sponsored by
Friday, September 14, 2007 Home | News | Opinion | Classifieds | Search | Contact Us


News
News Update
Business Wire
Press Releases
Economy
Business Life
Opinion
Legal Center
Classifieds
Executive Calendar
Networking Calendar
Subscribe
Archives
Get on the list
Contact Us
Links
Media Kit
Home

SPONSORED LINKS

A third of business expenses fraud-related, exec says

Half of all business fraud considered inside jobs

BY VALERIE MILLER

Securing an account with an automated teller machine card and secret personal identification number might have been fine 20 years ago, but today's criminals are far too sophisticated for that. Banks and other corporate entities must change their practices if they want to combat rampant fraud.

That was the message from John Sculley, chairman of identity authentication company IdenTrust and former CEO of Apple and PepsiCo Inc. The executive was in Las Vegas to speak before business people at an event sponsored by Western Payments Alliance. He advised the crowd on ways to prevent their companies from falling victim to identity theft and other fraud.

"Phishing, pharming and various entities are stealing money and the need for authentication is very important," he said after his speech at Harrah's. "The amount of fraud is in the billions of dollars."

JEFERSON APPLEGATE | BUSINESS PRESS
John Sculley, former CEO of Apple and PepsiCo Inc., is chairman of identity authentication company IdenTrust. The executive was in Las Vegas to speak before businesspeople at an event sponsored by Western Payments Alliance.

Phishing happens when a fraudster dupes someone, usually by e-mail, to give up personal information such as credit cards, passwords and user names. Pharming happens when a fraudster redirects traffic from a legitimate Web site to a bogus one.

Fraud of all kinds is out of control, Sculley said. Medicare fraud amounts to $21 billion a year, and improper government payments have reached $44 billion a year, he continued. Another $87 billion was racked up by the Department of Defense in improper payments, he said, referring to numbers from the U.S. Government Accountability Office.

The expansion of electronic and online commerce, particularly banking and shopping, has created more opportunities for fraud.

"Seventy-two percent of corporations experienced fraud or attempted fraud in 2006. That was up from 68 percent in 2005," he pointed out. Employers need not look too far for the culprits, either; employees were responsible for about half the cases involving fraud. That leads to increased financial responsibility by the companies.

More disturbing, Sculley said, an average 35 percent of a company's operating costs go to cover fraud-related expenses. As wire transfer payments increased, so did the amount of fraud in 2006, according to the Federal Trade Commission. Twenty-three percent of consumers reported fraud incidents related to wire transfers in 2005, an 8 percent increase from the year before.

Unfortunately for banks and other financial institutions, they pay for the brunt of the crime. "Financial institutions were financially responsible for two thirds of the losses in 2006," Sculley said.

Banks tend to take the losses because their systems aren't secure enough, and haven't kept up with the times, according to Andrea Klein, the chief marketing officer for IdenTrust. The financial institutions have the ATM cards and PIN numbers, but often fail to put the proper authentication procedure in place to ensure its the right person accessing the account.

Sculley said companies fail when they don't know their customers.

Businesses can be lax when it comes to in-house security, Klein cautioned. The belief that threats come from the outside, rather than from internal sources, leads to a false sense of security.

"The most common way this happens is that you go into corporate offices and they put passwords on little yellow stickies (on computers), as if just because the door is locked, they can put the password on the machine," she said. "In an office, there is lots of turnover."

Sculley credits his new company, IdenTrust with "building a global identification network that was about eight years ahead of its time."

IdenTrust promotes a digital identification certificate that uses more than one factor to identify a person. The factors can include "something you have" (a smart card or token), "something you know" (a password), and "something you are." The latter includes biometric options such as a iris scan or fingerprint.

Klein recommends using at least two of the three identification factors. She said banks are in the best position to do that.

"The banks need to put the infrastructure in place and do the identification authentication," she said.

Corporations should work with their financial institutions to get the authentication. The certificate is downloaded and comes from the bank, Klein said.

The fraud protection needs to be international, she added. "If you are buying something from a company in Austria, you want to make sure that you are buying something from a real company."

Whatever measures banks put into place, it is overdue, Klein concluded. "They haven't fallen down, but they haven't kept up with the fraudsters."

vmiller@lvbusinesspress.com

387-5286

Search Classifieds:



Copyright © 2009, Las Vegas Business Press | Privacy Policy