The U.S. Financial Services Internet Security, Privacy, and Fraud Report

Oct 1, 2005
218 Pages - Pub ID: LA1091629
Share this report
 
Online Download $2,440
Hard Copy Mail Delivery $2,440
Global Site License $4,880
Online Download plus 1 Hard Copy $2,740
Special Offer. Now 25% off the original price of $3250.
As financial services products and services increasingly migrate to online platforms, financial service providers have had to grapple with evolving security, privacy and fraud issues, which have greatly impeded consumer acceptance of the online product channel (and, consequently, online financial services growth) and have cost both corporations and consumers billions of dollars. However, technologies once under the exclusive domain of the government and the military have finally begun to make their way into the consumer financial services space, with tangible results.

Relying on interviews with industry executives, and replete with market size and forecast information on two-factor authentication and biometrics, as well as scores of tables and charts, The U.S. Financial Services Internet Security, Privacy and Fraud Report analyses the causes, consequences, and trends regarding consumer financial privacy and fraud concerns and the evolving technologies, legislation and policies that are emerging to protect financial information.

For example, it assesses different account hijacking strategies, the prevalence of account hijacking, and the financial impact of identity theft. The report also explores how technology is evolving to meet these threats, including scanning tools, e-mail authentication, single-factor and two-factor authentication, and biometrics.

The report takes things a step further by analyzing those financial services companies at the forefront of using new technologies and procedures to thwart Internet privacy and fraud concerns. In doing so, the report provides information on and analysis of scores of technology companies and financial services companies.

Our report will also cover:

  • Identity Theft Insurance
  • Verified by Visa
  • MasterCard SecureCode
  • Credit Bureau Initiatives

Technologies from the following companies will be highlighted:

  • Actimize
  • ActivCard
  • Authentify
  • Axalto
  • Beepcard
  • BioPay
  • Bioscrypt
  • CipherTrust
  • CMX Technologies
  • Cloudmark
  • Cyota
  • Diebold Inc.
  • Digital Persona
  • Entrust
  • Fair Isaac Corporation
  • Fujitsu Computer Products of America
  • Hewlett-Packard
  • IBM
  • Microsoft
  • Nuance
  • PassMark Security
  • Pay By Touch
  • Pen-One Inc.
  • Real Time Data Management Service
  • RSA Security
  • SafLink
  • StrikeForce Technologies
  • Tools.com Inc.
  • VASCO Data Security International
  • Verisign
  • Whole Security Inc.

Chapter 1 Scope of Problems
  • Introduction
  • Security and Privacy Concerns Plague Financial Services Industry
  • Online Banking Affected Table 1-1 Why U.S. Households Do Not Use Online Banking Services, 2002
  • Online Bill Pay Affected
  • However, Many Consumers Use Online Banking Despite Having Concerns
  • But Headline-Grabbing Data Breaches Proliferate
  • ChoicePoint
  • Other Major Breaches Follow
  • The MasterCard Breach
  • Table 1-2 Chronology of Data Breaches Reported Since February 2005 ChoicePoint Incident*

  • Consumer Perceptions
    • Consumer Expectations of Financial Institutions High
    • Consumer Concern Runs High, Too
    • Table 1-3 US Consumers' Concerns Over Online & Offline Card Fraud
    • Web Channel Affected
    • Moving Accounts an Option . . .
    • That Some Consumers Have Taken
    • Security Offerings Could Sway Customer Loyalty
    • In the Face if Increased Security, Convenience a Concern

  • Financial Services Industry Concern: Identity Theft at the
  • Top of List
    • Table 1-4 Leading Threats against Deposit Accounts, by Bank Size Group (% of Banks)
    • Survey Finds Wide Gaps in Consumer Safeguards At Some Large Institutions

  • The Scope and Prevalence of Identity Theft
    • Definition of Identity Theft
    • Prevalence of Identity Theft
    • One-Third of Victims Reported That Information Was Used to Open New Accounts
    • 2 Million Internet Users Experienced ID Theft in 2004
    • 2004 National and State Complaint Trends in Fraud & Identity Theft
    • Fraud
    • Identity Theft
    • Table 1-5 How Identity Theft Victims’ Information is Misused
    • How Victims’ Information is Misused Table 1-6 Credit Card Fraud: 2002 - 2004*
    • Table 1-7 Bank Fraud: 2002 - 2004*
    • Table 1-8 Phone or Utilities Fraud: 2002 - 2004
    • Table 1-9 Employment-Related Fraud: 2002 - 2004
    • Table 1-10 Government Documents or Benefits Fraud
    • Table 1-11 Other Identity Theft: 2002 - 2004
    • Table 1-12 Loan Fraud: 2002 - 2004

  • Geographical Discrepancies
    • States, Metro Areas
    • Table 1-13 Top Ten States for ID Theft Occurrences
    • Table 1-14 Identity Theft Victimization by Region (by % of consumers)

  • Fraud by the Numbers
    • Payments Fraud and Control Survey
    • Highlights of Survey Results
    • Incidence of Fraud
    • Table 1-16 Was Organization a Victim of Payments Fraud in 2004? (Percentage Distribution)
    • Table 1-17 Payment Methods Subject to Fraud in 2004 (Percentage of Organizations Subject to Payments Fraud in 2004)
    • Table 1-18 Payment Method with the Largest Dollar Amount of Fraud in 2004 (Percentage Distribution of Organizations Subject to Payments Fraud in 2004)
    • Table 1-19 Estimated Value of Payments Fraud in 2004 (Percentage Distribution of Organizations Subject to Payments Fraud in 2004)
    • Table 1-20 Party Responsible for Greatest Liability for Losses Resulting from Fraud in 2004 (Percentage Distribution of Organizations Subject to Payments Fraud in 2004)
    • Fraud Control Adoption Trends
    • Card Fraud by the Numbers
    • Table 1-21 2004 United States Bank Card Industry Revenue and Expenses ($ figures in billions)
    • Table 1-22 Net Credit/Debit Card Fraud in the U.S. After Gross Charge-Offs
    • Counterfeit Card Fraud
    • Credit Card Fraud Technology Solution
    • Check Fraud by the Numbers
    • Illegal Checking Account Transfers in the Rise

  • Internet Fraud by the Numbers
    • Computer-Based Theft Accounted for 12% of Known-Cause ID Fraud
    • Online Merchants Lost $2.6 billion to Fraud in 2004
    • Highest Costs Were Losses from Potential Revenue - Rejected for Fear of Fraud
    • Table 1-23 Total Number of Internet-Related Fraud Complaints & Amount Paid: 2004
    • Table 1-24 Internet-Related Fraud Complaints by Reported Amount Paid: 2004
    • Table 1-25 Top Products and Services for Internet-Related Fraud Complaints: 2004
    • Table 1-26 Percentage of Online Merchants Reporting Fraud-Related Expenses by Category
    • Figure 1-1 Internet-Related Fraud Complaints by Consumer Age: 2004

  • The Economic Impact of Identity Theft/Online Fraud
    • Table 1-27 Cost of Identity Theft in Time and Money

  • Ways of Perpetrating Identity Theft
    • Table 1-28 How Personal Information Was Obtained in Identity Thefts, 2004
    • Phishing
    • Number of Consumers Affected by Phishing Attacks
    • Phishing Attack Trends Report Results
    • Number of Reported Brands
    • Countries Hosting Phishing Sites
    • Phishing Threat Continues to Grow
    • The Cost of Phishing

  • Malicious Code and Malware
    • From Phishing to Malware - Removing the Human Element
    • Malicious Code
    • Pharming
    • Keylogging
    • Malicious Code and Exposure of Confidential Information
    • Figure 1-2 Malicious Code Threats to Confidential Information
    • Back Door Server Programs
    • Trojans a Particular Threat
    • Figure 1-3 Trojans as % of Top 50 Malicious Code Submissions
    • A New Malware Threat: Screen Scraping
    • Financial Services Sector Receives Highest Ratio of Severe Attacks
    • Financial Services Industry Most Frequently Targeted
    • Figure 1-4 Most Targeted Industry Sectors

    Chapter 2 Solutions

    • Introduction
      • Single Password Insufficient; Two-Factor Needed
      • Report Findings: Steps to Reduce Online Fraud
      • Challenges
      • What the Associations Have Done
      • Card Activation
      • Card Signatures
      • Visa’s Cardholder Information Security Program
      • MasterCard’s Site Data Protection Program
      • Verified by Visa
      • MasterCard’s SecureCode
      • Discover’s “DeskTop” Online Shopping Tool
      • PIN Entry Device Cooperation

    • Prevention and Mitigation of Phishing
      • Preventing and Mitigating Mal-ware

    • Software Downloads for Customers
      • Internet Companies Take Lead
      • Banks Follow
      • Wachovia
      • National City
      • Phishing/Pharming One-Two Punch
      • Example: Pennsylvania State Employees CU Uses FraudAction
      • While Online Base Grows
      • Example: HBOS Experiences 80% Reduction in Fraud
      • Cyota’s Pharming Soluion

    • FDIC Phishing Mitigation Strategies
      • Scanning Tools
      • Scanning Software
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 2-1 Ratings for Scanning Software
      • Server Log Analysis Software
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 2-2 Ratings for Log Analysis
      • E-Mail Authentication (Sender ID)
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 2-3 Ratings for Sender ID

    • User Authentication
      • Single Factor Authentication
      • Two-Factor Authentication
      • Consumers Accept Concept of Two-Factor Authentication
      • Two-Factor Insufficient?
      • Two-Factor Authentication Growth

    • Background Systems
      • Content Filtering
      • CipherTrust’s IronMail
      • Background Authentication and Fraud Systems: A Risk-Based
      • Approach
      • Transaction Solutions
      • Fair Isaac Falcon Fraud Manager
      • Behavior Pattern Detection Solutions
      • Actimize
      • Cyota
      • Device Authentication Solutions
      • First Data
      • Voice Telephony
      • Two-Factor Risk-Based Authentication
      • Shared Secrets
      • A New Twist
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 2-4 Ratings for Shared Secrets
      • Product Deployments
      • Cyota’s eSphinx
      • Cost of eSphinx
      • PassMark
      • Cost of Passmark Solution
      • Example: Stanford FCU
      • Example: Bank of America’s SiteKey Service
      • Preprinted Authentication Cards
      • Entrust IdentityGuard for Consumers

    Chapter 3 Tokens and Smart Cards

    • Introduction
    • Two-Factor Authentication Tokens
      • Strong Two-Factor Authentication Tokens Taking Root
      • USB Token Device Explained
      • What Is It and How Does It work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 3-1 Ratings for USB Token Devices
      • Password-Generating Token Explained
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 3-2 Ratings for Password Generating Tokens
      • Challenges to Two-Factor Tokens
      • Open Standards
      • Implementation Considerations

    • Token Deployments
      • Tokens Already at Home in Europe
      • U.S. Token Product Launches
      • E-Trade OTP Consumer Tokens
      • American Bank OTP Consumer Tokens
      • Stonebridge OTP Consumer Tokens
      • AOL OTP Consumer Tokens
      • Bank of America Corporate Roll-out
      • Wachovia OTP Consumer Token Pilot
      • U.S. Bank USB Consumer Pilot
      • “Soft” Token Authentication for the Mobile Market

    • Token Costs
      • TCO an Important Factor
      • Why Tokens Over Biometrics?

    • Strong Authentication Token Market Size and Growth
      • Hardware Token Market Size and Growth
      • Vasco
      • Market Penetration: A Drop in the Bucket
      • U.S. Sales A Very Small Part of Total Sales; Consumer Sales
      • Negligible
      • Table 3-3 Vasco International 2004 U.S. Revenue and Banking Revenue
      • RSA Security
      • Table 3-4 RSA Security Vertical Markets: 2004 vs. 2003
      • Table 3-5 RSA Security: Amount, % of Total Revenue and % Increase in Revenue by Product Group, Type and Line: 2004 vs. 2003*
      • Table 3-6 RSA Security: Amount, % of Total Revenue and % Increase in Revenue by Region: | 2004 vs. 2003*
      • RSA Market Penetration
      • Table 3-7 Worldwide Market Potential for Strong Authentication
      • Consumer Space Still a Drop in the Bucket: Growth Expected
      • U.S. Financial Services Strong Authentication Token Market Size and Growth
      • Table 3-8 Percentage of U.S. Token-Enabled Online Banking Users

    • Smart Cards
      • Smart Card: What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 3-9 Ratings for Smart Cards
      • Smart Cards Circumvent Key Logging
      • Example: USB AG Bank
      • Example: Axalto Smart Card
      • Europe and Asia Embracing Smart Card Security Features
      • EMV
      • EMV Reliability Rules
      • Table 3-10 European Smart Card Volumes 2004 (forecast)
      • (millions of units)
      • ActivCard 4TRESS Authentication Server Provides Back-end Support for MasterCard Chip Authentication Program
      • Smart Card to be Used as Token
      • A European Phenomenon
      • Smart ATM Cards Take Off in Japan
      • Financial Services-Based Smart Card Growth in U.S. Fizzles
      • Table 3-11 U.S. Households That Use Electronic Banking Technologies
      • Recent Smart Card Initiatives Flop
      • Cost-Benefit Analysis Can’t Make Case for Adoption
      • Smart Card Cost
      • American Express a Lone Success Story
      • Smart Card Growth in Financial Services Space
      • Non-EMV Regions at Risk for Fraud?
      • PIN/TAN
      • How It Works
      • PIN/TAN Outflanked in Tests

    Chapter 4 Biometrics

    • Introduction
    • How Biometric Systems Work
      • What Are Biometrics?
      • Distinguishing Features
      • A Two-Process Solution
      • Enrollment
      • Preventing Fraud at Enrollment Stage Critical
      • Matching
      • The Matching Process: In Detail
      • Matching: A Statistical Process - Never a 100% Match
      • Verification vs. Identification
      • Verification: One-to-One Matching
      • Identification: One-to-Many Matching

    • Barriers to Biometric Adoption
      • Cost
      • Cost Issues
      • Cost-Benefit Trade-Off
      • Table 4-1 Cost Comparison
      • A European Cost Comparison
      • Technology Maturity
      • Accuracy Issues
      • False Match vs. False Non-Match
      • Why They Occur
      • Figure 4-1 Biometric System Process
      • Impact on Verification and Identification Systems Differ
      • Failure to Enroll
      • Interoperability and Standardization
      • Lack of Standards

    • Public Acceptance
      • Misuse
      • Consumer Acceptance of Biometrics May be Improving
      • Convenience
      • System Integrity

    • Barriers to Use in Financial Sector
      • Barriers to Greater Use of Biometric Technologies to Reduce
      • Cost and Incidence of Identity Theft
      • The Seven Pillars of Biometric Evaluation
      • Table 4-2 Seven Pillars of Biometric Wisdom
      • Table 4-3 Selected Technologies Comparison against the Seven Pillars
      • Efficacy in Thwarting New Account Fraud Questioned
      • Use of Biometric Technology in Credit Card Space Discouraged
      • Federated Identity Technology Suggested
      • Database Storage Critical

    • Government Use of Biometrics Leads the Way
      • Homeland Security Initiatives: US-VISIT & TWIC Programs
      • Presidential Homeland Security Directive
      • The International Civil Aviation Organization to Include Face
      • Recognition
      • Department of Defense and Smart Cards
      • Social Security Administration and Voice Recognition
      • State Departments of Motor Vehicles Increasingly Use Face
      • Recognition
      • Bottom Line: Government Spending to Drive Biometrics -
      • and Increase Commercial Potential?

    • Use of Biometric Solutions in Financial Transactions
      • Physical and Logical Access
      • Customer Authentication
      • Check Cashing
      • ATMs and Retail Point of Sale

    • Biometrics: Market Size, Market Share and Growth
      • Financial Services Biometric Authentication Penetration
      • Table 4-4 U.S. Biometric Industry Annual Revenues 2003-2008 (in millions)
      • Table 4-5 Biometric Technologies: 2003 Global Market Share
      • Table 4-6 Worldwide Biometric Technology Revenues by Technology
      • (in millions)
      • Biometrics Set for Growth in Retail Industry
      • Table 4-7 In which areas did your company test or launch a program in 2004?
      • Table 4-8 In which areas will your company test or launch a program in 2005?

    • Categorical Assessment of Biometric Technologies
      • Fingerprint Recognition
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 4-9 Ratings for Fingerprint Recognition
      • Table 4-10 Fingerprint Recognition: Strengths and Considerations
      • Where Fingerprint Technology Is Used
      • Physical and Logical Access
      • Employee Authentication
      • Employee Money Transfer Authorization
      • On-Site Fingerprint Customer Authentication
      • Technology Credit Union
      • United Banker’s Bank
      • Bank of America
      • Fingerprint-Enabled Kiosks
      • Purdue Employees Federal Credit Union
      • Retail Point-of-Sale Fingerprint Authentication
      • Biometric Point-of-Sale Market Size and Growth
      • How Fingerprint Recognition Works At POS
      • Cost Considerations for Retailers
      • On the Plus Side: Option to Shift Customer to ACH Debit
      • On the Plus Side: Labor Cost Savings
      • On the Plus Side: Customers with Check-Bouncing History Can be Flagged at Enrollment
      • On the Minus Side: Card-Not-Present Rates Kick In
      • Product Cost
      • Product Deployments
      • Example: Cub Foods
      • Example: Piggly Wiggly
      • Computer-Based Fingerprint Products for Online Authentication
      • Fingerprint-Enabled Laptops and PCs
      • Voice Verification and Recognition
      • Scope of Problem
      • Market Size and Growth
      • Voice Verification
      • Reliant on Physiological and Behavioral Characteristics
      • How it Works
      • Text Dependent vs. Text Independent Systems
      • Hardware and Software Solutions
      • Hardware-Based Solutions
      • Software-Based Solutions
      • Voice Verification vs. Voice Recognition
      • Voice Recognition
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 4-11 Ratings for Voice Recognition
      • Voice Biometric Product Deployments
      • Online User Authentication for PIN
      • Online Authentication
      • Hand Geometry
      • Table 4-12 Hand Geometry: Strengths and Considerations
      • Customer Authentication Implementation Examples
      • First Horizon
      • Bank of America
      • Palm Vein Pattern Recognition at the ATM
      • Palm Vein Pattern Recognition at the PC
      • Hand/Fingerprint Hybrid ATM in Japan
      • Face Recognition
      • What Is It and How Does It Work?
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 4-13 Ratings for Face Recognition
      • Table 4-14 Face Recognition: Strengths and Considerations
      • Signature Scanning and Keystroke Recognition
      • Signature Recognition
      • Keystroke Recognition
      • Effectiveness/Protection
      • Ease of Use and Requirements
      • Table 4-15 Ratings for Keystroke Recognition
      • Keystroke Recognition Product Launch
      • Iris Recognition
      • Table 4-16 Iris Recognition: Strengths and Considerations

    Chapter 5 The Identity Theft Legal and Regulatory

    • Landscape
      • Introduction
      • E-Banking & The Electronic Fund Transfer Act/Regulation E
      • Internet Credit Card Purchases & The Truth-in-Lending Act

    • Identity Theft Insurance
      • Example: PNC
      • Example: Citibank

    • Legislative and Regulatory Responses to Identity Theft
      • Standards for Protecting Information
      • Federal Financial Institutions Examination Council Guidance
      • Gramm-Leach-Bliley Act
      • Fair and Accurate Credit Transactions Act of 2003
      • USA PATRIOT Act
      • Increased Penalties and Tools for Law Enforcement
      • ID Theft Act
      • Identity Theft Penalty Enhancement Act
      • Internet False Identification Prevention Act of 2000
      • Mandatory Disclosure Law Trends
      • Federal Mandatory Disclosure Trends
      • Senate Security Management and Data Notification Bill Introduced
      • in July 2005
      • Exemptions
      • Senate Banking Committee: National ID Theft Notification
      • Sen. Feinstein Introduces Tougher Version of ID Theft Bill
      • House Energy and Commerce Committee Holds Hearing on Security Breaches
      • Federal Agencies Finalize Guidance on Customer Security Breach Notification
      • State Regulations
      • Recent Trends in the Commercial Sector

    Appendix Directory of Vendors

    • Actimize Inc
    • ActivCard Corp.
    • Authentify, Inc.
    • Axalto
    • Beepcard
    • BioPay, LLC
    • CipherTrust, Inc.
    • Cloudmark
    • Cyota, Inc.
    • Diebold, Incorporated
    • Digital Persona, Inc.
    • Entrust
    • Fair Isaac Corporation
    • Fujitsu Computer Products of America, Inc.
    • Hewlett-Packard Company
    • IBM Corporation
    • Tools.com, Inc.
    • Microsoft Corporation
    • Nuance
    • PassMark Security, Inc.
    • Pay By Touch
    • Pen-One, Inc.
    • Real Time Data Management Services, Inc.
    • RSA Security
    • SAFLINK
    • StrikeForce Technologies, Inc.
    • VASCO Data Security International
    • Verisign Inc.
    • WholeSecurity, Inc.

  • In this report, {{keyword[keywordTextProperty]}} appears {{keyword[keywordCountProperty]}} times. {{searchResults.STATRESULT.SUMMARY.KW[keywordTextProperty]}} appears {{searchResults.STATRESULT.SUMMARY.KW[keywordCountProperty]}} times.

    We were unable to search inside this report.

    Search for an exact word or phrase by placing the word or phrase in quotation marks ("market trend"). Search for different versions or tenses of a word by placing an asterisk at the end of the word (pharma*).

    Please note that your term must be at least three characters long and numbers will be blocked by the # sign.