biometric authentication high-value trading blockchain legal non-repudiation

Taking Bold Steps to Protect High-Value Trading

Trader fraud is on the rise. Last year, the Security and Exchange Commission announced it filed 868 enforcement actions exposing financial reporting-related misconduct by companies and their executives. The announcement noted that 2016 had the most ever cases involving investment advisers or investment companies (160) and the most ever independent or standalone cases involving investment advisers or investment companies (98).

As the SEC findings suggest, fraud is prevalent in banks today. Google “trader fraud” and there will likely be a recent news story on it describing how one individual (or a bank) committed the crime. So, what’s promoting the rise in fraudulent transactions?

The Ease of High-Value Trading Fraud

The truth is, when it’s an inside job, trader fraud is “easy” to pull off. Standard practice is to have an employee authenticate the trade by inputting a password (either their own or a generated “one-time password”) or using a token. But, if the news has taught us anything over the past year and more – passwords can very easily be hacked or stolen. So if a trader approves a fraudulent trade and gets caught, they can easily deny having made the transaction. Using these current methods, there’s no way to prove otherwise: after all, someone indeed could have stolen it and used his account to authorize the transaction.

Passwords and tokens are insufficient security measures in themselves because they cannot authenticate who requested the authorization. If a trader is required to authenticate a trade with a biometric identifier – like a fingerprint – there would be no question about its ownership. Biometrics provide the legal non-repudiation needed to significantly reduce trading fraud.

Biometric Authentication & Legal Non-Repudiation

Biometrics alone, however, may not even be enough. If financial institutions truly wish to practice strong security measures, they will adopt the one-two punch of biometrics and blockchain. With biometrics, we can prove transaction signing is safer, but if the log itself is rewritten – biometrics cannot protect against that. This is where blockchain comes in: adopting blockchain to store signed transactions makes the log decentralized, untouchable, and more importantly – transparent.

Don’t Forget Blockchain

At its simplest, blockchain is a decentralized, global notary ledger. Information recorded on the blockchain can be later retrieved, verified, exchanged, transferred, decrypted, or used as a proof of possession, non-repudiation, or for attestation depending on the use case and context. If blockchain technology is used, fraudulent transactions could have never taken place. Even if, say, someone could replicate someone’s biometrics, with blockchain, the fraudulent activity would be recorded for everyone to see.

With increasingly sophisticated techniques used by hackers, adopting cutting-edge technology to thwart these efforts is no longer optional for banks and financial institutions – it’s an operational imperative. This is particularly true when protecting against trader fraud. Top-notch security measures like these make it not only incredibly difficult to commit fraud, but also discourage those from taking practice in it. Fraudulent transactions cost banks – and individuals – millions each year. Let’s stop trader fraud in its tracks with adopting the best-of-the-best security practices.

This article appeared originally on FinExtra.

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

The Largest Internet Company in Mexico Taps Tec360 and Veridium for Trusted Phishing Resistant Passwordless Authentication and to secure Okta SSO A top provider of


Veridium The True Passwordless Enterprise

Veridium The True Password-less Enterprise In February 2017 when I joined Veridium as CPO, I recognised and appreciated one of the biggest challenges for Enterprise