Tue 18 - Thu 20 November 2008 - Frankfurt am Main, Exhibition Grounds, Hall 5.1
The heat is on for financial service providers
Frankfurt, Germany, 18 August 2005 – Nowadays, protecting customer data is more vital than ever before. Attacks by professional fraudsters are becoming more aggressive, while the new organisational structures prevalent in the world of finance are creating new challenges in terms of IT security.
Cases of misrepresentation of identity and data theft don’t just affect customers – quite the contrary, in fact. Phishing, the act of sending fraudulent e-mails that appear to come from reputable banks, is currently a source of real concern for financial institutions, who are now attempting to reduce its impact by means of publicity campaigns and preventative measures. These include issuing security warnings for customers as well as tracing and then closing down the servers that are being used for such criminal activities.
One expert involved in carrying out this type of work on behalf of financial institutions is Christoph Fischer of BFK edv-consulting, based in Karlsruhe, Germany. His team examines computers belonging to affected customers, identifies any Trojan horses that have gained access to their systems, and counters any phishing attacks, wherever possible, before they actually happen. Fischer deals with the police practically on a daily basis, since misrepresentation of this type is often a form of organised, cross-border crime. As he notes: “Phishing is still at an early stage of development. Offenders are still concentrating on obtaining cash and are therefore targeting banks, online brokerage services and electronic payment service providers. But phishing can actually be extended to any extranet-based transaction.”
There is a wide range of solutions available to help defend against phishing attacks. Mobile TANs (transaction access numbers) and indexed TAN lists, such as those offered by the Postbank in Germany for example, appear to be particularly promising, since they work without any need for additional hardware.
Also in situations where data is transferred between corporate clients and financial service providers, protection is especially necessary. ABK Systeme GmbH, a company specialising in payment systems and based in Dreieich near Frankfurt, offers a simple and secure tool, the “Financial Payment Service” or FIPS, for communication between banks and their corporate clients. This includes features such as the requirement for dual verification, both in terms of users’ authorisation profiles and the methods used for approval. If this requirement is not fulfilled, the payment request will not be processed further. “Unlike other procedures, FIPS works without the need for a smartcard, PIN or TAN”, explains ABK’s managing director, Armin Gerhardt, who will be presenting FIPS at the European Banking and Insurance Fair (E.B.I.F.). “The customer enters his own security data and also maintains it himself. This makes for a customer-oriented and cost-effective application.”
For insurance companies, the need to protect customer data is just as pressing as it is for banks. “Particularly for field sales staff, who receive confidential customer information about investments or insurance policies and then transfer these to their company headquarters via the Internet, comprehensive data protection is vital”, says Klaus Martin, practice manager for security services at Siemens Business Services (SBS) Germany. Using the “Mobility Solutions for Field Staff and Managers” solution developed by SBS, colleagues working remotely can be integrated into the workflow. SBS’s managed security services represent a truly comprehensive approach, whereby security experts ensure that constant monitoring takes place – from network supervision and vulnerability analyses, to investigation of attacks.
With his experience in combating phishing, Christoph Fischer considers it vital that dealing with security is treated as an ongoing process. As he points out, “Every new development – in terms of new technologies or new methods of attack – will require that modifications be made.” The changing organisational structures in a bank or insurance provider that may, for example, be seen after a corporate restructuring or merger process, will also have an impact on IT security. “Further measures are sure to be needed in such cases”, adds Klaus Martin.
In addition to security, the specialist E.B.I.F. exhibition will cover the full range of financial technologies on offer. And the Euro Finance Week will also incorporate expert conferences, presentations and workshops on current financial and economic issues.
8th Euro Finance Week 14 – 18 November 2005
E.B.I.F. Conferences 14 – 17 November 2005
E.B.I.F. Trade Fair 15 – 17 November 2005
European Banking Congress 18 November 2005
Euro Finance Gala 18 November 2005
Concurrently with LinuxWorld Conference & Expo
