by SecureLabs in the Netherlands showed that consumers who are sending internet banking transactions through a malicious Wi-Fi hotspot could be easily manipulated if the SSL security is switched off during communication. For only US$100, cyber criminals can buy a malicious Wi-Fi router, which will give them access to any data sent through the hotspot in order to intercept passwords and to manipulate payment transactions.
While every large city has hundreds of Wi-Fi hotspots available that are free to access and easy to use, it is difficult to identify whether a Wi-Fi hotspot is malicious or not. To solve the problem of disabling the SSL security, most Dutch banks and web browsers are now supporting the new HTTP Strict Transport Security (HSTS) protocol to ensure that the communication security between the consumer and the bank is guaranteed. The problem is that not all browsers, such as the current version of Microsoft Internet Explorer, are supporting the new web security standard. As long as all online banking websites and browser vendors are not embracing the new security standard, the SSL web security can be easily bypassed with a cheap and easily assessable WIFI hotspot.
In the Netherlands, some banks have implemented fraud detection technology, available from vendors such as INFORM, to avoid this problem. These solutions can offer a real-time fraud detection solution that monitors transaction details and web anomalies to identify unusual behaviour when payments are processed through hotspots.
“We provide banks the tools to respond quickly to the new modus operandi of cyber criminals,” says Stanley Harmsen van der Vliet, product marketing manager of INFORM. “The new cyber threat is a good example of how critical it is for banks to be able to quickly react to new types of threats. It allows them to easily adapt the detection rules in a short timeframe and without any IT involvement. Banking websites are not the only targets. Any other online merchants like airlines or web shops are vulnerable to these cyber hacks.”
In today’s digitally connected world, infinite quantities of data are produced by consumers daily at a mind-boggling pace and volume. With under three months left to prepare, here are four areas for businesses to consider, to make sure they are ready for GDPR implementation.
Cash-flow based metrics now feature prominently alongside traditional revenue measures of business performance in the key figures or financial summary pages of any public company.
GTNews asks Pugsley about what advice she would give to treasurers dealing with mergers and acquisitions, what the key challenges for her year ahead will be and how she is selecting a treasury management system (TMS).
The US money market fund reforms came into effect in 2016 and are already dramatically shaping US fund industry with investors flooding out of prime funds and into government securities. While the reforms are similar, they are not the same. GTNews interviews Yeng Bulter, global head of the cash business at State Street Global Advisors on the differences.