Part of maintaining a strong corporate image is ensuring your customers are protected from all types of security threats. This is true for any organization as the health of their brand is often closely linked to their business success. That said, a recent study by TD Bank found that even with fraud cases on the rise, only one percent of small business owners surveyed said falling victim to fraud was a top business concern.

This casual, unwary approach toward security continues to boggle my mind, particularly in today’s highly volatile business environment. But while three-quarters of the small businesses polled said they are incorporating steps to protect their computer systems from fraudsters, Fred Graziano, head of the commercial and small business banking at TD Bank, said companies need to keep up with the latest available fraud preventative technologies and criminal tactics used by more sophisticated fraudsters. (more…)

One of the biggest benefits of doing business over the Worldwide Web is increasing revenues with a broader, international audience. While business potential can be limitless over the Internet, unfortunately, so are the risks. Today, online merchants doing business domestically and overseas need to be aware of the various types of shipping and re-shipping scams that fraudsters are perpetrating to steal from unsuspecting companies.

In the article, “North business loses $8k in online scam,” a company was recently cheated out of $8,000 by an international scam that included fraudulent credit cards and a bogus freight business. The company was duped after a customer requested its purchase to be shipped to Japan via a fake London-based freight company, where additional charges to have the product shipped were added to the bill. When the customer’s payment went through, the freight company emailed the online business saying it could not take credit card payments. It asked for a direct, non-refundable overseas cash transfer, which the business paid for. Because the initial transaction went through, over the next month the company made five additional shipping payments on similar orders, amassing $8,000. (more…)

You’ve heard the phrase, “Too big to fail,” right? It’s a term that basically says certain banks or financial institutions are so large and interconnected that their failure would be disastrous to everyone else. A similar attitude has been floating around cyberspace for some time. Much like the first term, which the financial crisis proved wrong, the business mentality of being “too small to hack” is also failing.

According to the Wall Street Journal article, “Hackers Shift Attacks to Small Firms,” as small businesses make the leap to computerized systems, they are becoming prime targets for cyber thieves.

Business owner Joe Agelastri, who runs a pair of magazine shops in the Chicago-area, found out the hard way. After cyber criminals planted a software program on his cash registers, which sent customer credit-card numbers to Russia, the breach cost him around $22,000, slicing his annual profits in half. Though somewhat puzzled, Agelastri is just one of a growing number of small business owners who have experienced firsthand how prolific a problem cyber fraud has become in the SMB community. (more…)

The Federal Financial Institutions Examination Council (FFIEC) recently issued guidelines to help financial entities improve their cyber security efforts and gain a better understanding of the new, more dangerous threats they face today.

To show how layering iovation’s device reputation services with authentication technology offers a comprehensive defense-in-depth solution for exceeding the FFIEC’s new guidelines, we are hosting the upcoming webinar, “Ensuring Optimal Efficacy and Balance with Device Identification and Out-of-Wallet Questions.”

Along with Keir Breitenfeld, Senior Director at Experian Decision Analytics, I will be presenting what financial institutions need to know about how mitigating fraud risks while improving the overall customer experience, including:

1. How to achieve risk-based authentication with device reputation, authentication, scores and analytics — all while minimizing friction for the customer.

2. How to apply proportional treatment to your risk-based authentication efforts and dynamically manage credit and non-credit data questions, to fight fraud.

3. How to find optimal process points and question session configuration to strike the right balance between fraud prevention, customer experience, and cost.

(more…)

Infographics: Hotel Credit Card Hacking © CreditDonkey

When travelers go online to research hotels to plan a vacation or business trip, things like proximity, cleanliness, amenities, and safety play a huge role in their decision-making process. But those priorities may be changing. With credit card fraud becoming more prevalent in the hotel industry, a hotel’s reputation in relation to online security and fraud risks may soon override many of the traditional considerations that consumers have for choosing hotel accommodations.

According to the article, “Hotel Guests More Likely to Be Credit Card Hacking Victims, CreditDonkey Illustrates Danger,” a study estimates that 38% of all credit card hacking involves hotels. That’s two-times more than the financial industry (19%), which surprises Charles Tran, founder of the credit card comparison website, CreditDonkey.

“We were surprised at the numbers showing that hotel visitors run the greatest risk of all for having their credit card information stolen.”

One of the reasons for these unexpected numbers may be the recession. Because the hotel industry has been hit so hard, many hotels and hotel chains have not adequately upgraded their computer security systems. This, along with the fact that travelers typically use credit cards to pay for their hotel stays, may explain why hotels have become prime targets for cyber criminals.

All of this could create a shift in priorities for travelers selecting a hotel. As a result, hotels need to make sure they implement effective anti-fraud security strategies that help reduce the risk of credit card fraud.

As cyber thieves get more sophisticated, hotels must deploy security tools that help them identify fraudulent activity before they happen. Fraud prevention tools like iovation ReputationManager 360 uses device reputations to identify in real-time when a device with a history of fraud or is associated with other known fraudulent accounts is attempting a transaction.

By recognizing or re-recognizing any type of Internet-connected device — whether it’s a PC, laptop, tablet or smartphone — before the transaction takes place, hotels can mitigate their risk of credit card fraud and other unwanted activities, all of which can have a significant impact on their brand reputation and, ultimately, their business revenues.

A U.S. court recently ruled that banks and financial institutions will not only be held liable for fraudulent losses from business accounts, but also bear the responsibility for protecting customers through the use of fraud detection mechanisms. This decision in no way, shape or form will change the way banks already go about detecting fraud by looking at everything from IP addresses, geolocation, velocities and anomalies that could tip off fraud professionals about potentially suspicious online transactions and other high-risk activity.

However, to ensure they stay one step ahead of today’s profit-driven fraudsters, banks need to use the most advanced, anti-fraud techniques to prevent criminals from gaining access to legitimate online bank accounts. Michael Grillo’s article, “Combating Online Banking Fraud – A Top 10 List,” provides a checklist of the essential fraud detection methods that all banks should consider to ensure they are doing everything they can to stop online fraud, including: (more…)

Poor security policies… Significantly lacking basic monitoring of security events… No immediate plans to put adequate data security measures in place… These are the disturbing conclusions of a recent study by IDC Retail Insights, which surveyed retailers across Europe, the Middle East and Asia (EMEA) about where they are at in their data protection policies and practices.

According to the article, “Retailers are not protecting data security,” the report found that only 46% of EMEA retailers have actually put policies in place to deal with exchanges on blogs or social networks. That’s a scary thought when you consider the increase of online and mobile interactions that are taking place around the globe.  (more…)

Finding true love online, whether it’s through the right look, poetic flattery or simple mutual interests, is tough for the millions of hopeless romantics looking to find that special someone. Often times, finding Mr. Right is like searching for a needle in the haystack as those looking for love spend countless hours carefully sorting through endless personal profiles until something catches their eye. (more…)

For years now, it’s become customary for companies to write off a certain percentage of online transactions on the P&L to account for the fraud they assume will get passed their anti-fraud defenses. But is accepting a certain amount of fraud loss any way to combat a problem that’s increasingly impacting sales revenues and taking a bite out of your bottom line?

To reduce fraud rates, social networking sites are using their own social verification systems to determine whether the person at the other end of a Web transaction is actually who they say they are. According to the article, “How your social network can protect your credit card,” social networking sites like Facebook collect various pieces of information about a user’s personal network to identify a person and reduce fraudulent activities such as credit card fraud, account takeover and account hijacking within their network. (more…)

With so much personal information easily accessible over the Internet, why would cyber criminals go to the trouble of cracking codes or breaking through virtual back doors of retail websites when they can simply pose as legitimate customers and walk right through the front door?

According to the article, “Hackers coming in through the front door,” more and more cyber criminals are creating virtual disguises that are indistinguishable from a legitimate customers, allowing them to make what appears to be valid online purchases right under a merchant’s nose. This type of deceptive fraud tactic not only impacts online merchants’ sales and profits, but is changing the way businesses protect their online retail environments. (more…)

It’s been described as the event that has the greatest potential for credit card fraud to ever occur in U.S. history. Fraud experts are saying that the recent Sony PlayStation Network data breach, in which hackers stole information on 77 million customers, could easily spill over to online retailers market if the cyber criminals got their hands on members’ credit card numbers.

In the Internet Retailer article, “Sony data breaches highlight the fraud risks online retailers face,” it was first disclosed that hackers made off with customers’ names, street addresses, email addresses and dates of birth. However, updated reports now say that up to 10 million credit cards may have been compromised. (more…)

Every day iovation assesses risk on more than 7.5 million transactions for the online customers that we protect around the globe. France ranks third by country, just behind the United States and United Kingdom, in the total volume of Internet traffic from any country that we protect. As you would imagine, France is a very important market for us. It is growing and as we continue to expand our international footprint, France will play a vital and strategic part in our growth.

As part of our effort to expand our device identification, device reputation and real-time risk mitigation services for online businesses in France, I am pleased to announce that Philippe Mazurier has joined iovation as Country Manager, heading up sales and business development and is based in Montpellier.

Philippe brings strong business relationships and deep, in-market experience that will be instrumental in helping us meet online fraud protection demands in this market. He understands the serious and damaging impacts that cybercrime has on online businesses.

As we continue to serve the French market, protecting e-commerce, financial services, gaming and online communities from fraud and abuse, having a seasoned veteran in authentication and fraud prevention services representing iovation will help us serve this market even better.

To arrange meetings with Philippe to talk about any fraud or abuse issues your company is experiencing, please email france@iovation.com or call +33 (0)6 69 79 12 33.

Remember the days when being a cyber crook required specific computer programming skills that allowed hackers to crack codes and exploit vulnerabilities on a system? It was a job only for those who possessed rare talents and had loads of time on their hands. Not anymore. Today’s cyber criminals are a far cry — and are much less specialized — from the cyber crooks of yesterday.

According to the Wall Street Journal article, “Cyber crime now an industry,” the average cyber criminal is not at all who we think he is. He’s not some socially awkward kid cooped up in a poorly lit basement causing havoc across the globe. That’s not to say there aren’t organized gangs causing worldwide headaches. There are. But, from a technical standpoint, the majority of those perpetrating online fraud and abuse are more like you and me. (more…)

As Internet advancements change the competitive landscapes of industries across the globe, fraud prevention mechanisms are essential to filter online payments and flag or stop suspicious transactions.

According to the article, “Securing Internet Payments,” 70% of all fraudulent credit card transactions originate from card-not-present (CNP) transactions. This has a substantial impact on the public’s confidence using their credit card for online transactions. Lacking the capability to prevent unauthorized transactions and associated fraud and abuse ultimately trickles down to Internet-based businesses’ bottom line revenues and profits. (more…)

When it comes to building and maintaining a strong online reputation, organizations know that perception is reality. That’s why many Internet-based companies are proactively taking additional security measures to ensure the safety of their customers and websites. It’s a key strategy for preserving a safe and reputable brand reputation.

But what happens when industry perception is beyond your control? Can online businesses protect themselves from consumer perceptions of the industry as a whole? And what kind of impact can consumers’ fears of shopping online have on online merchants? (more…)