The most effective – and perhaps only – means of protection against such malicious software (malware) attacks is stronger authentication technology. Most of the available approaches require a hardware device to supplement the traditional username and password. These solutions have met with some resistance due to issues of cost or complexity. However, risk-based authentication – an approach that utilises both direct and indirect data to assess the probability of each customer interaction’s authenticity – is as effective as hardware or software-based authentication approaches but far less expensive to implement and manage.
James R Eckenrode is managing director of the banking and payments practice at TowerGroup.