BITS addresses issues at the intersection of financial services, technology and public policy, where industry cooperation serves the public good, such as critical infrastructure protection, fraud prevention, and the safety of financial services. BITS is the technology policy division of The Financial Services Roundtable, which represents 100 of the largest integrated financial services companies providing banking, insurance, and investment products and services to the American consumer.

Highlights

  • CTO Corner: Cyber Security Trends

    This column reviews cybersecurity technology tools and best practices in use today, discusses areas that need improvement, and introduces some promising trends. Today’s cybersecurity tools and best practices can be organized under the five functions (Identify, Protect, Detect, Respond, and Recover) using the categories in the recently-issued NIST Cybersecurity Framework. Read more

    March 2014

  • CTO Corner: EMV, PCI DSS and the Role of Standards in Financial Services

    This article focuses on two security standards -- Europay, MasterCard and Visa (EMV) and Payment Card Industry Data Security Standard (PCI DSS) -- with respect to their roles in combatting credit and debit card fraud and fending off cyber-attack. They are not the only important standards relating to payments, but they are the key ones for credit and debit cards, and are the ones most discussed in relation to the recent data breaches at retailers such as the massive Target breach that was revealed in December 2013. Read more

    February 2014

  • CTO Corner: The Past Year in Prospective: What Might the Future Hold in Store for Financial Services

    We have seen a lot of change in the past year including Distributed Denial of Service (DDoS) attacks on banks, the NIST Cyber Security framework, proposed Cyber legislation, the NSA disclosure, the rise of Bitcoin, the continued growth of mobile with the emergence of internet-enabled devices including the Google Glass, smart watches such as Pebble and activity trackers such as Fibit, the growing popularity of biometrics such as the Apple’s fingerprint touch ID, Google gesture apps and gesture control, and the Internet of Things. 2013 also marked the first time the non-human traffic in the internet exceeded human traffic. As we ring in the New Year, this is an opportunity to ponder how these trends may evolve and impact the financial services sector in the years to come. Read more

    January 2014

  • FSSCC Letter Submitted to NIST on the Preliminary Cybersecurity Framework

    On December 13, FSSCC submitted a letter to NIST on the Preliminary Cybersecurity Framework. NIST is in the process of evaluating all responses, which are available at http://csrc.nist.gov/cyberframework/preliminary_framework_comments.html. We will continue to work with NIST through the process. The final Framework is anticipated in early February. Read the Letter

    December 2013

  • BITS Testifies on Digital Currency

    BITS President Paul Smocer testified to the Senate Banking Subcommittees on the opportunities and risks of digital currencies, specifically Bitcoin. Senators discussed their concerns with digital currencies and the potential need to increase regulation. Full testimony

    November 2013

  • BITS Mortgage Servicing Fraud Employee Toolkit

    The toolkit provides awareness and education for employees of financial institutions. It examines common mortgage servicing fraud schemes, identifies red flags and best practices, and provides tools and tactics for employees to leverage as they work to recognize these threats when dealing with customers. Read more

    October 2013

  • BITS Mobile Technology - Layered Security Model

    The BITS Mobile Technology Layered Security Model supplements the previously published BITS Mobile Financial Services Threat Assessment. The model is a tool for financial services leaders to manage risks associated with mobile banking services, including understanding the risks, corresponding controls, and the dynamics of the mobile ecosystem. Read more Press release

    June 2013

  • Fraud Advisory on Questionable Tax Refund Scenarios

    BITS created a fraud advisory on questionable income tax refunds, oulining suspect scenarios, details and characteristics of the scenarios, red flags, and detection and prevention strategies for financial institutions that process tax refund deposits. It is meant to help institutions recognize scenarios that are potentially fraudulent. The advisory was developed in collaboration with the Internal Revenue Service (IRS) and the BITS Fraud Reduction Program.

    April 2013

  • Social Media Guidance Comments to FFIEC

    On March 25, BITS filed comments to the Federal Financial Institutions Examination Council (FFIEC) on the proposed Social Media: Consumer Compliance Risk Management Guidance. The letter requests a more specific definition of social media, identifies implementation challenges as social media sites are defined by Terms of Use and not contracts, and asks for specific clarifications to the summaries on applicable consumer regulations. Read more

    March 2013

  • Financial Top Level Domains (fTLDs)

    fTLD Registry Services, LLC (fTLD), a joint venture between The Financial Services Roundtable and the American Bankers Association, submitted applications to the Internet Corporation for Assigned Names and Numbers (ICANN) to operate two generic Top Level Domains (gTLDs), .bank and .insurance, on behalf of the financial services industry. If awarded, consumers will be assured they are accessing legitimate financial companies and transacting through the most secure cyber environment available today. [Press Release] [BITS gTLD History] [fTLD wewbsite]

    May 2012