certificates & industry membership internal newsletter of mk … · 2019-04-04 · was...
TRANSCRIPT
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Editor-in-chef: Ms. Phan Thi Quynh Hoa – MD of MK Group
Note: All information and images in this internal magazine were collected and edited from various reputed sources by MK Group and used for knowledge-sharing purposes only.
| Email: [email protected]
Internal Newsletter of MK Group
- Issue #37 | April 2019
❖ MK Smart accompanies with
commercial banks in Vietnam
for a successful VCCS chip card
migration
❖ Mobile payment market booms
in Vietnam
❖ Kaspersky report tracks
financial malware attacks in
2018
❖ New SimplyGo system to let
bank cards double up as public
transport travel cards
❖ Millennials think cash will go
away, but lack credit savvy
❖ Crybercrime report: The rise of
the mobile bot
Headlines
MK WORLD OF CARDS
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
MK Smart accompanies with commercial banks in Vietnam for a successful
VCCS chip card migration
On the morning of March 26, 2019 at Melia Hotel Hanoi and March 28, 2019 at Majestic Hotel in HCMC, MK Smart Joint Stock Company (MK Smart) has
collaborated with Infineon – (a renowned secure chip card manufacturer for global payment applications) and NEXT Biometrics ( a leading company in
advanced fingerprint sensor technology for applications that require highest level of security and accuracy), to successfully organize:” Accompany with
commercial banks in Vietnam for a successful VCCS chip card migration” conference.
October 10th , 2018, State Bank of Vietnam (SBV) officially issued Vietnam Chip Card
Standards. According to the roadmap approved by the Governor of SBV, by
December 31st , 2021 at the latest, the entire magstripe cards in Vietnam must
complete the migration to VCCS standard chip cards.
With 70 millions of domestic cards need to be migrated in to VCCS chip cards
currenttly, if Vietnam is behind this schedule, it could become the country for card
frauds with increasing number of skimming and phishing cases.
Scope of VCCS including contact and contactless chip cards that compatible with
EMV standards will help banks implement new issueing system effectively by
inheriting their current EMV card issuance and acceptance infrastructure. The
migration also allows banks to apply dual interface cards (supporting contact and
contactless interface) upon the first stage, eliminating one step of migration from
magstripe cards to contactless cards as the lesson learnt for other countries.
At the conference, MK Smart’s experts had introduced to banks and financial
institutions details of additional value in its comprehensive solution packages
conformity to VCCS standards. MK Smart provides new technologies related to chip
card production with design options, such as printed serial number, image on chip
module surface, diversifying color of chip module to increase brand recognition and
aestheticism of the cards. Along with this, MK Smart also provide automated card
testing solutions to exclude card errors after manufacturing and personalization.
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
With years of experience working with international card organization including Visa,
MasterCard, JCB, UPI and NAPAS, MK Smart’s expert have recommended card
issuers to choose dual interface technology to ensure quick, seamless and fraud
prevention.
Also in the two conferences held in Hanoi and HCMC, one of the technologies
introduced by MK Smart and NEXT Biometrics and highly interested by attendees
was biometric payment technology with finger print authentication.With absolute
security and high durability, ease of use, this solution promises to be one of mega
trends in the future global payment.
In addition to biometric solution, Infineon also proposed and demonstrated advanced
and fashionable wearable payment solution. Those solutions will provide more
options for banks in Vietnam in implementation of their payment methods to bring
utilities to consumers and catch up with global payment trends.
To conclude, Mr. Nguyen Trong Khang – Chairman of MK Group committed to
support banks and financial institutions in Vietnam to cary out the migration as well
as remove pressures on technoloy, infrastructure, experience in card issuance
implementation if MK Smart was selected ./.
Roadmap of migration follows requirement stated in Circular 41/2018/TT-NHNN issued by SBV:
• Merchants:
- By December 31st , 2019, at least 35% of ATMs, 50% merchants’ active POS in Vietnam must follow VCCS.
- By December 31, 2020, 100% of ATMs and merchants’ active POS in Vietnam must follow VCCS.
• Card issuers:
- By December 31st , 2019, at least 30% of active cards have BIN of SBV accordancen to VCCS
- By December 31st , 2020, at least 60% of active cards have BIN of SBV accordance to VCCS
- By December 31st , 2021, 100% of active cards have BIN of SBV accordance to VCCS.
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Entrust Datacard, a leading provider of trusted identity and secure issuance technology solutions, today announced
its contribution to the new Security Maturity Model (SMM) Practitioner's Guide, published by the Industrial Internet
Consortium (IIC). The Practitioner's Guide provides detailed actionable guidance enabling IoT stakeholders to
assess, manage and mature the security of IoT systems.
Building on concepts identified in the groundbreaking IIC Industrial Internet Security Framework published in 2016,
the SMM defines levels of security maturity for a company to achieve based on its security goals and objectives as
well as its appetite for risk. Organizations may improve their security state by making continued security assessments
and improvements over time, up to their required level.
Entrust Datacard is pleased to contribute its expertise in security, identity and data protection to the SMM
Practitioner's Guide. Sandy Carielli, director of security technologies for Entrust Datacard, co-authored the new SMM
Practitioner's Guide in conjunction with other security leaders who are also members of the IIC.
"The Security Maturity Model is a valuable resource that will help organizations prioritize their IoT security
investments," said Sandy Carielli. She continues, "Entrust Datacard understands the importance of building and
maintaining a trusted IoT ecosystem. The SMM Practitioner's Guide will provide organizations with detailed guidance
and specific milestones to assess their progress against security targets."
The practitioner's guide includes tables describing what must be done to reach a given security comprehensiveness
for each security domain, subdomain and practice and can be extended to address specific industry or system scope
needs. The SMM was designed to be extensible, with the authors providing a framework for organizations to add any
necessary industry- and system-specific considerations to each table. Critically, the practitioner's guide offers many
opportunities for organizations to consider how to apply the concepts, including short examples after each table and
three full length case studies.
"The IIC member authors, including Entrust Datacard, have developed an outstanding document to help organizations
determine the level of security they need with practical advice and examples," said Stephen Mellor, CTO, IIC. "There
is nothing like this available in the industry."
(Entrust Datacard)
Entrust Datacard Contributes to the Industrial Internet
Consortium’s Practitioner’s Guide for IoT System Security
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Trong năm 2016, các nhà sản xuất thẻ đã sản xuất 6,43 tỷ thẻ thanh toán trên toàn cầu, tăng
3,6% so với năm 2015. Thẻ thanh toán được thống kê bao gồm thẻ trả trước, thẻ tín dụng và
thẻ ghi nợ của MasterCard, Visa, UnionPay và thẻ ATM nội địa; thẻ American Express, Diners
Club, Discover, JCB, RuPay, Maestro; thẻ thanh toán bán lẻ, xăng dầu, y tế, hàng không, đỗ
xe và các loại thẻ thanh toán khác. Sự tăng lên trong sản lượng thẻ EMV đã dẫn đến việc
giảm số lượng thẻ từ được phát hành thời gian.
Trong lĩnh vực Thẻ thanh toán, 8 vị trí dẫn đầu danh sách vẫn không thay đổi so với năm
2015. Tổng số lượng thẻ của 8 “đại gia” này đạt 3,7 tỷ thẻ thanh toán, giảm 9,1% so với năm
2015.
Một trong những điểm nhấn ấn tượng của bản báo cáo lần này chính là MK Smart – thành
viên của MK Group đã được “xướng tên” là một trong những công ty có sự tăng trưởng ấn
tượng trong lượng thẻ sản xuất trong năm 2016 (tăng 58,2 triệu thẻ), tiếp theo đó là Toppan
Printing (tăng 27,5 triệu thẻ), Rosan Finance (tăng 11,7 triệu thẻ).
Theo xếp hạng của Nilson, MK Smart đứng trong TOP 15 về tổng sản lượng thẻ thanh toán
trong năm 2016 với 59 triệu thẻ, vượt qua DZ Card Thái Lan, trở thành nhà sản xuất thẻ lớn
nhất khu vực Đông Nam Á. Ngoài ra, khi xét riêng về thẻ thanh toán thương hiệu Visa và
MasterCard, MK Smart vươn lên vị trí thứ 8 trên bảng xếp hạng. Trong năm 2016, tổng sản
lượng thẻ sản xuất của MK Smart là 167 triệu thẻ với hơn 60% sản lượng được xuất khẩu
sang Nhật Bản và nhiều nước Châu Á, Châu Mỹ La tinh.
Sau 14 năm phát triển, MK Smart đã vươn lên trở thành một trong những cái tên tuổi lớn
trong ngành công nghiệp Thẻ, sánh với những nhà sản xuất thẻ lâu năm tại các quốc gia phát
triển như Gemalto, Oberthur, Giesecke & Devrient, đưa vị thế của Việt Nam trở nên đậm nét
hơn trong bản đồ các quốc gia sản xuất thẻ lớn trên thế giới.
MK Smart được thành lập năm 2003, là thành viên của Tập đoàn MK. Hiện nay MK Smart là
công ty hàng đầu Đông Nam Á trong lĩnh vực sản xuất thẻ thông minh phục vụ ngành viễn
thông (thẻ SIM), tài chính ngân hàng (thẻ từ và thẻ chip), các cơ quan, tổ chức và doanh
nghiệp. MK Smart là công ty Việt Nam duy nhất sở hữu công nghệ và kinh nghiệm về thẻ
chip, sản xuất thẻ SAM, công nghệ mã hóa và bảo mật.
MK Smart sở hữu 2 nhà máy sản xuất thẻ thông minh đặt tại KCN Quang Minh Hà Nội và
Khu Công nghệ cao Tp. HCM với quy mô lớn và hiện đại bậc nhất Việt Nam cũng như trong
khu vực. Với các chứng chỉ sản xuất thẻ tài chính Visa, MasterCard, JCB, Union Pay, MK
Smart được sản xuất thẻ cho các ngân hàng trong nước cũng như trong khu vực Châu Á-
TBD với chất lượng cao, giá cả hợp lý và thời gian giao hàng nhanh nhất.
Mobile payment market booms in Vietnam
The four major groups of players in the mobile payment market are fintechs, banks, mobile network
operators and technology firms.
MoMo, the best known e-wallet in Vietnam, has announced investment from US-based Warburg Pincus.
Declining to reveal the investment value, MoMo said this was the highest amount of capital injected by
foreign investors into fintech and e-commerce sectors in Vietnam.
MoMo is a favourite address for foreign investors. Prior to that, Standard Chartered Private Equity and
Goldman Sachs also poured money into it. The e-wallet said there are now 10 million MoMo users, with
the volume of transactions increasing by three times in the last year.
According to Pham Thanh Duc, CEO of MoMo, in order to double the number of users, MoMo in 2018-
2019 will focus on developing mobile payment platform to allow payments for anything, anywhere and
anytime, as well as develop online, office, and O2O partner network.
ZaloPay and AirPay, which both belong to powerful internet firms, VNG and SEA, have also spent big
money to run advertising campaigns to lure more customers.
Grab, well known in Vietnam as an e-hailing app, has developed GrabPay via Moca e-wallet. Sources
said the ambitious investor is making hectic preparations to jump into the finance and credit market.
Commercial banks have also joined the stiff competition in the payment market. Along with popular
mobile banking apps, banks have launched apps and platforms specifically designed for payments.
Vietcombank, for example, has VCB Pay; VP Bank, YOLO; Sacombank, Sacombank Pay; TP Bank,
QuickPay; and LienViet Post, Bank Vi Viet.
Expansion
According to the State Bank of Vietnam (SBV), 76 via-internet and 41 mobile payment service providers
and 26 e-wallets have been licensed so far.
Analysts have noted that all payment intermediaries want to become ‘super apps’, ecosystems that allow
transactions with many different purposes.
MoMo, for instance, has announced relations with 10,000 partners in many different fields, from
consumer finance and insurance to e-commerce, with 100,000 POS at restaurants, cafes, supermarkets,
jewellery shops and street food shops.
As for banks, Sacombank has said it now has 7,000 POS, where
2,500 agents accept payments with QR Code.
Technology firms such as Samsung, Google and Apple, and mobile
network operators such as Viettel and VNPT (the Vietnam Post and
Telecommunication Group), are rivals in the competition. The ‘big
guys’ all own large ‘ecosystems’ which include customer data and
associated services.
The race among app developers is in the number of connected
services, analysts said.
“The four major groups of players in the mobile payment market are
fintechs, banks, mobile network operators and technology firms.”
(Vietnamnet)
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
China Tests Facial Recognition Subway Payments
A subway operator in Shenzhen, China is testing facial recognition software, powered by a 5G network, to pay for
entry, according to reports.
The face would be linked to a payment account, although whether the technology will work for similar faces or
twins is not known.
Right now the experiment is being limited to one station, and people will be able to scan faces at the same place
they enter subway cards or tap their phones. In order to use the service, customers will have to register their faces
a day in advance, along with their linked payment accounts.
One of the advantages of the system is that forgetting a subway card will be a thing of the past. However, it also
means that users will be easily tracked, although some major Chinese cities already have artificial intelligence (AI)-
powered facial recognition surveillance cameras.
The technology was designed by Shenzhen Metro and telecom company Huawei. The metro company hasn’t said
if and when facial recognition will become a part of all of its lines.
The technology is fairly common in China, where people can even scan their faces to buy food from Kentucky
Fried Chicken, and have been able to since 2017.
In China, almost half the country uses mobile payments, to the point where the country’s central bank had to warn
stores not to reject cash.
As facial recognition technology is becoming more common, Amazon recently said it supports a national legislative
framework around the technology that “protects civil rights and ensures that governments are transparent in their
use” of such technology.
Michael Punke, vice president of global public policy at Amazon’s AWS division, wrote a blog post on Feb. 7 about
the topic, laying out not only the company’s views, but also guidelines for lawmakers who could be drafting future
legislation.
Amazon, which created the software Rekognition, defended its use as a viable tool for law enforcement, and said
outside groups that have criticized the software were using it incorrectly.
(pymnts)
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Last year, 889,452 users of Kaspersky Lab solutions were attacked by banking Trojans, an increase of 16 percent
compared with 2017, according to the cybersecurity firm's new report, Financial Cyberthreats in 2018.
The research also shows that Russia became the most targeted nation in 2018, accounting for more than 22
percent of global users attacked with banking malware, a press release said.
Russia is followed by Germany (more than 20 percent), India (nearly 4 percent), Vietnam (3 percent), Italy (2
percent), the United States (2 percent) and China (2 percent).
Russia, South Africa, and the United States were the top three countries in percentage of users attacked by Android
banking malware.
Additional findings from the report:
• Financial phishing decreased from 53.8 percent of all detected phishing to 44.7 percent, still accounting for
almost half of all detections.
• The share of phishing-related attacks on payment systems and online stores accounted for almost 14
percent and 8.9 percent, respectively, slightly less than in 2017.
• The share of financial phishing encountered by Mac users grew from 55.6 percent in 2017 to 57.6 percent.
• Zbot and Gozi are the most widespread banking malware families (26 percent and 20 percent,
respectively), followed by SpyEye (15.6 percent).
• The number of users who encountered Android banking malware more than tripled to 1,799,891 worldwide.
• Just three banking malware families accounted for attacks on the vast majority of Android users (around
85 percent).
(ATMmarketplace)
Kaspersky report tracks financial malware attacks
in 2018
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Ủy ban Quốc phòng và Nội vụ (PDIAC) thuộc Nghị viện Uganda đã yêu cầu Chính phù nước này đầu tư lớn để triển khai
chương trình phát hành hộ chiếu điện tử (ePassport). Theo PDIAC, Uganda sẽ cần phải đầu tư ít nhất 28 tỷ Shilling (khoảng
7,8 triệu USD) để thiết lập cơ sở hạ tầng ban đầu phục vụ hoạt động sản xuất hộ chiếu điện tử. Kinh phí cho toàn bộ dự án
sẽ vào khoảng 100 triệu USD. Dự án phát hành hộ chiếu điện tử, do Cơ quan Quản lý Công dân và Nhập cư Quốc gia của
nước này phụ trách, theo kế hoạch đã phải được triển khai từ tháng 1/2017, tuy nhiên dự án đã không thể thực hiện được
vì lý do thiếu vốn./.
(Security Document World)
Singapore thử nghiệm đăng ký cử tri điện tử bằng thẻ căn cước điện tử Singapore sẽ thử nghiệm hệ thống đăng ký bỏ phiếu mới được liên kết với thẻ căn cước thông minh. Cơ quan Bầu cử
Singapore (ELD) cho biết để đáp ứng yêu cầu của các phương tiện truyền thông, ELD sẽ thử nghiệm hệ thống quét mã vạch
ngay trên thẻ nhận dạng đăng ký quốc gia (NRIC) của các cử tri. ELD khẳng định hệ thống mới sẽ rút ngắn thời gian chờ
đợi cho các cử tri và giảm số lượng nhân viên phục vụ hoạt động đăng ký tại các điểm bầu cử. Theo ELD, cơ quan này dự
định thí điểm công nghệ đăng ký điện tử tại một cuộc bầu cử trong tương lai nhằm kiểm tra thủ tục và thu thập thông tin phản
hồi. ELD hiện vẫn chưa gọi thầu cho dự án thí điểm./.
(Security Document World)
Australia thử nghiệm công nghệ nhận dạng khuôn mặt tại
Đại hội Thể thao Khối Thịnh vượng chung Công nghệ nhận dạng khuôn mặt sẽ được sử dụng trong mạng lưới giao thông công cộng trong thời gian tổ chức Đại hội
Thể thao Khối Thịnh vượng chung 2018 (2018 Commonwealth Games) tại thành phố Gold Coast, bang Queensland, Australia
nhằm ngăn chặn nguy cơ khủng bố tại những khu vực công cộng và địa điểm thi đấu. Hệ thống nhận dạng tinh vi sẽ xác
định khuôn mặt của những kẻ tình nghi trong đám đông trên tàu, xe điện và xe buýt trong suốt 11 ngày diễn ra sự kiện. Hệ
thống này sẽ được kết nối với lực lượng phản ứng nhanh gồm cảnh sát và quân đội nhằm bảo vệ an toàn cho 1,5 triệu khán
giả tham dự sự kiện. 2018 Commonwealth Games sẽ được tổ chức tại thành phố Gold Coast, bang Queensland, Australia
từ ngày 4/4 đến ngày 15/4/2018. Cơ quan Cảnh sát Liên bang Australia chủ động đưa ra sáng kiến này bởi họ tin rằng Gold
Coast sẽ là thành phố hết sức phù hợp để thử nghiệm công nghệ do có được một hệ thống camera giám sát an ninh (CCTV)
chất lượng cao./.
(Planet Biometrics)
Mỹ: CBP kiểm soát xuất cảnh bằng công nghệ sinh trắc tại các sân bay Phó Cục trưởng Cục Hải quan và Biên phòng Mỹ (CBP), John Wagner cho biết cơ quan này sẽ triển khai chương trình kiểm
soát xuất cảnh sinh trắc bắt buộc, giúp xác định danh tính du khách nước ngoài khởi hành tại các sân bay trên lãnh thổ của
nước này. Thông báo trên được đưa ra vài tuần sau khi Bộ An ninh Nội địa Mỹ đưa ra báo cáo ước tính khoảng 629.000 du
khách tới nước này đã lưu lại quá hạn trong năm 2016 do thiếu một hệ thống kiểm soát xuất cảnh sinh trắc đồng bộ tại các
sân bay. CBP sẽ kết hợp hệ thốngnay vớiạng để hoàn thành các mục tiêu đề ra. Tuy nhiên, Phó Cục trưởng CBP thừa nhận
sẽ phát sinh một số vấn đề liên quan đến quyền riêng tư của cá nhân, đặc biệt khi sáng kiến nói trên cũng đề cập tới khả
năng áp dụng công nghệ nhận dạng khuôn mặt để chụp lại hình ảnh của các công dân Mỹ.
(Biometric Update)
New SimplyGo system to let bank cards
double up as public transport travel cards Commuters with Mastercard contactless bank cards can use it to pay for public transport rides under a new system to be launched on April 4. The SimplyGo platform will do away with the need to top up stored-value cards, with fares for rides reflected in commuters' credit or debit card bills, just like their retail purchases. Visa card holders will get the same convenience later this year, Senior Minister of State for Transport Janil Puthucheary said in Parliament on Thursday (March 7). "With SimplyGo, commuters will have the option of carrying one less card for transport and not having to do card top-ups," said Dr Janil. SimplyGo has been on trial by the Land Transport Authority (LTA) and Mastercard since March 2017, under its previous name Account-Based Ticketing. There will be no additional fees to use the system. Commuters interested in SimplyGo can register for an account and link their compatible bank cards on the TransitLink SimplyGo Portal, which is available online (simplygo.com.sg), or via the TL SimplyGo mobile app. Commuters can keep track of their travel expenditure and history through their accounts. Those without contactless bank cards can upgrade their existing travel cards - such as concession cards and ez-link - to tap into the SimplyGo system by the end of the year. LTA said more details of this will be announced later.
(Straitstimes)
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Millennials think cash will go away, but lack credit
savvy
Most (82 percent) millennials believe society will eventually become cashless, even though they're the
generation most likely to favor cash when traveling, according to a TD Bank Consumer Spending Index.
What's more, if their cashless payment method of the future is a credit card, that could be a problem, because
millennials lack healthy credit habits. For instance, the study found that among millennials who use credit cards:
Half use 31–90 percent of their credit limit, surpassing the recommended rate of 30 percent or less.
32 percent don't pay their cards off in full each month, which is costly and can damage credit health.
Despite being more likely than other generations to pay for a group outing in order to earn rewards, 30 percent
of millennials have let their credit card rewards expire, compared with 14 percent of Gen X-ers and 9 percent
of boomers.
A quarter of millennials do not know their credit score.
"The data is a bit concerning," Mike Kinane, head of U.S. bankcard at TD Bank, said in a press release. "We're
relying less and less on cash, and while credit cards may not be a millennial's payment method of choice, it's
still critical that they develop financial knowledge and habits to properly position themselves for sound credit
health down the road."
(ATMmarketplace)
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Cybercrime report: The rise of the mobile bot
According to a new cybercrime report, news has recently
emerged of the first machine learning generated
fingerprints. According to Wired.com, a group of computer
scientists from New York University’s engineering
department has managed to generate a series of “master
prints” that not only pass smartphone fingerprint sensors,
but can actually masquerade as prints from multiple users.
When evolving global regulations are mandating the use of
a “foolproof” biometric suite of strong authentication,
hackers are already cracking the codes that make them
penetrable. This calls into question the very meaning of
strong authentication; is anything really impenetrable?
How far should businesses rely on point solutions to protect
customer accounts and authenticate online payments? It
appears that the only reliable approach to smart
authentication is a layered solution that combines real-time
elements of a user’s unique behavioural pattern, with
customer focused, strong authentication that is inextricably
linked to their online customer journey.
Only then can businesses genuinely detect unusual or high-
risk scenarios before they pose a risk to security defences
and customer accounts. The swirling storm of privacy and
security continues to loom heavy on the horizon for every
digital business, with the first test cases from GDPR starting
to make headlines and the California Privacy Act likely not
far behind.
Nguồn ảnh: Internet
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
It is clear that consumers do not expect to
have to curtail their online transacting
behaviour in the quest to thwart cybercrime.
Yes, awareness campaigns around social
engineering and ransomware threats, for
example, are pivotal and non-negotiable.
But consumers do not expect fraud and
identity controls to interfere with the slick
and low-friction online experience they have
come to expect from their bank, social
media sites and trusted e-commerce
brands. The pressure is on businesses to
ensure they do not jeopardize customer
trust in the process of catching the criminals.
The ThreatMetrix Cybercrime Report: H2
2018 is based on actual cybercrime attacks
from July – December 2018 that were
detected by the ThreatMetrix Digital Identity
Network (The Network) during real-time
analysis and interdiction of fraudulent online
payments, logins and new account
applications.
(paymentscardsandmobile)
Consumers should expect the businesses they transact with to protect their online accounts and personal information, but
the line between security and data privacy continues to be tested in the process.
Consumers should expect the businesses they transact with to protect their online accounts and personal information, but
the line between security and data privacy continues to be tested in the process.
If 2018 began with businesses looking for new ways to better authenticate online users – particularly in Europe with the
evolution of PSD2 mandating stronger authentication on login and payments transactions – what lengths will the fraudsters
of 2019 go to circumvent this security framework? Networks, automation and the use of bots and machines seem central
to virtually all the predictions for how cybercrime will evolve this year.
Consider, for example:
• AI driven malicious chat bots / robots that can be used to dupe customers into divulging personal information
• Machine learning algorithms used to generate pitch-perfect, social engineering attacks based on real customer data
• IoT devices being taken over by external bots and used to spy on human interactions
• Networked global bot armies targeting multiple industries worldwide
• Networked fraud rings operating across industries – mules using financial services / telco / gaming and gambling
companies to siphon money
MK World of Cards ©2019 MK Group
Certificates & Industry membership
[email protected] www.facebook.com/mkgroup1999 (84-24) 6266 2703 - 513
Copyright© 2019 by MK Group
www.mkgroup.com.vn | [email protected] | www.facebook.com.vn/mkgroup1999
Hanoi: F11th, TTC Tower, 19 Duy Tan St., Cau Giay Dist. | Tel: (+84-24) 6266 2703
Hochiminh City: F7th, Thien Son Building, 5 Nguyen Gia Thieu St., District 3 | Tel: (+84-28) 3930 5023
Brian Honan, Chủ tịch BH Consulting, Dublin, Cộng hòa Ireland, cho biết trong 8 năm qua, ông đã liên tục đưa ra những
lời kêu gọi khắc phục 5 trường hợp bảo mật yếu kém điển hình lại Hội nghị Tội phạm mạng. Cụ thể là:
Mật khẩu yếu
Thiếu bản vá lỗ hổng
Phần mềm diệt virus lỗi thời
Thiếu sự giám sát
Sử dụng những hệ thống dễ bị tổn thương, chẳng hạn như ColdFusion, Windows XP, WordPress lạc hậu và những hệ
thống tương tự khác. Brian Honan dự báo 5 “căn bệnh mãn tính” nói trên sẽ vẫn tiếp tục hành hạ thế giới bởi vẫn còn
rất nhiều tổ chức tiếp tục sử dụng công nghệ lạc hậu.
3. Thêm nhiều nỗi lo về bảo mật điểm cuối
Một trong vụ việc nghiêm trọng nhất trong năm 2017 là sự bùng phát dữ dội của mã độc tống tiền WannaCry. Theo
Avivah Litan - Phó Chủ tịch và là nhà phân tích cấp cao của Gartner, WannaCry có thể đã bị chặn đứng nếu mọi người
được cung cấp bản vá lỗi. Tuy vậy các tổ chức vẫn phải đối mặt với thách thức từ công tác quản lý bản vá.
“An ninh điểm cuối khác với quản lý công nghệ thông tin. Điều đó có nghĩa là chúng ta luôn dễ dàng triển khai các hệ
thống nhưng sẽ gặp rất nhiều khó khăn khi chuyển đổi hệ thống sang trạng thái ngoại tuyến để tiến hành hoạt động
bảo trì hoặc dành ưu tiên cho những lỗ hổng cần phải vá lại. Và kết quả là có hàng loạt hệ thống tồn tại những điểm
yếu điển hình. Không bất ngờ khi 80% đến 90% mã độc tống tiền đã lợi dụng những lỗi chung này”, Avivah Litan cho
biết.
Để khắc phục tình trạng nói trên, theo Avivah Litan, tất cả các tổ chức cần phải sử dụng phần mềm diệt virus “mới nhất
và tốt nhất” bởi vì các thế hệ mới sẽ có khả năng phát hiện và phản ứng tốt hơn, đặt biệt là những sản phẩm dựa trên
công nghệ điện toán đám mây.