Cybercrime and Fraud, Page 2

We are the World – Internet of Things, Mobile and Social Media

October is National Cyber Security Awareness month (NCSAM), sponsored by StaySafeOnline.org to help remind us all to do our part to make the internet safer and more secure for everyone. Although that is quite literally the job of everyone who works for RSA, even those who don’t work for a security firm can play a…

My So-Called Digital Life

Like most, I have a very rich and fulfilling digital life. My smart phone is at hand 24×7 and I use apps to check weather and Facebook, bank, shop, scan real estate and even tell me if I have hung a picture straight. (Alas I am not a gamer.) I also do all of these…

Securing eCommerce Transactions without Losing Customers Part 4 – Mobile Strategy

Through this series we have looked at reducing fraud chargebacks via risk-based authentication for account holders, behavioral analytics and 3D Secure. In this final post we will look at mobile strategy. There is no shortage of statistics reflecting the tremendous growth in mobile commerce. In fact according to Criteo, 29% of US eCommerce transactions are…

Securing eCommerce Transactions without Losing Customers Part 3 – 3D Secure

Part 1 of this series covered using risk-based authentication for account holders while Part 2 dove into behavioral analytics to reduce fraud chargebacks. In this post we will look at the strategic use of 3D Secure. 3D Secure is a protocol developed by Visa, MasterCard and Europay and designed to reduce fraud in the online…

Securing eCommerce Transactions without Losing Customers Part 2 – Behavioral Analytics

In Part 1 of this series we looked at using risk-based authentication to prevent account takeovers like the ones that victimized Starbucks and Uber customers and help reduce fraud chargebacks. In this post, we will look at mitigating fraudulent transactions initiated through guest checkouts. Although the same is true of account takeovers, it is even…

Securing eCommerce Transactions without Losing Customers Part 1 – Risk-Based Authentication

Yesterday afternoon I received one of the calls we all dread – my credit card company phoned to ask if my husband had purchased airline tickets within the last five minutes. Alas he wasn’t planning to whisk me away – a fraudster was using his credit card number to book a flight. Within twelve hours…

The Targeted Forensics Series: Examination of Command Line RAR and 7-ZIP Prefetch Files (Part 2)

As an Advisory Consultant for RSA’s Advanced Cyber Defense practice, one of my objectives is show our clients how to focus on incident investigation and not just resolution. This is a holistic solution, made of many components, one of which I always recommend, is performing live response/targeted forensics. This series is focused on establishing procedures…

The Targeted Forensics Series: Examination of Command Line RAR and 7-ZIP Prefetch Files (Part 1)

As an Advisory Consultant for RSA’s Advanced Cyber Defense practice, one of my objectives is to show our clients how to focus on incident investigation and not just resolution. This is a holistic approach, made of many components, one of which I always recommend, is performing live response/targeted forensics. This series is focused on establishing…

Understanding human triggers in fraudulent transactions

  Too often, discussions about fraud prevention emphasize the security controls organizations should put in place: risk engines, step-up authentication, biometrics… These are all necessary for a successful fraud prevention program, but we tend to minimize the ‘humans in the loop’ aka the end users. It’s human nature to have biases, and an effective security program should…

3D Secure – The Next Generation

3D Secure was developed by Visa, MasterCard and Europay to reduce fraudulent online transactions. The 3D Secure protocol was designed to bring together the three “domains” in an online card not present transaction – the cardholder, the merchant and the card issuer. The protocol requires cardholders to enroll their cards in the program and then…