Payments Fraud: It's Not Fun & Games
|
|
- Brittney White
- 8 years ago
- Views:
Transcription
1 Payments Fraud: It's Not Fun & Games Claudia Swendseid Senior Vice President Payments Information & Outreach Office Federal Reserve Bank of Minneapolis NACHA Payments 2015
2 Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis Serves on the Minneapolis Bank s senior management committee Provides executive oversight to operations, customer service, technology & payments functions, as well as to the Financial Services Policy Committee Support Office Conducts industry relations on behalf of the Federal Reserve System, serving as a liaison to selected national banking & business associations Vice Chair, Accredited Standards Committee X9, Financial Industry Standards Federal Reserve Banks Provide financial services to depository institutions & U.S. government Supervise & regulate financial institutions Establish & execute U.S. monetary policy Maintain a stable financial system & contain systemic risk 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 2
3 Agenda Interactive Format for Session Payment Fraud Attempts & Losses Fraud Schemes Fraud Mitigation Methods Disclaimer: The opinions expressed are those of the individual presenter & not those of the Federal Reserve System or any Federal Reserve Bank 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 3
4 Fraud Attacks 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 4
5 Payment Fraud Attempts & Losses What are the top 3 payment types where financial institution (FI) respondents experienced the highest number of fraud attempts (regardless of actual financial losses) in 2013? 100% 80% 60% 40% 20% 0% 87% 83% Debit signature Top 3 Payment Types with Highest Number of Fraud Attempts by % of FS Respondents with Fraud Attempts 57% 54% 46% 45% Checks Debit PIN 26% 25% 16% 15% ACH debits Credit cards 15% 6% Wire ACH credits 2014 (N=308) 2012 (N=668) 4% 2% 2% 2% 1% 0% Cash Prepaid cards Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 5
6 Payment Fraud Attempts & Losses What percentage of FIs (A) & businesses (B) experience financial loss due to payments fraud? Percent of FS Organizations with Payment Fraud Losses in 2013 Percent of Businesses with Payment Fraud Losses in 2013 Experienced losses 76% Experienced losses 30% No losses 16% No losses 51% Don't know 8% (N=386) Don't know 19% (N=293) Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 6
7 Unauthorized Transactions by Payment Method What payment type has the highest loss rate due to unauthorized transactions? Source: 2013 Federal Reserve Payments Study 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 7
8 Payment Fraud Losses What are the top 3 payment types where FIs (A) & businesses (B) experienced their highest financial loss due to payments fraud? A: Top 3 Payment Types Identified by % of FS w/ Fraud Losses (N=278) 1. Debit Signature (94%) 2. Debit PIN (60%) 3. Checks (55%) B: Top 3 Payment Types Identified by % of Biz w/ Fraud Losses (N=87) 1. Credit Cards (67%) 2. Checks (63%) 3. Debit Signature (20%) Fraud loss pain points differ for FIs & Businesses Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 8
9 Fraud Schemes 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 9
10 Fraud Schemes What are the top 3 most used fraud schemes involving payments by or on behalf of FI customers? Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 10
11 Source of Data Used in Payment Fraud Schemes What are the top sources used by fraudsters to obtain sensitive" information? Top 3 Information Sources Used in Fraud Schemes Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results FS (N=310) Biz (N=191) All Org. (N=501) Information obtained from lost or stolen card, check, document or device while in consumer's control 45% 30% 40% & webpage cyber attacks to obtain "sensitive" customer information, e.g., phishing, spoofing 35% 24% 31% Physical device tampering, e.g., use of skimmer 37% 10% 27% Data breach due to computer hacking 34% 9% 25% Org's info obtained from a legitimate check issued 18% 35% 25% Information about customer obtained by family or friend 25% 9% 19% 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 11
12 Payment Card Skimmers What asset is most affected w/ card skimmers? ATM (terminal) Gas Terminal (terminal) Access Reader (network) PED Pad (terminal) POS Terminal (user dev) Backup (server) Database (server) Mail (server) Mainframe (server) Proxy (server) 9% 2% 2% 2% 1% 1% 1% 1% 1% 87% Source: Verizon 2014 Data Breach Investigations Report 0% 20% 40% 60% 80% 100% 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 12
13 Publicly Reported Data Breaches In publicly reported 2013 data breaches, how may millions of records were exposed? Millions of Records (left scale) Breaches (right scale) Records Exposed Incidents Note: The number of records exposed is a lower bound because the number is not available in 35 percent of breaches. Source: FRB Kansas City Economic Review, Oct Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 13
14 Risk Mitigation 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 14
15 Internal Controls & Procedures Internal Controls & Procedures Currently Use Very Effective (% (% of of FS) FS) Address exception items timely 98% 76% Periodic internal/external audits 98% 74% Logical access controls to network/payment applications 95% 85% Verify controls applied via audit or management review 94% 73% Dual control/separate duties w/in payment processes 93% 82% Reconcile bank accounts daily 93% 82% Transaction limits for payment disbursements 92% 72% Authentication/authorization controls to payment processes 92% 85% Physical access controls to payment processing functions 91% 81% Review card-related reports daily 89% 72% Restrict/limit employee Internet use from org's network 84% 56% Prohibit use of BYOD for processing of org s payments 83% 77% Transaction limits for corporate card purchases 80% 70% Separate banking accounts by purpose or payment type 75% 68% Employee hotline to report potential fraud 44% 52% Dedicated computer to conduct transactions w/fi or FS 35% 82% FIs are (% of FS Using) heavy users of internal controls What controls are rated very effective by 80% or more of FIs using them? Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 15
16 Customer Authentication Methods Customer Authentication Methods Currently Use Use Very Effective (% of (% FS) of FS) Multi-factor authentication 90% 90% 76% PIN authentication 89% 89% 56% Signature verification 85% 85% 43% Customer authentication for online transactions 82% 82% 60% Magnetic stripe authentication 77% 77% 35% Verify card security code (CVV2, CVC2, or CID codes) 73% 73% What 36% Positive ID of purchaser for in-store/person transactions 68% 68% methods 65% are Real-time decision support during account application or POS 66% 66% 66% rated very Token authentication (USB token or fob) 45% 45% 89% Out-of-band authentication 44% 44% effective 75% by Mobile device to authenticate person 27% 27% 70% or 73% more Verify customer ID is authentic (magnetic stripe) 26% 26% of FIs using 56% Biometrics authentication 6% 6% 71% them? Card chip authentication 2% 2% 71% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results Effectiveness (% of FS Using) of authentication methods change 50% of FIs plan to use card chip authentication by Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 16
17 Transaction Screening & Risk Management Methods Transaction Screening & Risk Management Methods Currently Use Use (% (% of of FS) FS) Methods Very Effective used (% of FS are Using) manual & automated What methods are rated very effective by 50% or more of FIs using them? Provide staff education on payment fraud risk mitigation 93% 93% 46% Human review of payment transactions 79% 79% 49% Fraud detection pen for currency 76% 76% 54% Buy insurance coverage to minimize risk 75% 75% 40% Provide customer education on payment fraud risk mitigation 72% 72% 26% Participate in fraudster databases & receive alerts 71% 71% 39% Fraud detection software with pattern matching 63% 63% 57% Centralized risk management department 52% 52% 55% Centralized fraud info database - one payment type 45% 45% 52% Centralized fraud info database - multiple payment types 32% 32% 54% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 17
18 FS Risk Services Offered to Commercial Account Holders Currently Offer Risk Services Offered to Business Clients (% of FS) Very Online Effective (% of FS (% of Biz Offering) information Using) services & multi-factor authentication are offered by most FIs to their biz clients Are FIs offering tools that are rated most effective? Very Effective Online information services, e.g., statements 90% 60% 67% Multi-factor authentication to initiate payments 83% 78% 88% Account alert services 69% 51% 64% Payment fraud prevention training 61% 42% 51% Account masking services 50% 47% 70% ACH debit blocks 48% 67% 90% Fraud loss prevention services 43% 49% 60% Card alert services for commercial/corporate cards 39% 67% 71% Check positive pay/reverse positive pay 32% 68% 93% ACH debit filters 31% 66% 91% Check payee positive pay 21% 70% 94% ACH positive pay 20% 77% 83% Post no check services 19% 73% 96% Tokenization of sensitive information 15% 80% 92% ACH payee positive pay 14% 76% 83% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 18
19 Opportunities to Reduce Payments Fraud 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 19
20 Controlling Fraud Losses What key changes to payments risk management practices are FIs making to mitigate payments fraud losses? Key Changes Made to Payments Risk Management Practices by % of FS Respondents that Made Changes (N=251) Staff training & education Enhanced fraud monitoring system Enhanced internal controls & procedures Increased use of risk mgmt tools offered by financial service provider Enhanced methods to authenticate customer 73% 67% 54% 47% 46% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 20
21 Most Needed Improvements What are the top two most needed improvements to reduce payments fraud? Most Needed New or Improved Methods to Reduce Payments Fraud FS (N=297) Non-FS (N=185) All Orgs (N=482) Replacement of card/magnetic stripe with EMV chip technology 75% 50% 65% Controls over Internet payments 62% 44% 55% More aggressive law enforcement 48% 45% 47% Consumer education on fraud prevention 49% 27% 40% Controls over mobile payments 44% 30% 39% Information sharing on emerging fraud tactics conducted by criminal rings 35% 45% 39% Industry specific education on best prevention practices for fraud 26% 37% 30% Industry alert services 26% 36% 30% Tokenization of sensitive information 27% 35% 30% Image survivable check security features for business checks 11% 19% 14% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 21
22 Preferences in Adoption of Authentication Methods Why is Chip & PIN preferred? Smart chip cards/devices contain embedded microprocessors that provide strong security features against counterfeit fraud in card present transactions Dynamic data authentication is an authentication technique used in chip transactions & protects against card skimming, counterfeiting & replay fraud Chip & PIN authentication is more secure because it requires two factors for authentication what you have, the chip (in a card or a mobile device) & what you know, the PIN Authentication Method Preferences Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results FS (N=295) Biz (N=151) All Orgs (N=436) Chip & PIN requirement 80% 27% 70% Chip for dynamic authentication 68% 18% 56% Multi-factor authentication 48% 20% 44% PIN requirement 30% 18% 31% Physical Token 27% 18% 29% Mobile device to authenticate person Out-of-band/channel authentication to authorize payment 32% 12% 28% 33% 6% 25% Biometrics 18% 7% 16% 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 22
23 Main Barriers to Fraud Mitigation What is the top barrier? Main Barriers FS (N=250) Non-FS (N=154) All Orgs (N=404) Lack of staff resources 60% 55% 58% Lack of compelling business case (cost vs. benefit) to adopt new or change existing methods 36% 53% 42% Consumer data privacy issues/concerns 37% 25% 32% Corporate reluctance to share information due to competitive issues Cost of implementing commercially available fraud detection tool/service 24% 36% 28% 21% 8% 16% Cost of implementing in-house fraud detection tool/service 17% 12% 15% Source: Federal Reserve 2014 Payments Fraud Survey - Summary of Consolidated Results 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 23
24 What Should FIs & Others Be Doing? Ensure fraud prevention & detection is an organizational objective Set policies, establish procedures, monitor compliance, & take action on exceptions Leverage cost effective tools & processes to address vulnerabilities Use a layered approach Educate & train employees on fraud prevention Educate consumer & corporate customers on fraud; promote prevention services, as appropriate Monitor & measure fraud attempts & losses Update defenses; best practices today may not be best practices tomorrow 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 24
25 Resources 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 25
26 Resources Federal Reserve Bank of Minneapolis & our payments information resources Federal Reserve Payments Fraud Survey Ninth District & Consolidated Results Industry & Government Information-Sharing Resources Related to Payments Fraud Payments Fraud Liability Matrix Federal Reserve System 2013 Federal Reserve Payments Study earch.html Summary & Detailed Reports Strategies for Improving the U.S. Payment System Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 26
27 Questions? 2015 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent. 27
2014 Payments Fraud Survey
2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud
More information2014 Payments Fraud Survey Summary of Results
2014 Payments Fraud Survey Summary of Results Federal Reserve Bank of Dallas FIRM Financial Institution Relationship Management November 5, 2014 Contents Introduction... 2 Respondent Profile... 3 Summary
More informationU.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon
U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon UMACHA Navigating Payments 2014 October 8, 2014 Who We Are Claudia
More informationBriefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication.
Polling Question Briefly describe the #1 problem you have encountered with implementing Multi-Factor Authentication. Please type in your response. This poll will close promptly at 1:00 pm CDT Getting the
More informationYour Single Source. for credit, debit and pre-paid services. Fraud Risk and Mitigation
Your Single Source for credit, debit and pre-paid services Fraud Risk and Mitigation Agenda Types of Fraud Fraud Identification Notifications Next Steps 11/8/2013 2 Types of Fraud Lost and Stolen Cards
More informationPCI and EMV Compliance Checkup
PCI and EMV Compliance Checkup ATM Security Jim Pettitt Director, ATM Security Diebold Incorporated Agenda ATM threats today Top of mind risk PCI Impact on Security U.S. EMV Migration Conclusions / recommendations
More informationPCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:
What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationHeartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development
A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names
More informationFraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank
Fraud Detection and Prevention Timothy P. Minahan Vice President Government Banking TD Bank Prevention vs. Detection Prevention controls are designed to keep fraud from occurring Detection controls are
More informationImproving Small Business Payments Processing
Improving Small Business Payments Processing ASBDC State Directors Conference March 19, 2012 Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis 2012 Federal Reserve Bank of Minneapolis.
More informationEnhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011
Enhancing Payment Card Security New Measures to be Phased in from 2 nd Quarter 2010 to 1 st Quarter 2011 On 5 th March 2010, The Association of Banks in Singapore announced key measures to adopt a holistic
More informationFFIEC CONSUMER GUIDANCE
FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their
More informationEMV and Small Merchants:
September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service
More informationTHE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP
THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit
More informationEMV's Role in reducing Payment Risks: a Multi-Layered Approach
EMV's Role in reducing Payment Risks: a Multi-Layered Approach April 24, 2013 Agenda EMV Rationale Why is this worth the effort? Guides how we implement it EMV Vulnerability at the POS EMV Impact on CNP
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationOnline Cash Management Security: Beyond the User Login
Online Cash Management Security: Beyond the User Login Sonya Crites, CTP, SunTrust Anita Stevenson-Patterson, CTP, Manheim February 28, 2008 Agenda Industry Trends Government Regulations Payment Fraud
More informationHere are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online.
Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit
More informationPayment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.
Payment Methods The cost of doing business Michelle Powell - BASYS Processing, Inc. You ve got to spend money, to make money Major Industry Topics Industry Process Flow PCI DSS Compliance Risks of Non-Compliance
More informationEMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems
October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks
More informationPayments Fraud Best Practices
Stephen W. Markwell Disbursements Product Executive J.P. Morgan Pamela R. Malmos Director Finance, Treasury Operations ConAgra Foods, Inc. Fraud Prevention Laura Howley, CTP Director, Global Treasury Operations
More informationAdvancing B2B Electronification Through Standards. Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis
Advancing B2B Electronification Through Standards Claudia Swendseid Senior Vice President Federal Reserve Bank of Minneapolis Chicago Payments Symposium September 25, 2014 Agenda 1. B2B Payment Trends
More informationPhishing for Fraud: Don't Let your Company Get Hooked!
Phishing for Fraud: Don't Let your Company Get Hooked! March 2009 Approved for 1 CTP/CCM recertification credit by the Association for Financial Professionals 1 Today s Speakers: Joe Potuzak is Senior
More informationTarget Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
More informationDon t be tomorrow s headline: Protect and secure payment information
Don t be tomorrow s headline: Protect and secure payment information Lexi Custis VP ereceivables Consultant Reid Andrews VP Treasury Management Consultant October 2015 Staunton, VA 2014 Wells Fargo Bank,
More information1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches.
Part 1: Internal & External Data Breach Vulnerabilities Presented on: Thursday, February 12, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Joe Majka CSO at Verifone 1 Breakdown
More informationAre All High-Risk Transactions Created Equal?
Are All High-Risk Transactions Created Equal? How to Minimize FFIEC Exam Pain 1 Lee Wetherington, AAP Director of Strategic Insight ProfitStars @leewetherington Agenda New Supplement to FFIEC Guidance
More informationSuzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1
Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1 The most significant trend is decreasing paper payments and increasing electronic payments. Many organizations are also seeing
More information6-8065 Payment Card Industry Compliance
0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card
More informationSecuring the Payments System. The facts about fraud prevention
Securing the Payments System The facts about fraud prevention Contents Introduction 3 Visa s Security Programme 4 Fraud Types and Threats 6 Fraud Statistics and Research 7 Visa s Security Agenda for New
More informationPCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:
Effective Date: August 2008 Approval: December 17, 2015 PCI General Policy Maintenance of Policy: Office of Student Accounts PURPOSE: To protect against the exposure and possible theft of account and personal
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationFFIEC Supplemental Guidance to Authentication in an Internet Banking Environment. Robert Farmer Senior Technology Compliance Manager
FFIEC Supplemental Guidance to Authentication in an Robert Farmer Senior Technology Compliance Manager 1 888 250 4400 Effective Date The FFIEC Supplement to Authentication in an was issued on June 28,
More informationFraud Protection, You and Your Bank
Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com
More informationDATA SECURITY, FRAUD PREVENTION AND COMPLIANCE
DATA SECURITY, FRAUD PREVENTION AND COMPLIANCE December 2015 English_General This presentation was prepared exclusively for the benefit and internal use of the J.P. Morgan client or potential client to
More informationPayment Card Industry (PCI) Policy Manual. Network and Computer Services
Payment Card Industry (PCI) Policy Manual Network and Computer Services Forward This policy manual outlines acceptable use Black Hills State University (BHSU) or University herein, Information Technology
More informationTop Ten Fraud Risks That Impact Your Financial Institution. Presented by Ann Davidson - VP Risk Consulting Allied Solutions LLC.
Top Ten Fraud Risks That Impact Your Financial Institution Presented by Ann Davidson - VP Risk Consulting Allied Solutions LLC Agenda Education on understanding the fraud risk Take away.. Education to
More informationtoast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard
toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard Table of Contents For more than 40 years, merchants and consumers have used magnetic stripe credit cards and compatible
More informationWhat Merchants Need to Know About EMV
Effective November 1, 2014 1. What is EMV? EMV is the global standard for card present payment processing technology and it s coming to the U.S. EMV uses an embedded chip in the card that holds all the
More informationCash 257 Merchant Services and Revenue Collection
CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationCOLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL
PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card
More informationBusiness Internet Banking / Cash Management Fraud Prevention Best Practices
Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization
More informationBattling Payment Fraud: The Never Ending Story. Presented by: Peter Tristani, Vice President, Payments and Remittance
Battling Payment Fraud: The Never Ending Story Presented by: Peter Tristani, Vice President, Payments and Remittance Agenda Overview Fraud: The Big Picture Evolving Fraud Impact of Fraud on Corporations
More informationOffice of Finance and Treasury
Office of Finance and Treasury How to Accept & Process Credit and Debit Card Transactions Procedure Related Policy Title Credit Card Processing Policy For University Merchant Locations Responsible Executive
More informationDATA SECURITY: EVERYTHING YOU NEED TO KNOW
DATA SECURITY: EVERYTHING YOU NEED TO KNOW! Data Breaches: Where, What and Why! Federal and State Regulations to Protect Data! EMV Chip Technology! PIN or Signature?! Existing and Emerging Security Options!
More informationThe Canadian Migration to EMV. Prepared By:
The Canadian Migration to EMV Prepared By: December 1993 Everyone But The USA Is Migrating The international schemes decided Smart Cards are the way forward Europay, MasterCard & Visa International Produced
More informationDELIVERING CASH THROUGH CARDS
The CaLP is the Cash Learning Partnership of Oxfam GB, Save the Children, the British Red Cross, Action Against Hunger / ACF International and the Norwegian Refugee Council. THE CASH LEARNING PARTNERSHIP
More informationMitigating Fraud Risk Through Card Data Verification
Risk Management Best Practices 11 September 2014 Mitigating Fraud Risk Through Card Data Verification AP, Canada, CEMEA, LAC, U.S. Issuers, Processors With a number of cardholder payment options (e.g.,
More informationFFIEC BUSINESS ACCOUNT GUIDANCE
FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit unions and business account holders to make online banking safer and more secure from account hijacking and unauthorized funds
More informationCybersecurity. Regional and Community Banks. Inherent Risks and Preparedness. www.bostonfed.org
Cybersecurity Inherent Risks and Preparedness Regional and Community Banks www.bostonfed.org Disclaimer The opinions expressed in this presentation are intended for informational purposes, and are not
More informationEFT Industry and BSA/AML Dan Altman
EFT Industry and BSA/AML Dan Altman Sr. IT and Risk Consultant Background Dan Altman, Sr. IT and Risk Consultant SHAZAM Internal Audit SHAZAM Secure o IT Exam, ACH Exam, BSA Exam, IT Consulting, Security
More informationSupplement to Authentication in an Internet Banking Environment
Federal Financial Institutions Examination Council 3501 Fairfax Drive Room B7081a Arlington, VA 22226-3550 (703) 516-5588 FAX (703) 562-6446 http://www.ffiec.gov Purpose Supplement to Authentication in
More informationPreparing for EMV chip card acceptance
Preparing for EMV chip card acceptance Ben Brown Vice President, Regional Sales Manager, Wells Fargo Merchant Services Lily Page Vice President, Wholesale ereceivables, Wells Fargo Merchant Services June
More informationPayments Industry Glossary
Payments Industry Glossary 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material are the property of their respective owners. A ACH: Automated Clearing
More informationGladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT
Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection Foreword The consumerization
More informationQuestions You Should be Asking NOW to Protect Your Business!
Questions You Should be Asking NOW to Protect Your Business! Angi Farren, AAP Senior Director Jen Wasmund, AAP Compliance Services Specialist 31 st Annual Conference SHAPE YOUR FUTURE April 23, 2013 Regional
More informationTop Authentication & Identification Methods to Protect Your Credit Union
Top Authentication & Identification Methods to Protect Your Credit Union Presented on: Thursday, May 7, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Tammy Behnke Credit
More informationTorn Identity: Preventing New Forms of Corporate Identity Theft
Torn Identity: Preventing New Forms of Corporate Identity Theft Bonnie J. Hertz, CTP Cash Manager North Pacific Group, Inc. Greg Hansen VP, Product Management Wells Fargo Bank 1 Agenda Overview of fraud
More informationPayment Fraud and Risk Management
Payment Fraud and Risk Management Act Today! 1. Help protect your computer against viruses and spyware by using anti-virus and anti-spyware software and automatic updates. Scan your computer regularly
More informationCommercial Payments Overview. Visa Commercial Partnerships October 2013
Commercial Payments Overview Visa Commercial Partnerships October 2013 Agenda Commercial Payments VisaNet Commercial Payments Trends Fraud/Risk Mitigation Regulatory update Visa Commercial Payments Overview
More informationRF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards
RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:
More informationTop Fraud Trends Facing Financial Institutions
Top Fraud Trends Facing Financial Institutions Presented on: October 7, 2015, 2-3 ET Presented by: Ann Davidson - VP of Risk Consulting at Allied Solutions Webinar Agenda 1. Fraud trends in 2015 and beyond
More informationBusiness ebanking Fraud Prevention Best Practices
Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special
More informationCPIM Academy. Cash 257 Merchant Services and Revenue Collection
CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit
More informationInformation Technology
Credit Card Handling Security Standards Overview Information Technology This document is intended to provide guidance to merchants (colleges, departments, organizations or individuals) regarding the processing
More informationWith the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.
With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more
More informationIdentifying Key Risk Indicator
PUERTO RICO PAYMENTS SYMPOSIUM Identifying Key Risk Indicator EPOCPR Services Agenda for Today Background History Regulators & Risk Management Let s have fun Regulators & Risk Assessment ACH Risks Categories
More informationFailure to follow the following procedures may subject the state to significant losses, including:
SUBJECT: Policy and Procedures PAGE: 1 of 5 INTRODUCTION During fiscal year 2014, State of Wisconsin agencies accepted approximately 6 million credit/debit card payments through the following payment channels:
More informationOverall, which types of fraud has your organisation experienced in the past year?
1) Overall, which types of fraud has your organisation experienced in the past year? Insider fraud Corporate Account Takeover Consumer Account Takeover ATM/ABM (skimming, ram raid, etc.) Bill pay Cheque
More informationUCSD Credit Card Processing Policy & Procedure
UCSD Credit Card Processing Policy & Procedure The Payment Process UCSD accepts Visa, MasterCard, American Express and Discover credit cards. We perform credit transactions only, no debit sales with cash
More informationEMV in Hotels Observations and Considerations
EMV in Hotels Observations and Considerations Just in: EMV in the Mail Customer Education: Credit Card companies have already started customer training for the new smart cards. 1 Questions to be Answered
More informationDEBIT and CREDIT CARDS
1. What is a credit card and how it differs from a debit card? A payment card is a piece of plastic containing essential banking information about the holder authorizing him to pay for goods and services
More informationCAPITAL PERSPECTIVES DECEMBER 2012
CAPITAL PERSPECTIVES DECEMBER 2012 MITIGATING PAYMENT FRAUD RISK: IT S A WAR ON TWO FRONTS Payment fraud continues to be one of the biggest risk management challenges facing corporate treasury managers
More informationTHE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS
THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What
More informationFraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association
Fraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association Evolution of Risk Management Controls Presentation text goes here. Presentation text goes
More informationHow Secure are Contactless Payment Systems?
SESSION ID: HT-W01 How Secure are Contactless Payment Systems? Matthew Ngu Engineering Manager RSA, The Security Division of EMC Chris Scott Senior Software Engineer RSA, The Security Division of EMC 2
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationEMV and Restaurants What you need to know! November 19, 2014
EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability
More informationPresented By: Corporate Security Information Security Treasury Management
Presented By: Corporate Security Information Security Treasury Management Is Your Business Prepared for a Cyber Incident? It s not a matter of if, it s a matter of when Cyber Attacks are on the Rise; Physical
More informationABA Deposit Account Fraud Survey
ABA Deposit Account Fraud Survey Presented by: Steve Kenneally, Vice President, Payments & Cybersecurity Policy Jane Yao, Senior Vice President, Benchmarking & Survey Research aba.com 1-800-BANKERS 1 2015
More informationCard Network Update Chip (EMV) Acceptance in the United States At-A-Glance
Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Allegiance Merchant Services is committed to assisting you in navigating through the various considerations that you may face
More informationPrevention Is Better Than Cure EMV and PCI
Prevention Is Better Than Cure EMV and PCI Prevention Is Better Than Cure An independent view on the effectiveness of EMV and PCI in case of large-scale card compromise. Over the past couple of months,
More informationPREVENTING PAYMENT CARD DATA BREACHES
NEW SCIENCE TRANSACTION SECURITY ARTICLE PREVENTING PAYMENT CARD DATA BREACHES DECEMBER 2014 UL.COM/NEWSCIENCE NEW SCIENCE TRANSACTION SECURITY OVERVIEW From research on the latest electronic transaction
More informationUnderstand the Business Impact of EMV Chip Cards
Understand the Business Impact of EMV Chip Cards 3 What About Mail/Telephone Order and ecommerce? 3 What Is EMV 3 How Chip Cards Work 3 Contactless Technology 4 Background: Behind the Curve 4 Liability
More informationAccount-to-Account Transfer Services Risk
Account-to-Account Transfer Services Risk This white paper is part of the Risk Management White Paper Series, which CUNA Mutual Group provides exclusively to its Bond policyholders. TABLE OF CONTENTS Table
More informationPCI Data Security Standards. Presented by Pat Bergamo for the NJTC February 6, 2014
PCI Data Security Standards Presented by Pat Bergamo for the NJTC February 6, 2014 Introduction 3/3/2014 2 Your Speaker Patrick Bergamo, CISSP Director of Information Security & Delivery Delta Corporate
More informationHow To Control Credit Card And Debit Card Payments In Wisconsin
BACKGROUND State of Wisconsin agencies accepted more than 6 million credit/debit card payments annually through the following payment channels: Point of Sale (State agency location) Point of Sale (Retail-agent
More informationPayment Cardholder Data Handling Procedures (required to accept any credit card payments)
Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Introduction: The Procedures that follow will allow the University to be in compliance with the Payment Card Industry
More informationEMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com
EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed
More informationCorbin Del Carlo Director, National Leader PCI Services. October 5, 2015
PCI compliance: v3.1 Key Considerations Corbin Del Carlo Director, National Leader PCI Services October 5, 2015 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice
More informationPerspectives on retail payments fraud
Perspectives on retail payments fraud Steve Malphrus Let me begin by saying that I am not here to lecture, but rather to learn. Today, I would like to talk about a couple of things. First, I would like
More informationATM FRAUD AND COUNTER MEASURES
ATM FRAUD AND COUNTER MEASURES GENESIS OF ATMs An automated teller machine was first introduced in 1960 by City Bank of New York on a trial basis. The concept of this machine was for customers to pay utility
More informationFinancial Transactions and Fraud Schemes
Financial Transactions and Fraud Schemes Asset Misappropriation: Fraudulent Disbursements Fraudulent Disbursement Schemes Register disbursement schemes Check tampering schemes Payroll schemes Billing schemes
More informationDATA BREACHES AND ITS IMPACT ON CONSUMERS
DATA BREACHES AND ITS IMPACT ON CONSUMERS AGENDA About UNCLE Credit Union Current Trends Financial Industry Target Breach EMV 3 Layers Of Prevention Cybersecurity Framework Protecting Your Identity Legislative
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationClear and Present Payments Danger: Fraud Shifting To U.S., Getting More Complex
Clear and Present Payments Danger: Fraud Shifting To U.S., Getting More Complex Q: Good morning, this is Alex Walsh at PYMNTS.com. I m joined by David Mattei, the vice president and product manager for
More informationRETHINKING CARDS BUSINESS. Erick Ho, Head of Payment Services, SunGard 17 September 2015. Break through.
RETHINKING CARDS BUSINESS Erick Ho, Head of Payment Services, SunGard 17 September 2015 Break through. Agenda 01 02 03 04 05 Trends and Growth in cards and payment business Sharpening Business Focus The
More informationPayment Card Industry Update and Cyber Risk Management
Payment Card Industry Update and Cyber Risk Management CRAIG A. HOFFMAN, ESQ. BAKERHOSTETLER ADAM COTTINI, MANAGING DIRECTOR, CYBER LIABILITY PRACTICE, ARTHUR J GALLAGHER & CO. OCTOBER 22, 2015 2014 ARTHUR
More information