Technorati Tags: fraud, identity, risk analysis, social networking
I’ve just been making some notes about the difference between “newspaper threats” and actual threats to a payment system because of some risk analysis work, and it reminded me that our perspectives on fraud are naturally framed by those kinds of stories, which I just randomly pulled up from the last couple of months. But there are major differences between consumer perception and actual reality. Test your knowledge with this true/false quiz that I found a while back on the DGC Blog. As a taster…
The first question and answer are: the popular belief is…….
(1) Most fraud occurs due to data breaches or Internet usage? T/F
(a) False. Traditional crimes are most common. Data breaches account for 3% of known-cause fraud, Internet 16% (from 12% in ’06).
Let’s not get carried away with a focus on identity theft as the crime of the new era. People still rob banks with shotguns (amazingly: I guess they don’t realise how much more they could steal simply getting a job at the bank).
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]
I agree that most payment fraud still comes from other channels.
But, I would say that phishing and related is the first major and pervasive threat to value that comes from the digital world. It’s the one that we invented, it’s the one that belongs to us at each phase of the operation.
If we have any responsibility in the game, it should be to clean up our own area first.
In looking at the emergence of threats, and the emergence of responses to those threats, I also saw this disjointedness between the perception and the reality.
To deal with this, I suggest a “validated threat” test. There are many threats, but how many are validated? Which is to say, for each threat, do we have enough information to plausibly include it in our security responses? I propose a three part test:
* clear
* present
* dangerous
https://financialcryptography.com/mt/archives/000751.html
“But, I would say that phishing and related is the first major and pervasive threat to value that comes from the digital world. It’s the one that we invented, it’s the one that belongs to us at each phase of the operation.”
Incisive point, well made.