30 Hoosier Banker September 2015 The next 18 months will usher in a new era of greater security capabilities for the payments industry. After many years of planning, all the pieces are finally in place to transition from a system that relies on static data on magnetic stripes to one of chip cards and tokenized transactions that enable dynamic data. While it will be a profound change, it must be viewed as a milestone, not a finish line. As the realization sinks in that the work of mitigating fraud losses remains a high priority, there are lessons to be learned from an unlikely source: hackers and fraudsters. Careful observation of hacker behavior can help the payments industry to better anticipate and ultimately prevent fraud. Observations Hackers are collaborating more and more with other hackers, and their efforts are becoming increasingly sophisticated. Hackers are singularly focused. They are natural problem-solvers. They are skilled at parsing valuable information from the overwhelming volume of data they observe. Typically hackers are early adopters of technology, and they recognize the power of sharing information and working together. Everyone involved in the transaction – networks, issuers, merchant acquirers and cardholders – can learn from hackers. There is a misconception of hackers tapping away down in their moms’ basements. In fact hackers have become very organized. They have emulated the various parts of the payments industry and have set up separate organizations to handle hacking, sales and fraudulent data use. All parties involved in payments similarly need to work together and share information quickly and seamlessly. The following collaborative approaches are recommended: • Don’t allow conflicts to be a distraction. Hackers are exceptionally focused on the task at hand. By contrast, the payments industry can, at times, be slow to act on security advances, due to About the Author Ed O’Neill serves as vice president, fraud and risk management for PULSE, a Discover Financial Services company headquartered in Houston. He joined the debit/ATM network in 2014. Previously O’Neill had served in risk management with Discover since 2006, prior to which he held business and information security positions at the Federal Reserve Bank of Chicago. A certified information systems security professional, he has been active with the Payment Card Industry Security Standards Council. O’Neill earned bachelor’s and MBA degrees from Loyola University Chicago. The author can be reached at 832-214-0298, email: edoneill@pulsenetwork.com. PULSE is an associate member of the Indiana Bankers Association. Combating Fraud: What Hackers Can Teach Your Financial Institution SECURITY / FRAUD
RkJQdWJsaXNoZXIy MTg3NDExNQ==