Phishing in the Cloud restricts paperless adoptionPublished on 08 Nov 2011
Customers fear losing control as cloud data breaches and phishing scam reports continue to hit the headlines
It’s no secret that fraudsters are ‘cashing in’ on today’s explosive electronic migration. As more customer data and documents are moved to the “Cloud”, the security requirements and risks are becoming more onerous. Increasingly, customer data is being exposed online, as cost and environmental concerns drive paperless adoption. The result is a shift in risks from the corporation to the consumer.”We can’t stop fraud, but we can address the burning issues by recommending solutions that offer both customer convenience and peace of mind,” explains Michael Wright, CEO, Striata.
Today, billing companies are investing heavily in hopes of drawing consumers into the electronic revolution, but ongoing reports of phishing scams and data breaches are making consumers nervous about going ‘paperless’. “Consumers feel that by converting to eBilling, they are ultimately losing control over their bill or statement and fear that their online accounts could be hacked, changed or even deleted, leaving them with no record of usage or bill pay activity,” says Wright.
Many customers login monthly to download a copy of their statement, to ensure that they have control over their own information. In addition, this reduces the angst of moving providers and the risk of losing access to years of personal information.
When considering security and risk, ‘Push’ eDocument delivery is the best option
Delivering an encrypted copy of each statement directly to the customer’s email inbox completely eliminates the need for the customer to login online. This is because authentication is an offline process, with no sensitive data passing over the internet. Customers can print or save (in an encrypted format) a complete history of their relationship with their bank or biller, rather than consolidating all history and activity in one place. This dilutes the threat of criminals looking to hack eBilling portals.
Wright points out that with additional security features, such as including an authentication section at the top of emails, digital signatures and email personalization, the customer’s fears of phishing are alleviated. It is not possible for a phisher to have the detailed, personalized information included in the email, nor the secure attachment. Because customers can also decrypt, view and save documents offline, security threats of malware and spyware are also reduced.
Furthermore, payments can be made directly from within the encrypted document, without the need to enter sensitive payment information onto an untrusted website.
Secure document delivery creates secure links
Billers provide self serve portals for customers to view document history and make payments. Securing access to this data is a constant balancing act between strong security and ease of use. Hackers see the mountains of data as honeypots of information for phishing and fraud.
While delivering email bills to customers eliminates the need to pay at the biller site, it still offers them the option to do so – the difference being that it does so from a protected, secure link instead of from within an unprotected email.
Trusted links within the email bill provide an extra layer of security to prompt customers to view their billing history, manage an account, or respond to marketing promotions, thus driving qualified authenticated traffic to biller website self-service portals.
The convenience of email bill presentment directly from within the inbox, ensures a greater level of comfort for customers in dealing with the biller electronically, thus making it an easier transition when pulling them to an online self-service portal.
“By eliminating security concerns with the protections associated with secure electronic document delivery, combined with the convenience of email bill presentment and payment, customers are encouraged to take advantage of the time saving self-service options available online,” concludes Wright.