September 17, 2014 - Westin Harbour Castle Toronto Hotel
ISMG's Fraud Summit is a one-day event focused exclusively
on the top fraud trends impacting organizations and the
mitigation strategies to overcome those challenges.
Chief Technology Officer, ThreatMetrix
Manager, Product Marketing, RSA
Vice President - Editorial, ISMG
VP Product Management, FICO
Chief Technology Officer, Easy Solutions
Senior Analyst, Retail Banking Practice, Aite Group
Head of Cyber Intelligence, Deloitte & Touche
CEO & Co-Founder, Moki
Executive Editor, BankInfoSecurity & CUInfoSecurity
Head of Enterprise Fraud Strategy, RBC Bank
Dir., Canadian Banking Fraud Strategy & Analytics, RBC
Principal, Business Development Director, Turnkey Risk Solutions
CEO, Informatica Security, & Founder, KnowledgeFlow
Richard T. Rushing
CISO, Motorola Mobility
Todd G. Shean
Assistant Commissioner, Federal Policing Special Services, Royal Canadian Mounted Police
Director Fraud Programs, Interac Association/Acxsys Corp.
Chief Counterintelligence Expert, Carnegie Mellon University CERT Insider Threat Center
8:00am - 9:00am
Registration, Breakfast & Exhibits
9:00 AM - 10:00 AM
2014 Faces of Fraud Survey Presentation - Special Canadian Edition
We’ll start the day with a detailed review of BankInfoSecurity’s latest “Faces of Fraud” survey, focused on the Canadian market. Receive insights and expert analysis on such topics as:
- How are the areas of retail, payment card, in person, insider and mobile fraud evolving?
- Which aspects of the new Canadian legislation are most impactful in fighting fraud?
- Today's most predominant and damaging fraud incidents impacting banking institutions and their customers;
- New anti-fraud investments institutions are making to thwart the fraudsters and satisfy the demands of regulatory agencies.
Help Benchmark How Organizations Will Address Risks in 2015. Participate in the 2014 Faces of Fraud: Special Canada Edition Survey
10:00am – 11:00am
Call Center Fraud: The Latest Scams and Strategies - Voice Biometrics and Caller Validation
Contact centers increasingly are the key “soft” targets for fraudsters who impersonate legitimate customers to alter or obtain information. This information is then used to facilitate direct and cross-channel fraud, which can be very difficult to tie back to the call-center entry point. How do fraudsters conduct these attacks, and how can financial institutions fight back with voice biometrics and other technology solutions? Learn:
- How can I protect my call centers from attack?
- The social engineering techniques fraudsters use to deceive call-center staff;
- How this information leads to direct or cross-channel fraud – and why it’s so tough to track;
- How new voice biometric solutions can help reduce call center-related fraud.
Understanding The Identity Risks You Experience, not the risks you perceive. Identity Theft and Synthetic Identity
Identity theft - or impersonation - is a well-established form of identity risk but first party fraud, and synthetic identities in particular are fast growing and insidious threats that bring with them economic loss for financial institutions, as well as risks of regulatory censure when synthetic identities pass Know Your Customer (KYC) checks during the onboarding process. Learn why organizations across the KYC landscape need to understand the nuanced threats if they are to develop coherent tools remediate them. This session will answer questions such as:
- How to define – and understand – the problem you need to solve for (or why definitions matter!)
- Understanding the ramifications of Synthetic Identities to Know Your Customer (KYC) controls
- What You need to demand of your institution, your vendors, and your compliance programs.
Presenter: Richard Parry - Principal, Business Development Director, Turnkey Risk Solutions;
11:00am – 11:20am
11:20am – 12:30pm
The Fraud Ecosystem, the Deep Web & Creating Actionable Intelligence
In June this year the “Ronald Reagan” batch of credit cards (potentially those stolen from PF Chang’s) joined the “Barbarossa” batch from Target in becoming publicly available for purchase. Featured on the popular Rescator card shop (stolen card data marketplace), with advanced features like money back guarantees, pricing tiers (where Canadian bank cards demanding some of the highest prices) and cardholder zip code grouping. This is indicative of the broad, deep and sophisticated underground “Fraud as a Service” network currently in operation. In this in-depth update session we will learn:
- How is this underground economy structured?
- How is the ‘Deep Web’ being utilized for fraud?
- What Threat Intelligence can we gather from it?
Collecting security and fraud related data from multiple sources can often just result in creating a very large pool of unrelated facts. But begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence, indicative of a real and active threat. This session will answer questions such as:
- How can I create Actionable Intelligence from data feeds?
- How will emerging threat information exchange specifications such as TAXII/STIX effect our ability to collect and share standardized threat information with the broader community.
- How do I best select and combine internal context and event information with the various open source and commercial external threat intelligence feeds available?
12:30pm – 1:30pm
1:30pm – 2:30pm
Mobile banking is growing out of its infancy and experts predict it will soon be the dominant banking and payments channel. With the vast array of endpoints being utilized, how are the threats of rogue mobile apps, mobile malware and SMiShing evolving? What are the risks inherent in mobile payments? This session reviews these emerging mobile malware threats, their impact on banking institutions and the latest technology solutions to help mitigate the risks.
Insider Fraud Detection - The Appliance of Science
See the startling results of meticulous analysis of hundreds of real life insider attacks and learn about new technologies that are able to detect the anomalous behavior patterns often before fraud occurs.
The analysis results clearly indicate that contrary to the majority of headlines, stealthy insiders pose a huge fraud risk to organizations, flying far under the radar for extended periods of time. These insiders are often senior, trusted staff with privileged access to accounts and valuable data. Alternately, innocent employees become pawns when they fall victim to social engineering or targeted attacks that lead to fraud. The following questions will be answered:
- How can I predict and/or detect an internal attack?
- What is the ratio of internal to external fraud attacks and their associated value?
- What types of attacks do internal actors carry out and why?
Presenter: Michael Theis - Chief Counterintelligence Expert, Carnegie Mellon University CERT Insider Threat Center;
2:30pm – 2:50pm
2:50pm – 3:50pm
Real World Applications of Big Data Analytics - Social Network Analysis and Post Breach Fraud Detection
Big Data – everyone is talking about it, but what are organizations actually doing with it to detect and prevent fraud? Despite the hype, there are many powerful, targeted applications for the analysis of large amounts of gathered data. In this session, we will look at two focused use cases that are currently providing significant real-world value.
- Social Network Analysis – see a leading-edge practitioner run review of how an analytics engine can be focused to detect in-person fraud by looking for anomalies in credit applications.
- Post Breach Fraud Detection - see the latest methods of transaction analysis to detect fraud related to stolen identities and credit information.
Fraud Management – Real Time Fraud Analytics to reduce friction and improve the Customer Experience
Real-time, customer-centric fraud prevention starts with transforming fraud management into an area of competitive advantage. Innovations in analytics and the ability to respond in real-time are now allowing financial services organizations to effectively address various fraud issues across their products and at the same time, deliver services to customers on the terms they demand which should be both frictionless and non-invasive. This session will highlight the current trends in fraud management as well as insights on groundbreaking analytic technologies – multi-layered self-calibrating analytics and adaptive analytics – that are changing the way fraud systems decode your customers' behavior in real-time so you can reduce false positives and respond as your customers expect.
Join this session to gain insights on:
- Role of Big Data in fraud management
- Reducing false positives and improving the customer experience
- How fraud alerts can drive customer loyalty
Presenter: T.J. Horan - VP Product Management, FICO;
3:50pm – 4:00pm
4:00pm – 4:45pm
Challenges and Opportunities in Combatting Cyber Fraud in Canada
The vast majority of apprehended cyber fraudsters are not successfully prosecuted, in large part due to a body of law unprepared for the challenges of handling modern, high tech crime.
Now, with comprehensive updates and unprecedented reforms to privacy law, anti-malware, banking, financial reporting legislation the Canadian legal system may be better positioned to identify, convict and deter more cybercriminals than ever before.
This exclusive expert panel discussion will expose:
- The key aspects of current & upcoming legislation for prosecuting cyberfraud
- How best to prepare for the changes (i.e. evidence protection, breach investigation)
- How does the international legal landscape compare with the Canadian system
Presenter: Claudiu Popa - CEO, Informatica Security & Founder, KnowledgeFlow;
Fraud Investigations: How to Work Effectively with Law Enforcement and Government
Public sector organizations need to better understand the driving forces, priorities and procedures within the organizations they “protect”, but equally as important is that the private sector organizations reciprocate and understand the how, what and why of the law enforcement/public body process.
This mutual understanding of each other’s missions is pivotal to positive and impactful collaboration. This session walks through a framework of how these relationships can be built and the positive impact on a variety of objectives highlighting the role of the Private Sector Liaison Committee of the Canadian Association of Chiefs of Police.
Panelists: Mark Sullivan - Dir. Fraud Programs, Interac Association & Acxsys Corp; Todd G. Shean - Co-Chair PSLC - Assistant Commissioner Federal Policing Special Services, Royal Canadian Mounted Police;
4:45pm – 6:00pm
Cocktail Hour & Networking
The Westin Harbour Castle Toronto Hotel
1 Harbour Square
Toronto, ON M5J 1A6
Phone: (416) 869-1600
Hotel Reservations: 888-627-8559
The Westin Harbour Castle Toronto Hotels located on the vibrant waterfront of Lake Ontario and features refreshing accommodations in Canada's largest city. Our hotel invites you to revel in the season as you walk through Toronto's theatre and entertainment districts and to find delight in all the seasonal fun the nearby Harbourfront Center has to offer.
The ISMG Fraud Summit Series is made possible through the support of it's sponsors: