Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network.

Slides:



Advertisements
Similar presentations
Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, /29/2014.
Advertisements

HQ in Israel Threat research, security operations center 24/7. In-depth understanding and insight into how cyber crime works. Over 10 million online identities.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1. 2 Someone steals your personal information to commit fraud. A “buy now, pay never” shopping experience. What is Identity Theft?
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
AmadeusCybersecurity: the essentials12 th November 2014 Alex van Someren Family Office Forum 12 th November 2014, Zurich Cybersecurity: the essentials.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Identity Security Time to Share Nicolas Popp VeriSign MM/DD/YY - Session Code: 22 pt Arial.
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
Payment Fraud Trends : What Can you do? Protect Yourself and Your Business from Financial Fraud.
Why Comply with PCI Security Standards?
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Internet Fraud By: Noelle Woodman.
Securing Information Systems
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Information Security Technological Security Implementation and Privacy Protection.
1 CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited © CUNA Mutual Group 2010 Alaska Credit Union League Annual Meeting.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Confidential and proprietary to U.S. Bank 1 Corporate Payment Systems Adwebportal Training.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Mobile Devices Carry Hidden Threats With Financial Consequences Hold StillInstalled.
The Future of Information Security Awareness Kelley Archer: Facilitator - Director Information Security, AIMIA Inc. Aaron Cohen: Managing Partner, MAD.
DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.
Mobile Technology and Cyber Threats Deon Woods Bell Office of International Affairs The Fifth Annual African Consumer Protection Dialogue Conference Livingstone,
Protecting Your Information Assets
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Security considerations for mobile devices in GoRTT
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
Chapter 2 Securing Network Server and User Workstations.
TransArmorSM A Secure Transaction ManagementSM Solution
Chap1: Is there a Security Problem in Computing?.
A Euronet Worldwide Company Welcome to epay WebPOS! Use this index to find detailed instructions for WebPOS and begin taking payments today!! 1.Downloading.
Cybercrime What is it, what does it cost, & how is it regulated?
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
Carroll County Advisement Program FINANCIAL LITERACY *IDENTITY THEFT *MONEY MANAGEMENT.
Cybersecurity Test Review Introduction to Digital Technology.
Step 2 – Register a Card To register a UR Card, you can send an to or fill out the registration form at one of our awesome
©2016 Check Point Software Technologies Ltd. 1 Latest threats…. Rolando Panez | Security Engineer RANSOMWARE.
Web Database Security Session 12 & 13 Matakuliah: Web Database Tahun: 2008.
Mobile Money 1/37 Fiserv Mobile Money Staff Education © 2010 Beavercreek Marketing, a division of Beavercreek Inc. All rights reserved. All trademarks.
KASPERSKY INTERNET SECURITY multi-device  Average number of devices in households: 4.5  Consumer device diversity will continue to expand.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.
2014 From Phish to Phraud Kat Seymour October 10, 2014 #GHC
KASPERSKY INTERNET SECURITY FOR ANDROID. YOUR MOBILE DEVICES NEED PROTECTION More online communications and transaction are happening on tablets and phones.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Done by… Hanoof Al-Khaldi Information Assurance
Overview 1. Phishing Scams
How to Protect Yourself from ID Theft and Social Engineering
Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.
Computer Security Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Cybersecurity Awareness
Cyber Security in the Mortgage Industry
Strong Security for Your Weak Link:
Use of Biometric Technology in Payments to avoid Frauds
Anatomy of a Large Scale Attack
Who am I?. Information Security and You: Identity Theft and Credit Card Encryption.
What devices use the internet?
A Secret Service Perspective on Credit Card Fraud
Presentation transcript:

Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network

Agenda What’s HappeningWhat’s ChangingPayment Security MythsIndustry ProtectionsNew ChallengesEmerging Risks

What’s Happening

PhishingVishing Smishing Data Compromises You don’t need to teach an old dog new tricks!

What’s Happening You get the phone call, text, or Yes it still works! New sunglasses Insurance payment Facebook virtual money Transactions submitted in seconds

What’s Happening Data Theft Phishing Vishing Smishing Consumer provides card or account data Data feed to counterfeiters real time Initial test transactions begin simultaneously in different countries Based on data compromised, target is most likely card-not- present

Source Verizon 2014 Data Breach Investigations Report What’s Happening Most skimming occurred on ATMs and gas pumps due to how relatively easy they can be approached and tampered with. Nearly all victims are U.S. organizations. Industries most commonly affected by POS intrusions are restaurants, hotels, grocery stores, and other brick-and-mortar retailers. Most skimming occurred on ATMs and gas pumps due to how relatively easy they can be approached and tampered with. While phishing numbers are slightly lower in 2013, 8 percent of users will click an attachment and fill out a web form. Most are skeptical of clicking an attachment, but 18 percent will visit a link within a phishing .

What’s Changing

Payment credentials compromised Small dollar test transactions — slow flowing, wanting the 3 digit code on the back of the card More significant purchases, transactions escalate Fraud Goals High valueMerchandise Approach Low velocityValidation Compromise PhishingSmishing

Payment Security Myths

Technology Investment If I invest in the latest security technology can I get rid of other security technologies? Technology Integration I have a firewall, IDS, IPS, logging servers, and a SEIM, do I just plug them in and they work? Human Resources How many technologies can a security department manage, train, and become experts on? If I invest in this technology can I reduce the need to add more positions? The Ripple Effect

Industry Protections

Perimeter Defenses: Neural Engines: Data Protection: Consumer Account Bank/Debit/Credit WAPS Malware Detection Document Inspection SEIMS Velocity GeographicDevice Usability Encryption Tokenization Dual Control

New Challenges

Mobile devices Cloud computing and personal usage exploding Alternative payment apps Intelligence vs. stupidity

Emerging Risks

Compromises are no longer about the immediate theft and use of the data Thieves are installing key loggers, malware, and rats, among other items and letting them simmer for months before using There’s not a single security approach or technology that’ll prevent or mitigate the value of stealing account and card data as long as transactions can occur without authentication

Emerging Risks Silver Bullet? EMV Tokenization Layered Defenses No Fraudulent Transactions EMV prevented? Yes – counterfeit No – Internet Target Breach EMV prevented?No

Thank you! QUESTIONS?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.