BITS, the technology policy division of FSR, addresses emerging technology and operational opportunities for the financial services industry. It has the expertise to help FSR’s members manage risk particularly in cybersecurity, fraud reduction, vendor management and critical infrastructure protection. BITS helps shape public policy coming out of Washington and helps companies understand and stay ahead of the latest public policy issues. Because of its diverse membership, it facilitates collaboration to improve the e-commerce environment for member companies in ways that nobody else can.

Highlights

  • CTO Corner: The Future of Payments

    Over the last few years, we have seen a growing number of new innovative product offerings in the payments area. Three events are contributing to this accelerating rate of innovation: the rapidly growing popularity and use of the mobile channel, the growing threat of fraud and cyber-attack, and a global push for more real-time payments. This article discusses this diverse range of payment innovations with respect to their applicability to physical and virtual payments, the players involved, and the value they provide (or threat they pose).
    Read more

    July 2014

  • CTO Corner: Biometrics and its Emerging Role in Financial Services

    This article updates the September 2011 CTO Corner on the state of biometrics and its impact on financial services. At that time, biometrics was employed in specialized areas such as law enforcement and anti-terrorist surveillance and the article queried whether biometrics would be deployed on a large scale in mainstream markets, such as financial services. We concluded that it was premature to make that judgment with a caveat that it would be dependent on the deployment of smart phones and tablets equipped with built-in biometrics sensors.
    Read more

    June 2014

  • CTO Corner: Financial Top-Level Domains: Opportunity to Improve Internet Security

    The financial sector is seeking to secure from the Internet Corporation for Assigned Names and Numbers (ICANN) two top-level domain names (.bank and .insurance). If successful, this investment could significantly improve Internet security for financial institutions. This article provides background on efforts to secure .bank and .insurance and what it could mean for the financial sector and consumers.
    Read more

    May 2014

  • CTO Corner: Cyber Security Trends

    This column reviews cybersecurity technology tools and best practices in use today, discusses areas that need improvement, and introduces some promising trends. Today’s cybersecurity tools and best practices can be organized under the five functions (Identify, Protect, Detect, Respond, and Recover) using the categories in the recently-issued NIST Cybersecurity Framework. Read more

    March 2014

  • CTO Corner: EMV, PCI DSS and the Role of Standards in Financial Services

    This article focuses on two security standards -- Europay, MasterCard and Visa (EMV) and Payment Card Industry Data Security Standard (PCI DSS) -- with respect to their roles in combatting credit and debit card fraud and fending off cyber-attack. They are not the only important standards relating to payments, but they are the key ones for credit and debit cards, and are the ones most discussed in relation to the recent data breaches at retailers such as the massive Target breach that was revealed in December 2013. Read more

    February 2014

  • CTO Corner: The Past Year in Prospective: What Might the Future Hold in Store for Financial Services

    We have seen a lot of change in the past year including Distributed Denial of Service (DDoS) attacks on banks, the NIST Cyber Security framework, proposed Cyber legislation, the NSA disclosure, the rise of Bitcoin, the continued growth of mobile with the emergence of internet-enabled devices including the Google Glass, smart watches such as Pebble and activity trackers such as Fibit, the growing popularity of biometrics such as the Apple’s fingerprint touch ID, Google gesture apps and gesture control, and the Internet of Things. 2013 also marked the first time the non-human traffic in the internet exceeded human traffic. As we ring in the New Year, this is an opportunity to ponder how these trends may evolve and impact the financial services sector in the years to come. Read more

    January 2014

  • FSSCC Letter Submitted to NIST on the Preliminary Cybersecurity Framework

    On December 13, FSSCC submitted a letter to NIST on the Preliminary Cybersecurity Framework. NIST is in the process of evaluating all responses, which are available at http://csrc.nist.gov/cyberframework/preliminary_framework_comments.html. We will continue to work with NIST through the process. The final Framework is anticipated in early February. Read the Letter

    December 2013

  • BITS Testifies on Digital Currency

    BITS President Paul Smocer testified to the Senate Banking Subcommittees on the opportunities and risks of digital currencies, specifically Bitcoin. Senators discussed their concerns with digital currencies and the potential need to increase regulation. Full testimony

    November 2013

  • BITS Mortgage Servicing Fraud Employee Toolkit

    The toolkit provides awareness and education for employees of financial institutions. It examines common mortgage servicing fraud schemes, identifies red flags and best practices, and provides tools and tactics for employees to leverage as they work to recognize these threats when dealing with customers. Read more

    October 2013

  • BITS Mobile Technology - Layered Security Model

    The BITS Mobile Technology Layered Security Model supplements the previously published BITS Mobile Financial Services Threat Assessment. The model is a tool for financial services leaders to manage risks associated with mobile banking services, including understanding the risks, corresponding controls, and the dynamics of the mobile ecosystem. Read more Press release

    June 2013

  • Fraud Advisory on Questionable Tax Refund Scenarios

    BITS created a fraud advisory on questionable income tax refunds, oulining suspect scenarios, details and characteristics of the scenarios, red flags, and detection and prevention strategies for financial institutions that process tax refund deposits. It is meant to help institutions recognize scenarios that are potentially fraudulent. The advisory was developed in collaboration with the Internal Revenue Service (IRS) and the BITS Fraud Reduction Program.

    April 2013

  • Social Media Guidance Comments to FFIEC

    On March 25, BITS filed comments to the Federal Financial Institutions Examination Council (FFIEC) on the proposed Social Media: Consumer Compliance Risk Management Guidance. The letter requests a more specific definition of social media, identifies implementation challenges as social media sites are defined by Terms of Use and not contracts, and asks for specific clarifications to the summaries on applicable consumer regulations. Read more

    March 2013

  • Financial Top Level Domains (fTLDs)

    fTLD Registry Services, LLC (fTLD), a joint venture between The Financial Services Roundtable and the American Bankers Association, submitted applications to the Internet Corporation for Assigned Names and Numbers (ICANN) to operate two generic Top Level Domains (gTLDs), .bank and .insurance, on behalf of the financial services industry. If awarded, consumers will be assured they are accessing legitimate financial companies and transacting through the most secure cyber environment available today. [Press Release] [BITS gTLD History] [fTLD wewbsite]

    May 2012