely known as "High Assurance" SSL certificates.
Read the full article in IIS Zone
A New Type of SSL Certificate Is on the Way
Web businesses face a crisis in confidence. Consumer trust in the security of sites is declining, and in increasing numbers they are scaling back online transactions - or opting out entirely. According to Forrester Research on December 8, 2005, an astonishing 24% of Internet users reported that they would not be shopping online that holiday season because they did not feel safe. A full 61% reported that they had at least reduced online purchases for the same reason. This phenomenon has been masked by the overall increase in online activities like shopping, banking, trading securities, and filing taxes. The fact remains, however, that these online businesses are less effective than they should be, and are leaving money on the table.
Starting early in 2007, Web sites will be able to definitively demonstrate their identity to customers—and customers will be able to confirm identity before trusting sites. This opportunity comes thanks to the greatest development in the Web's secure backbone in over ten years. 2007 will see the introduction of a new kind of SSL Certificate, the first since the technology's origin over a decade ago.
These new certificates will be called Extended Validation SSL Certificates, and they represent over a year's effort by an industry consortium called the CA/Browser Forum. Starting early in 2007 the CA/Browser Forum intends to make these new certificates available for the benefit of Web businesses and site visitors alike. These certificates can facilitate online commerce in all its forms by increasing visitor confidence in legitimate sites and greatly reducing the effectiveness of phishing attacks.
Read the Article
Can IE 7 kill off phishing?
Phishing could soon be a thing of the past and the credit may have to go to Microsoft. That's according to a leading web security expert who says functionality built into Internet Explore 7 could shutter fraudulent websites within 18 months.
Tim Callan, a director at VeriSign, said anti-phishing guards in IE 7 - which will warn users off malicious websites where they may be asked to submit personal information such as bank or credit cards details - will help restore badly damaged consumer confidence.
Callan said: "Consumer confidence is falling and the biggest reason for that is fear, pure and simple. People fear that something bad is going to happen to them."
And he said phishing is the major cause of concern.
Read What Callan says at Silicon.com, then tell us if IE7 will reassure you
The Lord Mayor of London, David Brewer, last week issued a wake-up call to financial institutions to take a global lead in combating cybercrime.
“Cybercrime is more lucrative and less risky than drugs,” he said. “There is no better place to start than in London,” he continued, highlighting the City's capability of taking over all of New York's trading on 9/11 in just half an hour.
“We are already seeing evidence of failure to grasp the nettle,” he warned a select meeting of leading City influencers in London last week.
He warned that while the internet is key to the future success of the City and the global financial marketplace, it is spoken of as if it were regulated, structured and planned, which it is not.
The baseline for the Internet is threefold, he said: security, stability and availability.
Faced with major new cybersecurity threats, companies need to adopt a new approach, said Mark Reece, trading systems architect at the London Stock Exchange, speaking at the same event.
Read the full computerweekly.com article
MiFID Rules Break the Exchange Monopoly on Trade Reporting
A consortium of investment banks is building Project Boat, a platform for trade data reporting and market data publishing which will take advantage of new MiFID regulations.
As Europe braces for new pre-trade data and post-trade reporting requirements resulting from the Markets in Financial Instruments Directive (MiFID), the Pan-European legislation already is shaking up the status quo in the exchange-dominated market data business. Under the legislation, which takes effect in November 2007, investment banks will be in a position to form their own trade reporting authorities and charge for disseminating their own market data.
The opportunity for investment banks to capture, pool and disseminate their own market data "has been there for a very long time," according to Andrew Miller, managing director of Arcontech, a London-based real-time market data software specialist. But, he says, "MiFID is legislating that things must be done differently, so it's already shaking up the status quo and serving as a catalyst" for brokers across Europe to set up their own market data communities.
Read the Wall Street & Technology article
McCreevy Warns EU Members On MiFID Implementation
Speaking at a dinner this week hosted by the Financial Times, EU Internal Market Commissioner, Charlie McCreevy warned member states that they are likely to face legal action if they are not ready to to introduce the markets in financial instruments directive (MiFID) on time.
The directive needs to be implemented by the end of January 2007, and will come into force in November of that year.
MiFID aims to create a single market for financial products and providers and allow greater competition between different institutions with regard to the provision of certain investment products.
Read the full article on Taxnews.com
Korean Government to Mandate SSL Certificates
Starting January 1, 2007, any businesses in Korea collecting personal information on-line or conducting e-commerce transactions will be mandated to run SSL certificates in the server side. While the client certificates mainly for personal Internet banking and on-line purchases by individuals have been widely and almost ubiquitously used as already mandated by the government, there have been very little adoptions of server certificates meaning this new legislation will be a major shift in the government policy in Korea to drive major adoptions of server certificates. With this legislation, the Korean Government expects on-line businesses in Korea to have 10K new certificates installed by the end of this year and additional 40K within Year 2007.
Read The Article. As we learn more this will be updated.
Data chief challenges US access to European Bank data
Europe's head of data protection has challenged the European Central Bank on its practice of allowing the US secret service access to private bank-transfer data.
The European Data Protection Supervisor, Peter Hustinx, has presented some preliminary observations on the study “The Interception of Bank Transfer Data from the Swift System by the US Secret Services”.
"We have not concluded our investigation on ECB's role yet, but there are already some observations that I can share publicly,” he said.
“I basically challenge the fact that the ECB continued to allow confidential client banking data to pass to the US, although it had become aware of the systematic access by American authorities. Moreover, I cannot help feeling that the ECB should have at least felt morally obliged to inform European governments and authorities about this scheme."
Read the ComputerWeekly.com article then Have Your Say
MiFID could kill LSE, says LogicaCMG
LogicaCMG, the IT company supplying many larger financial services customers, says implementation of MiFID rules could lead to the ‘death' of the London Stock Exchange.
The suggestion comes in a report from financial markets analyst Graham Bishop, commissioned by LogicaCMG , which suggests there are three possible industry scenarios after 1 November next year - when MiFID comes into effect – all of which rest on the development of so-called systematic internalisers.
As the regulations would allow larger financial services groups to match client buy and sell orders internally without being forced to go through a recognised exchange such as the LSE , the question now is to what extent internalisation may take place, the report warns.
Read the full article in ifaonline.co.uk and then Have Your say here
Benchmarking First For Peterevans Xanite
One of the UK 's leading independent software providers for the financial services sector peterevans has achieved the new B.I.S.S. ‘MiFID' benchmark accreditation for its new ‘xanite' suite.
Gary Wright, C.E.O., of B.I.S.S. Research, the exclusive research company offering a unique benchmarking of services and systems in the financial services sector, and creator of the B.I.S.S. business benchmarking concept said:
"peterevans is the first vendor to put their system through the B.I.S.S. ‘MiFID' benchmarking process and have been awarded the B.I.S.S. Accreditation. The B.I.S.S. ‘MiFID' benchmarking examines systems in the myriad of different areas that the MiFID Articles impact, including front, middle, back office, compliance etc. The award is based on how well the technology supports the clients' requirements for MiFID."
Read the article
Banks voice unease on new UK police data powers
In computerweekly.com the following article (of which this is a snippet) appears:
UK banks are up in arms over the privacy threat posed by new government powers allowing the police and other agencies to demand the encryption keys that will unlock confidential data.
They say the powers, which will be put into effect in the next few months, could lead to misuse of disclosed keys and compromise the security of data storage. Individual privacy rights would be undermined in the process, hitting the reputation of the UK financial services industry and discouraging investment in the UK.
The banks have also warned that the enforced disclosure of encryption keys under UK law could place them in conflict with secrecy laws in countries such as Switzerland, which require data encryption keys to be kept confidential.
Read the article on computerweekly.com
Iconium Introduces New Solution To Reduce Burden Of MiFID Planning On British Businesses
Policy Manager Library Comprises Four Key Component Areas, Enabling Firms to Begin Preparing for MiFID Implementation
Iconium, a leading UK developer of corporate governance and compliance solutions, today (26 September 2006) announced an extension to Policy Manager, its industry-leading governance framework solution, with the launch of a comprehensive MiFID Library. Developed in conjunction with financial regulation and risk management experts DXL, the library provides financial services firms with the means to commence preparation for the implementation of the Markets in Financial Instruments Directive (MiFID).
Due for implementation on 1 November 2007, MiFID sets the legislative framework for a single European financial services market. It impacts organisations currently governed by the Investment Services Directive, but also extends the range of instruments and services. MiFID will drive the most far-reaching changes in financial markets for over ten years and have a significant impact on financial services regulation and how firms operate and interact with customers.
The MiFID Policy Manager library will provide firms with a stable framework and a clear adoption strategy of MiFID directives as they appear in the coming 12 months. It allows the creation of policies and provides a platform for them to be communicated to all employees and agents, ensuring client-facing staff have access to their firm's latest interpretation of MiFID and the standard MiFID rules. Once in the implementation phase, the MiFID library will fully demonstrate to the regulator that every attempt has been made to educate staff and agents in the requirements of MiFID and to ensure a compliant and uniform treatment of all customers and counterparties.
Read the article
MiFID intensifies threat to European exchanges
Bourses are rethinking strategies to compete in an altered landscape
The markets in financial instruments directive could be a significant threat to the business models of Europe's bourses but the exchanges have been dealing with a new world order for some time.
The advent of direct market access, algorithmic trading and increasing globalisation have encroached on their territory and forced them to re-evaluate their business models.
Many see Mifid, which comes into force in November next year (2007), as a catalyst that will accelerate changes that have started to alter the stock exchange landscape. These changes have been wrought by electronic trading platforms, banks increasingly internalising their order flow and fund managers looking to achieve best execution. Exchanges have been forced to add to their technology budgets to keep pace with developments.
Read the Financial News article
Basel II, US Banks Have Until January 2008 to Comply Plus 3 Year Transition Period
U.S. banking agencies announced in late 2005 that U.S. banks will be granted an extension to the January 2007 deadline for Basel II compliance by the Bank for International Settlements. In May, the Basel Committee announced plans to maintain the most recently proposed capital-adequacy guidelines, which will decrease reserve levels for internationally active, diversified institutions based on the adopted approach to credit and operational risk. U.S. banks now have until January 2008 to adhere to the new cross-border capital adequacy mandates, plus an additional three-year transition period, while other global institutions will be required to comply by early 2007.
Basel II brings a much greater level of granularity in the assessment of creditworthiness among obligors. The goal is to align global capitalization standards with current banking practices. This will help minimize the potential for regulatory arbitrage-including known instances in which banks have leveraged certain assets to exploit weaknesses in Basel I's risk weighting system. Basel II promotes three mutually reinforcing standards: minimum risk-based capital set-asides; supervisory review of an institution's capital adequacy and internal risk measurement methodologies; and market discipline through disclosure in order to promote sound practices. In the U.S., guidelines will be mandatory for financial institutions with $250 billion or more in assets or $10 billion or more in foreign exposure.
Read the RiskCenter.com article
Deadline for Mifid to be pushed back, warns Farley
The deadline for banks to implement the European Union's Market in Financial Instruments Directive (Mifid) will be put back, according to Peter Farley, managing director of analyst Financial Insights.
“The market is saying it will not happen in November 2007 because those systems would have to be ready by March next year,” he told analyst IDC's European IT Forum 2006. He said, “There's a question about what's implemented on 1 November and where it is implemented, but everything indicates that 1 November is a firm date.”
Mifid requires banks to link their systems to a greater number of financial markets, because banking clients are entitled to the cheapest prices in Europe when transactions are made on their behalf.
Read the ComputerWeekly.com article
IFAs should outsource compliance
Jason Butler, an investment manager and partner, at London-based Bloomsbury Financial Planning said that with increasing regulation, smaller IFAs would have to outsource their compliance in order to stay afloat.
Butler was commenting on the impact of the forthcoming Markets in Financial Instruments Directive (MIFID).
Read the FT.com article
Financial services firms on track for market regulation
Most finance firms are now on track with their preparations for compliance with the Markets in Financial Instruments Directive (MiFID), a new survey by TradeTech and SunGuard has revealed.
MiFID, which comes into force next year, is regarded as the biggest change in the European financial services industry for over a decade.
The directive presents a compliance challenge for IT departments, which are already battling to meet the requirements of the Basel II capital accord, the Sarbanes-Oxley Act and International Financial Reporting Standards.
But a survey of 230 executives from finance firms in 12 European countries found that 84% of respondents said their firm was on track with its MiFID preparation.
Read the article in Computer Weekly
APACS Research reveals people to be unaware of basic security measures when banking online
Research released on 22 September 2006 from APACS, the UK payments association working on behalf of the banking industry, shows that people are still not aware of best practice when it comes to online banking and security. The findings clearly demonstrate that some online banking users are failing to protect themselves, despite widely available advice on how to do so.
The latest study builds on the findings of research carried out in 2004 and shows that people are still unaware of the basic security measures they should have in place to stay safe online. Although internet users are aware of scams such as ‘phishing' and Trojan attacks, they are still overly complacent. They need to do more themselves to understand the risks and find out what they can do to protect themselves and their computers.
Read the article
Barclaycard clears Datanomic to help meet regulatory deadlines
Datanomic, the pioneers of integrated data quality management solutions, has been selected by Barclaycard to supply a software solution for screening clients against commercial Sanctions and PEP watch lists. The Datanomic dn:Match software will be installed at Barclaycard sites in the UK, North America and Africa. The first phase of this contract is operational with remaining phases due for completion before September.
Read the article
Financial services firms over spend to meet new compliance laws
Almost half of financial institutions (49 per cent) are exceeding the expected cost of implementing compliance solutions, according to a study by PMP Research. The research shows 13 per cent of financial services firms have reacted to a wave of new compliance by considerably exceeding their budget. The report shows an effective technology strategy is vital component to a solution for over spending. While 36 per cent of organisations have met their targets, none have come in under budget. The report shows 92 per cent of companies prefer to use in-house expertise as the main route to develop ‘best practice' for governance and compliance. And 72 per cent source information from industry bodies, while only 62 per cent approach external consultants.
Read the Computing article
MiFID Connect to Influence MiFID implementation
A group of 11 UK trade associations have banded together to influence the way the European Union's Markets in Financial Instruments Directive (MiFID) is implemented following fears that City regulators could take an "overly stringent approach" to the new measures, says the FT.
According to the Financial Times report, the associations party to the "highly unusual co-operative effort" include the Association of British Insurers, the British Bankers' Association (BBA), the Investment Management Association (IMA) and the London Investment Banking Association (Liba).
MiFID, which takes effect in November 2007, has been finalised in Brussels but uncertainty remains over how the UK's Financial Services Authority (FSA) will interpret the directive.
The FT says the 11 financial trade associations, which have formed an entity called MiFID Connect, are lobbying to establish a "practical, cost-effective and market-sensitive policy" on the directive's implementation. They hired law firm Clifford Chance to compile a 'Mifid Survival Guide', which is on sale for £1100.
Read the article
The United Kingdom Data Protection (Processing of Sensitive Personal Data) Order 2006
The UK Data Protection (Processing of Sensitive Personal Data) Order 2006 sneaked onto the United Kingdom statute books without any great fanfare on 25 July 2006. It allows the Police to pass details of cautions and convictions relating to certain offences of viewing child pornography over the internet, to banks and card providers, so that they can cancel the credit/debit/charge cards that were used in purchasing such images.
Read the article
SWIFT in Dock re Privacy?
A human rights group has announced that it has lodged complaints with data protection authorities in 32 countries against Society for Worldwide Interbank Financial Telecommunications, or SWIFT (a consortium of financial institutions), claiming that it has violated European and Asian data protection rules by providing the USA with confidential information about international money transfers.
SWIFT is the nerve centre of the global banking industry. It operates a secure electronic messaging service that 7,800 financial institutions use to communicate with their counterparts in more than 200 countries. Each day, the network routes nearly 4.8 trillion euros, among banks, brokerages, stock exchanges and other institutions.
Read the article
Charles Schwab Selects VeriSign Identity Protection For Online Clients
VeriSign today (25 May 2006) announced that Charles Schwab has selected VeriSign to provide a full set of online security services for their clients.
Under terms of the agreement, Charles Schwab will deploy both VeriSign Identity Protection (VIP) Fraud Detection and Authentication Services to secure client login and transaction information. Additionally, Charles Schwab plans to become an anchor tenant of the VIP Fraud Intelligence and Shared Authentication Network. The VIP Shared Authentication Network is already supported by PayPal, eBay and Yahoo!
Click Here for the full article
Whither Chip and PIN?
It can't just be Shell and its UK filling stations that makes us doubt Chip and PIN, but Shell slamming its Chip and PIN equipment shut last week certainly pours a whole lot of cold water on the technology, brought in with such a fanfare in February 2006.
Before the Chip and PIN Day we had our doubts, but oddly they were not about the technology presenting attack vulnerabilities. Instead we were worried about the things ordinary people worry about:
- What if I forget my PIN?
- Why do I need to remember yet another number?
- Why is this better than a signature?
- How do I stop people looking over my shoulder wherever I use the card? I can do it at an ATM, but at the supermarket, in the newsagent, at the dentist, that is just plain impossible
- What if I lose my card? I now need two separate letters, one with a card and the other with a PIN before I can fill my car with petrol!
Which brings us back to Shell
Just How Secure is Chip and PIN
If you knew that the unit you put your Chip and PIN card into could be transmitting your details to a fraudster, how happy would you be to use the card ever again? Just how secure is Chip and PIN? Has this new technology simply played into the hands of the fraudster? And where will that leave Smart Card based ID Card Systems like that proposed for the United Kingdom?
In fact, just how smart is it to enter your PIN nowadays, and just what is waiting to catch you out?
We're not talking about technology that is simple but "old hat", here. While it's well known that cameras can be aimed at ATMs to snoop on our keystrokes and on our card number when we key the data in, these are the crude end of the current advanced technology offerings.
Click Here for the full article
Improving online consumer confidence through mutual authentication
When the first cars were produced it is a pretty safe bet that they weren't fitted with an alarm, immobiliser or tracking device. Such advances in car security were introduced in response to escalating car crime.
Almost daily online security threats emerge, threats which are eroding already fragile consumer confidence.
Without consumer confidence the cost effective and efficient online channel could well become marginalised.
But this is only one side of the story. The growing fraud losses that online service providers such as banks or merchants suffer could render their business model void.
Click Here for the full article
VeriSign's Sclavos: "enable and protect interaction"
A slogan of the multinational VeriSign is: "enable and protect interaction." To this end, the company focuses on security and authentication, but also on guaranteeing the stability of the Web domain system. According to its president, Stratton Sclavos, "It is unclear how governments are evolving on issues of identification." In an interview with Navegante, Sclavos explained his new universal identification system for the Web, called VIP. This comes at a time when Spain is betting on the Internet with its new electronic NID (National Identification Document).
Stratton Sclavos outlines VeriSign's approach to threats, solutions and the ICANN Domain names comntroversy in a major interview for Spain on 29th March 2006
Click Here for the full interview
Durant to Take Case to Strasbourg
Michael Durant, seen by some as a campaigner for strong and correct enforcement of the United Kingdom Data Protection Act 1998, but in reality a man fighting for justice, failed to convince the UK courts of his case against the FSA and Barclays.
He will now be seeking leave to take his case to the European Court of Human Rights in Strasbourg.
Click Here for the full article
VeriSign Announces Fraud Detection Service, Acquires Snapcentric
VeriSign, the leading provider of intelligent infrastructure services for the Internet and telecommunications networks, today (10 February 2006) announced the VeriSign Fraud Detection Service, a new solution that forms part of VeriSign's overall layered authentication solution targeted at preventing online identity theft. In support of this new service, VeriSign has also reached a definitive agreement to acquire Snapcentric, Inc , a provider of online fraud detection solutions using advanced anomaly detection technology. The newly acquired technology will be a key addition to VeriSign's suite of authentication solutions, providing an invisible layer of protection against online fraud.
Click Here for the full article
Inspiring Consumer Confidence: Know the scams
Shopping online offers immediate gratification for customers looking for ease and convenience - especially during the holidays. But just as e-commerce is growing year after year, your customers are also growing increasingly wary of Internet scams. By educating customers on the latest scams, and establishing your site as a trustworthy business, you can help inspire your potential customers to shop at your site with confidence.
Click Here for the full article
MiFID - the Markets in Financial Instruments Directive - Market Awareness
We first brought news on the MiFID on 23rd November 2005. There was a major set of press articles and much informed comment. At that point we asked you what effect MiFID would have on you. After a month the overwhelming reaction, 62%, is "Huh? What is it?"
Click Here for the full article
Brussels Pauses Financial Regulations
Brussels has granted the financial sector a breathing space in the welter of Regulations after the huge number than that have been imposed over the last very few years. Many planned items are "paused"
Click Here for the full article
Nearly Half of Consumers Worldwide Willing to Switch Banks for More Security
Forty-five% of consumers worldwide are willing to switch to financial institutions that offer more security protection, according to new research from Unisys Corporation that polled more than 8,000 people around the world on identity fraud and bank security issues.
Click Here for the full article
MiFID'S Potential Impact on Europe's Securities Markets
The Markets in Financial Instruments Directive (MiFID) is likely to be one of the greatest legislative changes seen in Europe 's securities markets in over two decades. The intention of MiFID is to raise the standards of the European investment markets to US market levels and in particular, focus on best execution, investor protection, and transparency of trading.
Click Here for the full article
MiFID - the Markets in Financial Instruments Directive
Alongside Sarbanes Oxley and Basel 2 is the MiFID, which, if the European Parliament has its way, will be delivered inside two years. And this régime has swingeing penalties for failure to conform and will dwarf the budgetary impact of SOX and Basel 2 put together
Click Here for the full article
Password-stealing keyloggers skyrocket
Hackers are on target to release more than 6,000 keystroke loggers in 2005, a 65 per cent increase from the 3,753 keyloggers released last year, according to security intelligence organisation iDefense.
Click Here for the full article
Liberty Alliance to Speed Wide-Scale Adoption of Strong Authentication Solutions
The Liberty Alliance Project announced the formation of a global, cross-organizational expert group focused on developing open specifications for interoperable strong authentication. Liberty's new Strong Authentication Expert Group has been created to speed the worldwide deployment of interoperable strong authentication and to help organizations meet new industry-wide demands for universal strong authentication solutions.
Click Here for the full article
Spear-phishing – the new corporate threat
Spear-phishing attacks are on the increase according to IBM and others. Unlike traditional phishing attacks which randomly spam thousands of e-mail addresses, spear-phishing attacks specific targets. It's more difficult to set up but the rewards can be far higher because a successful attack gives the “spear-phisher” massive access within a corporation. To date such attacks have largely gone unreported because companies fear the loss of trust that would occur if they went public.
Click Here for the full article
Blacklist of 'risky' bank staff
Banks and similar organisations already run reference and background checks on new employees but an extra security measure is needed, according to Bits, a consortium of 100 of the largest US financial institutions. The new database, announced last week, will list information on employees at financial institutions who were fired because they compromised customer data or knowingly caused financial losses, the group said.
Click Here for the full article
Banks opting for Outsourced Managed Security Services
Eighty-three per cent of the world's largest banks openly admit that their systems were threatened last year by external attackers, according to a 2004 Deloitte Security Study of CIOs and IT security officers representing the world's 100 largest banks. In 2002, the figure stood at only 39 per cent. Not only is the number of attacks increasing, but so too are their intensity: 40 per cent of the banks affected reported that those attacks resulted in financial losses.
Click Here for the full article
U.S. Regulators Delay Basel 2 Requirements
The four U.S. banking agencies announced that they will delay the publication of new rules related to the Basel II Capital Accord.
Click Here for the full article
