Cybercrime knows no bounds. Regardless of their location or size, companies that are connected to the internet face the risk of an attack. While fraud may be a universal issue, the strategies countries use to combat different types of attacks are hardly identical.
U.S. companies that adopt a global perspective on fraud stand to learn a thing or two when it comes to staving off cybercriminals. Explore how the cybersecurity measures of international counterparts – including China, India, Brazil and the U.K. – can help you effectively fight fraud.
The C-suite is far from immune to fraud. Executives across China are often the subject of investigations regarding corruption. Since employees may even work with one another to cover up crimes, internal control measures are not always as effective as you might think. The result? Devastating losses that drive companies out of business.
In an effort to limit fraud-inflicted damages, an increasing number of organizations are redesigning reporting systems with efficiency in mind. If, for example, an employee wishes to disclose a potential violation, a standard set of details should be recorded and organized to ensure each report is consistent. Instead of digging for the most important details from each case – such as the department in which the fraud took place – you can save time by making that information readily available.
An enhanced authentication solution may also serve to confirm employee identities and prevent former workers from regaining access to your company’s internal systems. By accounting for a user’s tendencies and overall risk, adaptive authentication can vary exposure to sensitive information while continuous authentication considers traits like typing speed and a user’s fingerprint. With an expected market value of $17.76 billion by 2025, multi-factor authentication is yet another option which can add an extra layer of protection to valuable data, transparently.
At around $148 per compromised record, a data breach can easily cost you millions. Keep costs down by choosing an authentication solution that can easily adapt to your security and business needs.
Consumers throughout India are no strangers to identity theft. During the first quarter of 2015, identity theft accounted for more than 75 percent of all fraud cases. This problem has since been compounded by false income documents along with incorrect employment information. One way to reverse such trends is by establishing trust for a credential before it’s issued.
Not sure where to start? Empower mobile users to download your organization’s app. Once they’ve opted into a new offering, it’s time to capture their identity. A photo of a government document coupled with a selfie is all an authentication service needs to verify the integrity of the user.
Take security to the next level by complementing mobile ID proofing with device reputation. From mobile emulators to high-risk IPs and ISPs, there are a number of fraud patterns to keep an eye out for as you gauge how trustworthy a device may be. Verify the integrity of the user’s registered device and only enable step-up authentication when fraudulent behavior has been linked to the device. Establishing confidence in both the user and their device is crucial to protecting sensitive information – especially as businesses make the move toward digital.
Extended validation certificates
Consumers often have a tough time telling the difference between fact and fiction. Although it’s not the most advanced strategy out there, image-based phishing continues to grow more prominent in Brazil, creating quite a problem for financial institutions. Cybercriminals begin by creating fake webpages which mimic those of legitimate banks. Every last detail – including a secure browser certificate – is copied to convince consumers they’re logging in to an actual online banking account.
Stay one step ahead of this scheme by implementing extended validation certificates. Designed to swap out the “secure” browser indicator for the name of the financial institution, an extended validation certificate makes it easier to distinguish your company from fraudsters.
Major brands such as PayPal are already leveraging this security measure. The online payments giant has long been the target of phishing schemes. To clear up any confusion surrounding the legitimacy of their website, PayPal has made extended validation certificates a staple of the online consumer experience. Take a page out of their book to ensure consumers know who to trust with their online banking credentials.
Fraud is an all too common occurrence in the U.K. In fact, 50 percent of companies have experienced fraud this year alone, with cybercrime being the most frequent type of attack. This era of deception, however, may soon come to an end. New regulations – such as an updated Payment Services Directive (PSD2) and General Data Protection Regulation (GDPR) – are being rolled out as part of an ongoing effort to protect consumer data. Rather than handing financial records to private companies, consumers are reasserting their rights over personal information through a series of recent regulations.
Unfortunately, U.S. companies haven’t been as concerned about compliance trends. The day GDPR went into effect, both Facebook and Google were hit with lawsuits for allegedly failing to adhere to GDPR’s provision on consumer consent. Although these regulations may not impact every organization in the U.S., they’re indicative of shifting opinions surrounding the use of APIs and ownership of consumer data. American companies that support such changes promise to stay at the forefront of their industries.
From the advent of the internet to the emergence of mobile devices, new innovations continue to redefine the way we do business. While digital identities, transactions and e-commerce payments can introduce greater speed and convenience, the threat of fraud may also increase. Prepare for a wide range of potential attacks by considering how other countries combat cybercrime. The more strategies you have on hand, the easier it will be to protect consumer data.
Beyond proven methods such as ID proofing and extended validation certificates, a second layer of security could be added without introducing friction to the user experience. Protect sensitive data and provide consent for any transaction by bringing aboard transaction verification and analysis along with fraud monitoring. The extra effort is poised to stop fraudsters in their tracks without compromising the user experience.
About the Author
Ryan Zlockie is the global vice president of authentication at Entrust Datacard. He leads the company’s global software product efforts, as well as the authentication business segment. He has more than 17 years of experience in security technology for global, midsize and startup companies. Before joining Entrust Datacard in 2011, Zlockie held vice president positions at L-1 Identity Solutions and Bioscrypt where he focused on identity and security with an emphasis around biometric technology. He holds an MBA from the University of Southern California and a bachelor’s in marketing from Rider University.
People spend more and more time on their smartphone nowadays and it's no wonder. You can do some shopping, check your email, and even visit real money…
Bitcoin was launched as a purely digital currency at the turn of the decade but soon after, physical bitcoins were introduced into the market. While p…
Patch management plays a crucial role in the security of any business enterprise. Insufficient patch management can leave a business system vulnerable…
Is your email inbox slowing you down and keeping you from getting your work done? It's time to outsmart and take control of your inbox.
For most people, freedom is best utilized with a combination of other things. Researchers have also revealed that people today fancy a busy and overwo…