This month’s launch of Australia’s New Payments Platform is likely to increase the risk of fraudsters seeking to exploit the availability of real-time bank payments warns cybersecurity specialist Centrify.
Centrify, a leading provider of Zero Trust Security through the power of Next-Gen Access, enables more than 5000 organisations globally, including over half the Fortune 100 in the US, to proactively secure their businesses.
Launched publicly last week, the New Payments Platform (NPP) provides Australians with the ability to send each other money in “real time”, through a new system for settling transactions between banks assisted by the Reserve Bank of Australia.
The NPP will allow customers of as many as 60 financial institutions to link their bank details to a PayID, so they can hand out their phone number or email address to receive payments instead of number-based bank account details. The first product built on the platform is Osko, a person-to-person payment utility from BPay.
However, Centrify’s Senior Director for APAC Sales Niall King has advised Australian consumers and businesses to review their security practices before using NPP-enabled services. “Security is the price we pay for convenience,” he said.
“As technology and threats change, so too do attitudes, as demonstrated by a recent IBM Security study of consumer perspectives about digital identity and authentication, which found that people now prioritise security over convenience when logging into applications and devices. Increasingly, consumers, especially millennials, recognise the benefits of biometric technologies like fingerprint readers, facial scans and voice recognition, as threats to their digital identity continue to mount.
“While the New Payments Platform will let you make payments faster and easier, it also raises the risk that criminals will exploit this capability to get away with fraud faster and easier. Because bank transfers will no longer have a three-day buffer period to clear, banks will need to detect fraudulent activity in real time. You can guarantee the bad guys will work overtime to exploit any vulnerabilities, especially through scam emails or calls designed to steal consumer information.
“In the UK, where its Faster Payments real-time payments platform was launched 10 years ago, research into the platform shows problems with fraud and scams, partly because banks in the UK had trouble identifying potentially fraudulent transactions. While Australia’s banking system has undoubtedly learned from that experience, consumers and businesses should not take security for granted when starting to use the New Payments Platform.”
Centrify advocates a Zero Trust security model which centres on the concept that users inside a network are no more trustworthy than users outside the network.
Mr King said the launch of the New Payments Platform provided an ideal opportunity for Australians to rethink their security in relation to financial services. “Although passwords are still widely used, they no longer provide adequate protection for your online activities,” he said.
“For this reason, bank customers need to do more than just regularly change their access credentials to something that is difficult to guess. They need to embrace all the security technologies that their bank offers, whether that is multi-factor authentication or biometric identification. They should review their existing security credentials, research what additional security is available from their bank and then take full advantage of that extra protection before starting to use the New Payments Platform.”
For more on how you can implement Centrify Identity Services, click here. For Centrify media assistance in Australia and New Zealand, call John Harris on +61 8 8431 4000 or email firstname.lastname@example.org.
Centrify delivers Zero Trust Security through the power of Next-Gen Access. The Centrify Zero Trust Security model assumes that users inside a network are no more trustworthy than those outside the network. Centrify verifies every user, their devices, and limits access and privilege. Centrify also utilizes machine learning to discover risky user behaviour and apply conditional access — without impacting user experience. Centrify’s Next-Gen Access is the only industry-recognised solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). More than 5000 worldwide organisations, including over half the Fortune 100 in the US, trust Centrify to proactively secure their businesses.
### Centrify is a registered trademark and Centrify Server Suite, Centrify Privilege Service and Centrify Identity Services are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners.
Email fraud is nothing new, but online criminals have become ever more-effective at spoofing their identities to trick employees into sending them money. The Australian Centre for Cyber Security (ACSC) recorded losses of over $20M to business email compromise (BEC) attacks last year alone, up 230 percent over the previous year – and the full amount is certain to be much larger.
Cybersecurity Insights - Attack
No matter how robust your security, or how diligent your employees, network credentials are a free pass for cybercriminals. This is mostly because employees are relied upon for their own password management. And with more than 4.8 billion sets of stolen credentials said to be available online, odds are that at least a few of your employees’ user IDs and passwords are just waiting to be used by unscrupulous outsiders. Are you ready to stop them?
Cybersecurity Insights - People
Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.