October 21, 2014 - Hilton Meadowlands
ISMG's Fraud Summit is a one-day event focused exclusively
on the top fraud trends impacting organizations and the
mitigation strategies to overcome those challenges.
Vice President of Marketing, Pindrop Security
Sr. Systems Engineer, Fraud Prevention, Kaspersky Lab
Inspector, U.S. Postal Inspection Service
Todd T. Brungard
Vice President & BSA Officer, Peapack-Gladstone Bank
Executive Editor, GovInfoSecurity & InfoRiskToday
Special Agent, U.S. Secret Service
Chief Marketing Officer, Webroot
Chief Products Officer, ThreatMetrix
Vice President - Editorial, ISMG
CMO, Argyle Data
Chief Scientist, Flashpoint
Director, Fraud Prevention Solutions, Easy Solutions
Executive Editor, BankInfoSecurity & CUInfoSecurity
Security Solutions Architect, F5 Networks
Attorney for Fraud Victim PATCO Construction
VP and General Manager, Global Fraud and Security Solutions, FICO
SVP Payment System Risk, Visa Inc.
Director of Operations and Strategy, Brighterion
Analyst, Aite Group
Transitioning General Manager, PCI Security Standards Council
Former Chief IP Networks Partner, R&D and Head of Service Platform, Vodafone
IT Threat Strategist, RSA
Insider Threat Research Team Technical Lead, CERT
Vice President of Client Solutions, Verint
Senior VP Fraud Management, Citizens Financial Group
8:00 am - 9:00 am
Registration & Breakfast
Part 1 - Fraud Ecosystem
In June this year, the "Ronald Reagan" batch of credit cards (potentially those stolen from P.F. Chang's) joined the "Barbarossa" batch from Target in becoming publicly available for purchase. These cards were featured on the popular Rescator card shop (stolen card data marketplace), which offers advanced features like money-back guarantees, pricing tiers and cardholder zip code grouping. This is indicative of the broad, deep and sophisticated underground "Fraud as a Service" network currently in operation. In this in-depth update session, we will learn:
- How is this underground economy structured?
- How is the 'Deep Web' being utilized for fraud?
- What Threat Intelligence can we gather from it?
Part 2 - Threat Intelligence
Collecting security- and fraud-related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat. This session will answer questions such as:
- How can I create Actionable Intelligence from data feeds?
- How will emerging threat information exchange specifications such as TAXII/STIX effect our ability to collect and share standardized threat information with the broader community.
- How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?
Eric Thompson - IT Threat Strategist, RSA.
Adversarial Machine Learning for Fraud Detection: How Can Organizations Benefit from the Pioneering Work of the NSA and Facebook?
How is technology evolving to analyze multiple and massive streams of data in real time to detect fraudulent activity? The NSA has pioneered data collection techniques at a staggering scale, potentially monitoring all activity for an entire country. Facebook has pioneered adversarial machine learning fraud detection into an "immune system" that can carry out tens of billions of checks per day to find patterns where the fraudsters are purposefully trying not to create any. We will discuss how the combination and augmentation of these technologies with deep packet inspection enables organizations to deploy them. We will also learn how such a solution could:
- Analyze sparsely populated data sets that may have millions of distinct features;
- Learn what a negative pattern is where none existed before;
- Perform this analysis in real time and at a massive scale.
Payment card fraud remains a top challenge for financial institutions. The latest wrinkle: Breached retailers such as Target and Home Depot, whose compromises led to wholesale card fraud. Card issuers absorb increasing losses linked to debit and credit fraud, yet they have little control over the third-party points of compromise. Hear how institutions are fighting back with behavioral analytics, merchant/customer education campaigns and detection technologies that trace fraud back to the point of compromise. And take a look at the future, post-EMV, and see what new waves of payment card fraud merchants and banking institutions can expect to see.
Traditionally, big data, analytics and visualization tools have been used after the fact to analyze fraud and security breaches. In this session, we will demonstrate the proactive use of these technologies to help prevent these attacks from occurring in the first place.
Leveraging findings from massive scale, real-life global network activity and transaction monitoring, we will discuss:
- How big data analytic modeling can be used to visualize the scope of both device and online persona threats;
- How to generate sophisticated transaction risk assessments by analyzing the context and patterns of prior visitor behavior;
- How to create indicators of cyber fraud activity by detecting malware infections, VPN and proxy masking, MitB and phishing detection and bot detection.
Alisdair Faulkner - Chief Products Officer, ThreatMetrix.
Fraud Management: Real Time Fraud Analytics to Reduce Friction and Improve the Customer Experience
Real-time, customer-centric fraud prevention starts with transforming fraud management into an area of competitive advantage. Innovations in analytics and the ability to respond in real-time are now allowing financial services organizations to effectively address various fraud issues across their products and, at the same time, deliver services to customers on the terms they demand - which should be both frictionless and non-invasive. This session will highlight the current trends in fraud management as well as insights on groundbreaking analytic technologies - multi-layered self-calibrating analytics and adaptive analytics - that are changing the way fraud systems decode your customers' behavior in real-time so you can reduce false positives and respond as your customers expect.
Join this session to gain insights on:
- The role of big data in fraud management;
- Reducing false positives and improving the customer experience;
- How fraud alerts can drive customer loyalty.
Anant Nambiar - VP and General Manager, Global Fraud and Security Solutions, FICO.
Part 1 - Leveraging Global Threat Intelligence to Secure Mobile Banking
To secure our growing dependence on mobile devices, it is critical that we keep a constant eye on the current threat landscape. Only by continuously monitoring and analyzing malicious activity can an appropriate defense be crafted. There are now more than 10 million malicious apps in circulation, and many of them are very effective at their fraudulent objectives. In this session, see how "knowing your enemy" can lead to effective detection and denial of those objectives.
Part 2 - Bitcoin and the Risks of Virtual Currencies
Online transactions come with a litany of risks, and in the case of traditional credit card payments, the merchants are saddled with all of them when fraudulent transactions come to light. Accepting Bitcoin offers one very important upside for merchants: no chargebacks. This is a big deal for online merchants that are constantly having to revise their risk-mitigation strategies to address their Achilles' heel - online fraud.
As a consumer, though, holding Bitcoins still comes with great risks, primarily because Bitcoin is an ill-defined, unregulated, uninsured, highly volatile cryptocurrency that few people understand well enough to use.
In this session, Aite's Nathalie Reinelt offers fresh insight into:
- What Bitcoin is (and isn't);
- How Bitcoin works;
- The key risks, including the volatility of the virtual currency, why it's attractive to criminals, and the security risks for consumers.
A must-see briefing for security leaders who need to learn more about what some call the future of electronic payments.
2 Meadowlands Plaza
East Rutherford, NJ 07073
The Hilton Meadowlands hotel near MetLife Stadium offers a convenient location minutes from New York City. This high-rise East Rutherford hotel provides easy access via complimentary shuttle service to public transportation and major highways, making it easy to reach New York City. Guests at this welcoming hotel near Secaucus, NJ, enjoy proximity to numerous shopping and dining options and the best sports and entertainment venues in New Jersey.
The ISMG Fraud Summits are made possible through the support of their sponsors