Financial institutions involved in ‘second wave’ of compliance will require specialist security consultancy and products to mitigate increased security risks.
Thales today announced the launch of an end-to-end security solution for Faster Payments aimed at mid-tier banks and corporate treasury departments. Many of these organisations will be considering how to meet the Faster Payments regulation after the 13 member banks go live in the ‘first wave’ of compliance in November.
Thales’ end-to-end security service, covering physical, technical, human and organisational security, will be essential if financial institutions and treasury departments are to mitigate the increased security risks associated with the Faster Payments scheme.
The Faster Payments process will initially enable funds of up to £10,000 for internet and phone banking to be transferred in a matter of seconds and for funds of up to £100,000 to be transferred before 06.00 am on the due day of standing orders. While the benefits for consumers are obvious, it will also allow fraudsters to move funds from account to account and convert these funds into cash or goods within a couple of hours. As a result, the security risk profile of transactions using the Faster Payments platform is significantly altered, making it a potentially higher value target. It is therefore likely that the Faster Payments environment will face increased scrutiny by organised crime, with future attacks exploiting a blend of external and internal vulnerabilities.
Thales is therefore offering a packaged end-to-end security service for mid-tier banks and corporate treasury departments planning to implement Faster Payments in an effort to mitigate the new set of risks. The risk review service for Faster Payments processes and technology will include:
Human security: the security culture, susceptibility of employees to social engineering techniques and risk of internal fraud;
Organisational security: the security of business processes against fraudulent activities such as segregation of duties and the level of audit and control;
Technical security: the security of systems and networks interfaced with the Faster Payments Gateway;
Physical security: ensuring that the physical security risks are mitigated protecting, front- and back-office technology platform assets that are used for faster payments.
Adrian Ulisse, Security Consulting Director UK of Thales Security Systems, comments: “It is imperative that mid-tier banks and corporate treasury departments consider the specific security aspects before they embark on a Faster Payments project. Today’s criminals operate a sophisticated business in fraud and they will be looking for attractive targets where they can successfully invest their resources. The introduction of Faster Payments will provide such a target for organised crime against those organisations who have not implemented strong security processes across the faster payment environment.”