FFIEC Guidelines – Update Imminent?
Gartner’s Avivah Litan posted last week that there have been recent discussions about the FFIEC guidelines that were most recently updated in 2005. According to Avivah’s blog, additional updates to these guidelines are “imminent”.
From the fraud prevention side, we’ve seen that criminals have been able to subvert authentication mechanisms at financial institutions for at least a couple of years now. I hope that the guidelines give banks some clarity on the fact that predictive analytics of website sessions (i.e., looking at the behavior of website sessions) is critical to staunch the current e-crime epidemic.
No matter what, it’s going to be interesting to see what comes from this update.
No comments yet.
Leave a Reply
About
Silver Tail is leading the fight against business logic abuse with 3rd generation fraud prevention.
Hackers are no longer high school kids trying to one-up their friends or criminals trying to just break-in to sites. Instead, today’s sophisticated hacker is organized crime, strategically targeting websites, stealing billions of dollars from companies and their customers. Vendors providing web application security and intrusion prevention have forced hackers to become much more innovative in their means of attacking websites. These hackers now target the legitimate business logic of websites to perpetrate their fraud, including hijack threats, velocity attacks and gaming schemes. Silver Tail is using the deep domain expertise of its team to provide software that combat business logic abuse in real-time.
Silver Tail was founded by a team of fraud prevention experts who built anti-fraud and anti-phishing tools at eBay and PayPal. Through their experience and proprietary algorithms, they have built a system that is scalable, minimizes false positive rates, and is extremely flexible to adapt to changing attack vectors.
Feedburner
RSS Feed
-
Archives
- February 2012 (5)
- January 2012 (4)
- December 2011 (7)
- November 2011 (8)
- October 2011 (9)
- September 2011 (5)
- August 2011 (7)
- July 2011 (7)
- June 2011 (6)
- May 2011 (4)
- April 2011 (6)
- March 2011 (5)
-
Categories
- behavior analysis
- business logic abuse
- Business Logic Flaw
- Business Process Abuse
- Compliance
- Cost of fraud
- Data Loss
- Detection
- education
- Fraud
- Gaming
- General
- information security
- Investigation
- Man-in-the-Browser
- Online Fraud
- Payment
- Phishing
- predictive analytics
- Prevention
- risk management
- Social engineering
- Social Networks
- Trust
- Uncategorized
- web logic abuse
- Zeus
-
RSS
Entries RSS
Comments RSS
