Kaspersky says banks face online identity crisis
One in four banks globally find it difficult to verify the identity of online banking customers.
This is according to Kaspersky Lab’s Financial Institutions Security Risks survey, which found 24% of banks worldwide struggle with the identification of their customers when delivering digital and online banking services.
The study, conducted by Kaspersky Lab and B2B International, surveyed more than 800 representatives from financial institutions around the globe. The report focuses on the latest trends in how cyber criminals steal money and data, as well as how the institutions plan to protect their customers from cyber threats.
“With the rise of online and mobile banking, more than half of banks (59%) anticipate growing financial losses due to fraud in the next three years. Customers are not only becoming victims of financial fraud, but also a major entry point for attacks on banks’ digital channels. Banks find themselves in need of security technologies, with most respondents admitting their systems are not able to verify the identity of online banking customers,” noted the study.
In 2016, 30% of banks had security incidents affecting banking services delivered via the Internet ? with phishing against customers, and using customer credentials for fraudulent activities as the top contributing factor leading to the attacks, according to Kaspersky Lab.
“While thinking of different approaches to secure digital and mobile channels, banks naturally avoid putting too much pressure on customers. Online banking should preserve its main benefits: as a convenient way of making financial transactions in seconds,” said Alexander Ermakovich, head of fraud prevention at Kaspersky Lab.
Based on the institutions surveyed, the costs of a cyber security incident to a financial institution can be as much as $926 000, notes the report. A previous study conducted by Kaspersky lab revealed over 79% of South African Internet users who have lost money at the hands of cyber criminals have only got some, or none, of their stolen funds back.
Business customers of financial institutions see average losses of $10 312, while consumers who have fallen victim typically see losses of about $1 446.
Earlier this month, Reuters reported the bosses of Wall Street banks Goldman Sachs and Citigroup fell victim to an e-mail prankster who also managed to connect with the head of Barclays and the governor of the Bank of England. The exchanges raised questions about the way banks’ computer systems handle e-mails to addresses outside their companies.
A Juniper Research report titled: “Online Payment Fraud: Key Vertical Strategies and Management 2016-2020”, found e-retail tops the list of online fraud with 65% of overall incidents estimated to reach $16.6 billion by 2020. Second on the list was online banking fraud, making up 27% of cases globally, which is valued at $6.9 billion.
In addition to two-factor authentication and other security procedures used by banks, Kaspersky recommends implementing dedicated solutions that can help to identify whether a person is authorised, without requiring additional actions from the user.