Neira Jones on Enhancing Payment Security (Part 1)

The shift towards digital transactions has led to an increase in vulnerabilities, says Neira, who identifies two major concerns in payment security for 2024: 

• Lack of cooperation. There’s a siloed approach to fraud prevention, with fraud and cyber security teams often working independently. This lack of communication and collaboration hinders organisations from effectively addressing threats.
• Outdated security measures. Many organisations, especially in the financial sector, are slow to adopt new security measures. They also tend to spend a lot of money on the wrong technology, failing to pay attention to basic strategies.  

Fraud prevention and cyber security are two sides of the same coin, but only the more mature organisations realise this, according to Neira.

With the rise in digitalisation and automation, fraudsters find new loopholes in processes and exploit them sometimes quicker than regulators can react. For example, authorised push payment fraud is a worldwide problem that is not yet sufficiently regulated and is more easily exploited.

Cyber security professionals who deal with phishing and social engineering could help solve some of the fraud prevention problems. However, this rarely happens because of a lack of cooperation not only at an industry level but often within the same organisation.

Organisations that want to identify and address vulnerabilities efficiently should encourage fraud and cyber security teams to work together.

Companies sometimes invest heavily in new technology but ignore basic security hygiene.

An example is DMARC, a standard that’s been around for over a decade but has low adoption rates even among major banks.

Organisations should prioritise implementing well-established security measures and stay informed about the latest threats.

Twenty years ago, rule-based systems made fraud prevention easier. Now, with the emergence of AI — a vector for both good and bad — fraudsters are becoming more sophisticated.

In this evolving threat landscape, you need to react and anticipate faster — so fast that, in fact, people alone can’t do it, Neira suggests. Nowadays, organisations need to adopt AI and machine learning themselves to anticipate suspicious activity.

Technology is necessary not only because fraudsters leverage AI but also because of the growing complexity of regulations, especially in the financial industry. Complying and, at the same time, protecting your organisation, customers, and partners can only be done through automation.

Proactive measures, collaboration, technological innovation, and a holistic approach to security help organisations fight fraud and cyber threats.

As financial transactions become increasingly digital and complex, organisations must prioritise security to protect their customers and maintain trust in the digital economy.

We discuss this further in Part 2 of our interview with payment security expert Neira Jones. Coming soon!

Stay tuned and subscribe to our newsletter to receive monthly updates with Eureka moments from top cyber security experts.