LPS Training Services

Articles

  • Home -
  • Article -
  • Bank Security -
  • Alternative Security Methods For Banks


Non-Verbal Behavior

What does it mean to read people?
Why Body Language Always Tells the Truth!
Training Your Eyes To Assess and See Sub-Conscious Movements!
HOW TO PROFILE A CRIMINAL!
WHY BODY ALWAYS TELLS THE TRUTH
CLOSED BODY LANGUAGE
DECEPTIVE BODY LANGUAGE
DEFENSIVE BODY LANGUAGE
DOMINANT BODY LANGUAGE
EMOTIONAL BODY LANGUAGE
EVALUATING BODY LANGUGAE
GREETING BODY LANGUAGE
OPEN BODY LANGUAGE
POWER BODY LANGUAGE
READY BODY LANGUGAE
RELAXED BODY LANGUAGE
ROMANTIC BODY LANGUAGE
SUBMISSIVE BODY LANGUAGE
BORED BODY LANGUAGE
ATTENTIVE BODY LANGUAGE
AGGRESSIVE BODY LANGUAGE

Liar Behavior

Eyes Can Not Lie
How Our Bodies Betray Us in a Lie
EYES CANNOT LIE
IS A LIE A TRUTHFUL ACT?

Terrorist Behavior

What is Terrorism?
What is Religious Terrorism?
Charming History Of Terrorism

Criminal Behavior

How to Profile a Criminal!
How to Detect Human Smugglers!
What goes On in A Criminal’s Mind?
What Is Criminal Behavior?

Student Behavior

What is Behavior?

Learner Behavior

Why training is important to big organization?
What is Training?

Emotional Behavior

Criminal Emotions-Before, During and After the Crime!
CRIMINAL EMOTIONS
HOW OUR BODIES BETRAY US IN A LIE?
HOW TO DETECT HUMAN SMUGGLERS!
TRAINING YOUR EYES
WHAT GOES ON IN A CRIMINAL'S MIND?
WHAT DOES IT MEAN TO READ PEOPLE?
HOW HUMANS ACT TRUTHFULLY
WHAT IS ACTING?
WHAT IS REALITY?
REALITY vs PERCEPTION

Bank Security

How Fraudsters Move Money To Africa
How Bank Criminals Get Away With Their Crime
How To Recover Your Money From A Scammer
Bank Robbery Success Rate
 Major Unresolved Bank Robberies
Alternative Security Methods For Banks
How criminals recruit bank employees
Fighting Bank Fraud With Video-Based Security Surveillance
Bank Security Training Ideas
Being Sensitive To Attacks On Banks
All Criminals Need Is Your Data—How They Gain Access To Your Computer
Credit Card Fraud and Theft
Types of e-Commerce Fraud
Taking a leap into the past of bank robbery to determine the present
How To Detect An Intruder In A Bank
The Procedures Involved In Robbing A Bank With A Note

Brain Behavior

Knowing All That Pertains To Your Brain

Building Security

The History Behind Vandalism
Understanding the Concept of Vandalism

Hospital Security

Hotel Security

Alternative Security Methods For Banks

Elangovan, October 2, 2019

Banks no longer bank on the conventional security means in securing themselves again. Criminals are going weird on a daily basis and a hard people require hard technique so as to deal with them appropriately. An article by Claudius van der Meulen (2018) explains why banks are now moving away from one-time passwords (OTP). The OTP was developed in the 80s and obviously, it would be difficult for it to withstand the present security realities. Consider, for example, the SONY Walkman, the telegram, and the once-popular video cassette. While we may remember these relics fondly, we wouldn’t dream of substituting our iPod with a Walkman today. So why, when our technology has developed in leaps and bounds, are we still using the SMS one-time password?

Incredibly, this tech is still widely used as an identification and authentication method by many major financial institutions and other organizations, for example, the TAN and PAC codes used by ING Bank. Originally, only a TAN (Transaction Authorization Number) code was sent to a user’s mobile phone to authorize a transaction being made. Subsequently, the PAC (Personal Authentication Code) was added in 2012 to better protect users against online fraud. Although this method was considered quite safe in its heyday, hence its widespread use, it is no longer the case (Meulen, 2018).

So, the present realities require something better than that. Hackers can easily intercept the authentication codes sent by SMS via the mobile network. Moreover, a cyber-thief does not always have to go to the trouble of stealing a password; we change SIM cards regularly, and phone numbers are recycled. If you forget to pass your new details on to your service providers, then when you next try to log in, they will send the authentication code to your old phone number, which may well be in someone else’s hands (Meulen, 2018). The dangers of OTP are too numerous that I wouldn’t like to use the whole of this space to discuss it. Banks and businesses need to take action and move beyond the security methods that attackers long ago learned to undermine. The weakness inherent in the user password supported by SMS-delivered OTPs has shown us that newer and safer authentication factors are needed in order to maintain consumer confidence in shopping or banking online. Fortunately, the future of authentication is here.

Push authentication technology is a proven and effective alternative to SMS OTPs. Analyst firm Gartner expects that this technology will dominate the authentication market within the next two years. Its appeal isn’t surprising – push authentication does not require the user to switch between mobile banking apps, copy or remember pins or passwords, or wait for a message to arrive. With this approach, communication between the bank and the user takes place via an isolated, encrypted channel that is not susceptible to the same external attacks as passwords or SMS OTPs. This practically frictionless and highly secure approach offers huge incentives for financial institutions to migrate from OTPs via SMS. A bank that invests in these types of technologies will see a decrease in digital fraud and happier customers as a result. It will be complying with all relevant regulations by opting for a method that utilizes an out-of-band, encrypted channel for transactions, while simultaneously keeping up with changing times, reinforcing its security and enhancing customer experience (Meulen, 2018).

Apart from the push authenticity technology, there are other laudable alternative methods for banks and related organizations.

Strong, frictionless biometrics: Financial institutions are also taking advantage of biometric recognition technology in novel ways. Biometrics can be used to analyze an end user’s unique physical characteristics to confirm that they are who they say they are. The process is highly secure but not overly invasive – and thus strikes a balance between security and ease of use. It leverages smartphone technology – like fingerprint scanners, voice recorders or the phone’s camera –to enable the user to conveniently confirm their identity, either via fingerprint, voice or facial recognition technology. The best part is, customers are comfortable using these features, as it’s as easy as using their phone the way they do every day (e.g., taking a selfie photo, talking on the phone or tapping the screen) (Villadiego, 2018).

Passwordless access: Authentication factors have evolved to leverage the opportunities for end-user authentication that are built into smartphones and tablets. While users often have multiple devices, they commonly use the same device to perform certain tasks. Forward-looking businesses recognize this trend and are streamlining the login process accordingly. Using a known device – in this case, a cell phone – users can log into a platform by simply scanning a code with their phone’s camera, avoiding the need to input a password. In addition to providing an enhanced user experience, this has the potential to reduce successful phishing attacks. As passwords become less relevant to authentication, phishers will no longer significantly benefit from obtaining end-user credentials (Villadiego, 2018).

Geolocation identification: Geolocation also utilizes a user’s mobile device to provide authentication services wherever and whenever they are needed. If a customer is shopping at a big box store and their bank needs to authenticate them, one option is for the institution to send a push authentication to authorize the transaction. Alternatively, geolocation allows the bank to access the customer’s location via their mobile phone, verifying that the user is in the same physical location in which the transaction is being requested. In this case, there is no need for the customer to respond to a notification, creating a more transparent and frictionless authentication experience.

While all of these authentication methods work to safely confirm that all transactions are legitimate, no single technology will secure online financial transactions with 100% certainty. The key is to stay one step ahead of cybercriminals while preserving a low-friction customer experience. Passwords do neither of those. It’s time to step up and embrace the latest in what strong multifactor authentication has to offer (Villadiego, 2018). Not aligning with these new developments is like sending yourself into the mouth of the lion to be devoured for no just reason.

References

Aware (2018). The Future Of Authentication Is Already Here. Retrieved from https://www.aware.com/portfolio-items/future-of-authentication/

Meulen, V (2018). Why Banks Are Moving Away From One-Time Passwords. Retrieved from https://www.globalbankingandfinance.com/why-banks-are-moving-away-from-one-time-passwords/

Villadiego, R (2018). The Future Of Authentication Is Here. Retrieved from https://www.forbes.com/sites/forbestechcouncil/2018/06/04/the-future-of-authentication-is-here/

© 2019 LPS Training Services All Rights Reserved.