IT Management - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  IT Management


How Wall Street Can Mitigate Financial Fraud Using Biometric Authentication



 By: Paul Foote and Reena Hora
2008-10-06
Article Rating:starstarstarstarstar / 12


There are 1 user comments on this IT Management story.


  Table of Contents:
  1. How Wall Street Can Mitigate Financial Fraud Using Biometric Authentication
  2. Passwords Fail
  3. Technologies Used by Societe Generale Bank
  4. IT Security Must Be Strengthened

Rate This Article:
Poor Best
How Wall Street Can Mitigate Financial Fraud Using Biometric Authentication
( Page 1 of 4 )

Risk control procedures are not enough to mitigate fraud on Wall Street. The current financial meltdown provides evidence that many banks and financial institutions have failed to change systems and people in order to mitigate fraud and to comply with regulations and standards. Biometric authentication is a reliable solution for preventing security breaches. Knowledge Center contributors Paul Foote and Reena Hora explain why the financial industry needs to supplement its internal controls compliance with biometric authentication.

Daily, trillions of dollars are transferred worldwide in funds and securities through financial systems. The magnitude of this exposes the financial institutions and their customers to a very high risk of deliberate and accidental fraud. Many government and industry regulations and standards such as the IFRS (International Financial Reporting Standards), Basel II, Basel III, PCI and Sarbanes-Oxley require compliance by these financial institutions to take steps to mitigate risks and protect them from fraud. These strict regulations were unable to prevent the big slide in the stock markets in September. Future solutions to the financial meltdown must include raising security standards in the financial industry, such as the use of biometric systems. 

A brief look at regulations and standards

International Financial Reporting Standards (IFRS): These standards are becoming global standards for preparing companies financial documents. They are developed by the IASB (International Accounting Standards Board) and are adopted by more than 12,000 companies in more than 100 countries globally. (Reference 1)

ERP systems such as SAP ERP financials provide compliance solutions for IFRS. (Reference 2)

Resource Library:

Basel II & III: These are issued by the Basel Committee on Banking Supervision, which is composed of representatives and senior authorities from the central banks of the G-10 countries. These accords are recommendations on banking laws and regulations. (Reference 3) 

PCI DSS: This is a security standard developed to facilitate adoption of data security measures on a global basis and mitigate payment security risks. It includes requirements for security management, software design, network architecture, policies, procedures and other critical protective measures. (Reference 4) 

Sarbanes-Oxley Act (SOX): The Sarbanes-Oxley Act became law in 2002 in response to major corporate and accounting scandals. Congress created SOX to increase transparency in financial accounting and to mitigate fraud. Originally, its focus was on issues surrounding accounting and finance. In 2005, its focus expanded to include human resources, supply chain management and information technology. (Reference 5)

Banks and financial institutions may have risk control procedures in place that comply with the above regulations, but they are still exposed to fraud. This vulnerability is due to dependence on passwords for security and negligence in carrying out the security procedures diligently. According to an April 2008 survey of 185 IT professionals (IT Departments on Data Security: A Research Concepts Survey), one out of four organizations surveyed had a data breach in the past year. Most of these companies viewed security as a high priority. Even so, according to this survey, only one in every 100 employees consistently follows security policy.

New ISO security standard published

To increase security, biometrics is now being increasingly recognized as a method for authentication and a reliable identification method. The ISO (International Organization for Standardization) has published a new standard: the ISO 19092:2008 (Financial services Biometrics -- Security framework).

This standard establishes the security requirements for the implementation and management of state-of-the-art biometric identification technology within the financial industry. This standard will make transactions more secure in the electronic era for the financial sector. (References 6 and 7)

According to a Unisys survey, 66 percent of worldwide consumers preferred that banks, credit card companies, health-care companies and government organizations use biometric identification over passwords, smart cards and security tokens. Most consumers surveyed found biometric solutions extremely convenient and secure, as they would not have to remember passwords and also not have to deal with password misuse. (Reference 8)





  Reader Comments: How Wall Street Can Mitigate Financial Fraud Using Biometric Authentication
>>> Post your comment now!
Top-notch reporting
Excellent read. One of the few times I have read an industry piece that was fully backed up by a wide spectrum of legitimate sources, rather than...
Posted At: 10-13-08
By: InvertedPyramid
>>> Post your comment now!
 


 
 
>>> More IT Management Articles          >>> More By Paul Foote and Reena Hora
 


x}vH9Nj>0KAl͔mC9P[H$lӳ;٪n۠LEFFFDFFFF@λ%\8acrsݩc <Τ.?!ߛ?b92t\\1GtjYLR}F]̱]wGlJ~x'AT1vRu 5ߙ1\+SmL=qnalv .hѲ ⌲IB#T 9a_X$)qH#Ѻ;CSX$xeG$oQP}ؾ䙿S=2t|ߙS6Bu/FXP~FDc?CovN|w0vaz3K[@SѠ*"U{AUh/ /\1r.ddqM{ *Y)6 LI%cLJ^tXF?D9:c9. NRY"63ҦhYyiQz3g c -?Z Q+.mG)z^:Hyy/ftYu ¿7PoǮ3C2w7ߟQㄍDZ6'>6M( O|ɠjAĥZq9e(f42ۂM}YnT\>PţRurP;8ߋW m8e2gVН[ֺkXQTX<]ϻ9C([0x5M-0Ns'WOw~q is,ȯwD_0QYTJi<ͧDNj,{/BKoVs7-{%"f1\ӣ0CF_8(J:7gsKߺ^{-o_[>ߙecfy3(ժ?TԽ2ؕΚgxg[:nN77fGN;פ>i>;stn~R|YkV\{߮C"w@pHIɽGf9ć/'$'MD&yA 黚홨-4K[W9 }c-? ,_%?fk3 J a)"C N^mMoU: _&T3o2 ?]-w a4ZAL4&h)5?&`Mab&DJH;Q{y6.`q˪TY嗋mQq>].R%w{̈^"ʥc#'^Ib,x5 .΃zjNTꊮ2Wr{熻,aO]O[V^?]zY 8^%gk,]ev2JB0.pkjjrG_)Cͽ=xx~ ^1p-^ab0B mgLt-ys: i vڔ?k>RÜOkCͶcOGs>hH2AC62^lzK5}b>'a V835uӹgA {>0}sJY-h$ >6(Zt 0Ixysc)м`ιqoa23W#j:?`P<< 2/?Ch>:OtmQ(=9f)ڝfZдc@\juJÌ%;r-Ea3C7 dRJJEG!-i]R@Az6W? -;,rr  #!be6Os@PG҅3vJPC;7 { {TKh!+K@fsf`(4{~u}bB+|#'dXr`Y \`+|i)lb je[r$4T(/h1#+ՃrQ).}ȫ3K6=ӆ)푫A_?Lן Gx~lj?DŽy[+WuPÃ"`"+42[=! = Lw( g;\\䞅J^-V᧒, Lj@gmdz?Ќ;Gq)28Sf8),4|tOWݡ~@͋L?MZZФ(US $/gcP.ەa]jk-\ʋUI -aS_X5(kA+_i)DA n2\Z3,C l,.h/0W0Ϳl1ȤmD rI&#SMomꑪT<kpX"@@7w R&a+\Ҩ·Χ3i:E7s{+On&c'lN )f!""4)6A TXP}E]33R%f.xd\48L XbOFt3F KZLgf//,+ikuMّRB|zjN rANg43aJ++Uˈ`n+V/( 7(Z"P0˃%a1C.z_{=2dB4]Ufۋ+P@x8܎:-H+zu揘"0k-tpM)VK ޵fWcW{%h"QkF&FdH}tΈ#6RPj*5 )8};`ϷJh#R欭p+,s Jb+ʹV(Ecݙ޲Uz=Y5AP,2gęylU ֕gᄻ,Oq{Sk)|,tl+^ #0:g\ Ⱦ NM(}R%7Cj%r1se`@m@?늪c]}2hSYu'lȤb+722˓AyLAFnlGqOXo3 "[۶A9db:1Ki>C?9dN Hk93 NQg`?8P*Y3GGu"M.";&́08zGdD|zZL*>^XnuJV>H-G idߙ'ksWYq" ݁ͽ*Jq@G2g^(SY-q'&F.,O]]"> 4y̔Z|^Z/\f40u}ӟ:TW*G_PMO`H桨|]͠1p p\i<{H҇>JS-GIռi0RR. yU;,2X+(#t+Z۹16W" "l[ e|פrP+Gs;"ʌg b<r{q>'F{lj6cWՄθU `3O-8NVum4tH"5H~++*$}I-$eYt>80xnd=૰(pL\'eM<9  qΟݚp_@3|*l>*{]_v>"a@q=C ^eA)R='x0JZ:p/g$ ,$(eDBs9ǣ۷BlpH3T!,8{JeoW[ xr~c, ,"0aZp̰Lc V*UXԼ _3Z cCs7ݏ]A/= ПBQ`nо(&s,$\auv>gap -⸔IԕʶO;W}qپ| W^pڿ!o&#rj ~yJYpUj_5[EˇǫԾl`C,tΪ2e'A)p$ >{%=Ķh6Wg56xv:72Cw4xw.YJ|I}ҹ\C|G}ՒXGx\O#{R}vuңu4*$Eq|hqLD6MF {k쇤3;&W쐚!PRj_:5g ^|ƹ \㸪,r9FπaQj7_5/ؿ+,k ̀o tzc}bH@ $X)XCu:u/I%D( 1tJ1 _RBMQ҉hYuҹnpKl}AFJN^VZKҷo@W蘧Y;GD{_q-=?EUj'5۟H"OHDE ?_8/gcIB9}0xc<8JP -Mu>So4 jYkNEm 1Obt1bXHa~bo1֢ Ik |o(o&򽡎x6) kN7&/6o).?.i{\na.x{7te\ڊ]fKn~'v/wNMViyǏo&gn&}RA=!nD[8r`}|)u]̠Ľ>m7= /TUR]2? ` a/ P@ӹOZT yW}+mYgp Z!0ޕc#wܥR !pK'!>&<dLj4oXvqFq. Z a yMl&Hz 4AXg:zMb/@alże Z|xyC{1w1K t6痎rh:s_uda4$^ Ba8lNc#<,};|$Z'PW7䬽W6fFy0n%xIos6!lU7Kq굠h4=Mk#."^Ӟϱ $|4G@ v% @Ц7dkP+u?K g,?A2G7.1]jȴq7 ,VDZ~učo;$C"%$rb$j4OUI44 `:EK.MCr4/ 1{C}#yq'K&0Cs=Bne.= āi{G!>{k-nLva/Ly >QHC긫x[a731^fY\ `ƌQSdbay XTx}cfRә{;)iKPH7OW'0vc}i%_;dGLT3{'1u6,O|ؙ>~Kب$ X~3Ʈ?*gNsYcy_o|4{GMkHxe( m, 9{/ բ]m6dU췱gN;mV)Kjj>ˍ4<6o1[烒y$CJj|!+h%N"q0MURqD3'o rXy"[L$+)4:z4]2|sLMl'|K^Y"xM]-F'*`a"d=_s GP ъ#Ћ?d!T]q|7uL84'wO"x _̫"esYo| ZNIΞCm/%f| +44r':[I}l* H*_O_tI="L1jV M .ba :u&o k5p -p=;|:nI<@m0&6nާ ЂF;)j^Qocƅ98gw_ 6fqODGR )LC>wxu_]oqKnqFb0_I/-ab+pD .mC,, o)TIIY!9gbw{\oݴZ rպ]ubiY1L'.Zܩ&nnj >PhޜauC = R0(r~ <Ԏ'Kաu珽 C[v|1K#!k^,ƈs)i͇^Ȓ"W'0X]m6^}㊌F2*mM]^I79m1&Q&<"y>qMؒ?R*(. 9 Ҙͼmp&O>u]&(?.q D bBۑKiP _@YΣ@.X.& PNUEt03w  )n Q&@͍ؔ$s fG[#SOf1wEd+5tzFΎ[(ŀ1v o9Xժb^ g>Bwjӟ{cb347OB$i`io1)t/Hƽ sRjf|D7]=ud + fjAx`p3Wj< L">K|/j#q n#_;(^eYQ&㙾0镤Bʕ%^TFVwO:ϧV}OMfbt&6/MJg* WSr=Xsm.4 "}ɂwoûH‹#飱</œ(o/.!bXթ0 S(O!~ټnzj6ZAN|A՜:\rouCFPkF5_4S(d#˛@f+OO>92?۹y;͌rgW;\C/3N/a_f%22 >2@ \B/3 y2zOP)3(ˌr߫ʐ+ ;:_ ݌3ee/PKzG௏ ?eC>eSn&&oon2/>IR< 9ktqv{8gK"*SV9,N3wǸI8z.{] 7[O't9.~QBxȝK-9ǂ҇fߦ ~ #{"{auDr)e8cNtwkw=xĽ+L߃8&n7=v=z:[S_<)7.q{ZD\wp#^][;T_;Yo)P/C~D:$l(^:pq}o*k6 WX-ʊLh,Ӿ 0׀x7O{e3n~m;=wk`ni>Y¯)hP#ŬjC!(lVа-}Q?"0^?"K&^f5tG4&{7t0E57vጝv${ D1`EW c$P"`)I֞:vCV03uҼ1i*m {{[dSMD y`k䣷 \*a$Sc}#;9X!Døft8 z=yKcN3eQ8l1@ө6RK$Fr&߲jOFb /΅Z9P)w 5]OoaV!ֆ"V<B.NDw$ɑz?[b>$apb9WOqC 05d7¯^C/{sXLa\Dm8HHL/ u xn'!"nOIX^r.M+.Ġ/3>g'4WBMxg: tnc i) ӱwlSFK]9fo5FXk[MAvLZt6ql>9nxV,טܘ0Dc,3V@UmQ^,@%93,G>~ƈb"ki`?\=Ud# BÑz YV8R"?&3z1JJ1@b .lÏiLՍFoUe@`x@3.:9Ġx5C左eS% ?~8BN"KY[~Qؗ@1a۶^g*Iůx.AGh]|oSې)0XP<ѕR }J DI`S'xҋ.NNM~ǓKӘ2J1А8ٶ2OA=p Oke[ F'p' ! X0yԲSpY .Ыv.|h@NloM'$eⓄׁݜVO Xo|8h-d|!(ߠi3 CWsMrzQZˬ`.yMu - a-0kkSp?YimKE&(Xp\'AR$6[QKyWv?oc3)+gwt-(5om|hd-./#Z&c`H؂{3-W,)W ]'[Sܟ=BKYaқۛ:^,{QAbFKN8utq݆G0׬[[+ Qy6 ;ЩB~c. m}mnJQzڰKQa[R7DmEtŒ^xmhT|EmE>m+9FB19Ǥ9-tflX lp/>G1GK81F`gw^?Rɸ{m epCdkZ+ D1-I&_aQd+(*)ؐsm5G0X1#(RK&t>u0 'Ɣ ϰ"- s鋮cˉ3[Sg>) 3 .^s /սk 1EylT$¨Bfri||w53 cyx MSf}')VSL_Xћ_,P>q"'\@ʂb /zxy f <\eGu `gɳ^ax󨂷 ѰƬV>;)>\t-MǍgםWM)h,-(ZNJ`bXnl_+؇?`(m\}l4nF_>͙iVcA$⑭7~K@ƢI:6p09(6`3ڔ9MR"Zk/!dR8.զr0:_ RFp -αysN_ ?e4=}