The latest research by Kaspersky Lab and B2B International shows that 33% of financial services organizations don’t offer customers a secure channel for all of their online payments, despite the fact that 62% have noticed a significant rise in customers making online financial transactions and 50% believe online financial fraud is increasing.
The growth of online fraud is a logical (unfortunately) consequence of online payment usage increase. The more people use it, the more attention from miscreants it attracts.
Also, people are using an increasing number of various devices to conduct financial transactions online. Even though there are just a handful of software platforms left in use (Windows, Linux, Mac; iOS, Android, a little bit of BlackBerry), banks and payment services appear to be failing to cope with all the flavors and variants.
According to the survey, two-thirds (65%) say that customers are increasingly using different devices to make online payments, yet just 53% have implemented two-factor authentication and only 50% have introduced a specialised, real-time anti-fraud solution– even though 22% believe this is the most effective form of protection available. Less than half (42%) extend such a solution to customer devices and only 67% implement a secure connection for all online payments.
33% of financial organizations prefer react, not prevent; is it viable? #protectmybiz #enterprisesec
Tweet
Worth noting: customers aren’t too inspired to protect themselves; at least 29% think they don’t need precautions and extra security measures while buying online, because the websites of major companies are supposed to be well protected (meh!). Figures above show that’s not exactly the case.
48% of the respondents accept that they are only mitigating risk rather than removing it altogether. 29% say it is cheaper to deal with online financial fraud incidents as they arise rather than try to prevent them from happening. For many, a reactive approach still looks economically more viable than prophylactic activities. In fact, the “reaction instead of prevention” approach looks like an incentive for the criminals – they have a good chance to get away with money while the bank’s IT staff tries to find out what happened.
Kaspersky Lab’s own research uncovered 22.9 million financial malware attacks in 2014, targeting 2.7 million customers worldwide. The figure is discouraging on its own; the idea that these incidents are sorted out by hand is even more discouraging here. It’s just not viable.
There are specialized solutions for this kind of woe, of course: Kaspersky Fraud Prevention is one of them.
A comprehensive security solution designed to counter online banking fraud, it provides multi-layered protection for online and mobile banking at every point.
The main platform comprises two subsystems and one of these, a client-less engine, resides inside the bank’s infrastructure and ensures an additional layer of protection by analyzing banking operations on customers’ devices.
48% of the respondents accept that they are only mitigating risk rather than removing it altogether. #protectmybiz #enterprisesec
Tweet
The other subsystem is a solution for endpoints such as computers and mobile devices that can be provided to the customers. Once installed on a Mac or Windows computer, Kaspersky Fraud Prevention for Endpoints checks the authenticity of websites and opens pages in protected mode to ensure all personal data is protected from theft or modification. So phishing attacks won’t work. It also ensures no malware can be loaded onto the computer.
The Kaspersky Fraud Prevention SDK, in turn, allows applications secured against online fraud to be created for Android, iOS or Windows Phone platforms.
For a detailed overview of the solution’s functions please visit here.