Almost all financial institutions in Asia were victims of online fraud in 2009, yet these organizations continue to adopt point solutions that can only tackle specific, single channel threats such as identity theft, a new survey has revealed.
Released Tuesday, Readiminds' second annual survey on online security in Asia's financial institutions revealed that these companies are still implementing "channel wise" online fraud security measures instead of a holistic, financial crime surveillance approach.
Furthermore, only 20 percent of the respondents said that they had previously implemented some form of fraud detection and prevention technology, while 75 percent rated their bank's efforts to tackle online banking fraud as "average".
Readiminds, a security software company headquartered in Singapore, conducted the survey via the Web, as well as phone and personal interviews with major banks across 11 markets in Asia--Bangladesh, Cambodia, Hong Kong, Indonesia, Malaysia, the Philippines, Singapore, Sri Lanka, Taiwan, Thailand and Vietnam. The study focused on transaction security, online financial fraud prevention and real-time risk mitigation.
According to the survey, the top branch banking fraud concerns of the region's financial entities were identity theft, and illegitimate account and fund transfers.
Over 80 percent of the respondents acknowledged that an integrated, multi-layer security approach consisting of strong user authentication, cross-channel fraud detection and risk-based transaction authorization, is the strongest form of defense against traditional and emerging online fraud threats. To that end, there has been an increase in willingness and desire for a more sophisticated approach to online transactions.
In addition, 80 percent of the banks polled indicated they were looking to implement a real-time operational risk monitoring and mitigation framework. Almost all respondents noted that they preferred this method over the traditional approach of a "cooling" or review period, the report added.
On the findings, ReadiMinds CEO Naren Nagpal, said: "It is becoming obvious that there is increased awareness of the importance of transaction security and online financial fraud prevention in [Asia's] financial services industry. There exists an excellent opportunity to adopt real-time, integrated, multi-layered, cross-channel financial fraud prevention as opposed to [playing] catch-up with traditional [online fraud security] approaches."
Other key survey findings include:
- Concerns were increasingly raised about the inconvenience of hardware tokens as part of two-factor authentication (2FA) for online financial transactions. The report said "software 2FA technology such as device fingerprinting" is gaining popularity in Asia due to its "effectiveness, convenience and low cost". Device fingerprinting, according to security specialist iovation, refers to a method that allows Web sites to identify a PC or Internet-enabled device in order to facilitate return visits.
Online financial fraud prevention was the top security priority of respondents in 2009.
Half the respondents indicated that a real-time enterprise risk monitoring and mitigation system as part of a regulatory and compliance framework, could have "helped minimize risk crisis" in the financial industry.