A spate of hacking attacks on U.S. companies over the past two years has caused insurers to massively increase cyber premiums for some companies, leaving firms that are perceived to be a high risk scrambling for cover.
On top of rate hikes, insurers are raising deductibles and in some cases limiting the amount of coverage to $100 million, leaving many potentially exposed to big losses from hacks that can cost more than twice that.
“Some companies are struggling to find the money to buy the coverage they want,” said Tom Reagan, a cyber insurance executive with Marsh & McLennan Co’s Marsh broker unit.
The price of cyber coverage – which helps cover costs like forensic investigations, credit monitoring, legal fees and settlements – varies widely, depending on the strength of a company’s security. But the overall trend is sharply up.
Retailers and health insurers have been especially hard hit by the squeeze after high-profile breaches at Home Depot Inc , Target Corp, Anthem Inc and Premera Blue Cross.
Health insurers who suffered hacks are facing the most extreme increases, with some premiums tripling at renewal time, said Bob Wice, a leader of Beazley Plc’s cyber insurance practice.
Average rates for retailers surged 32 percent in the first half of this year, after staying flat in 2014, according to previously unreported figures from Marsh.
Higher deductibles are also now common for retailers and health insurers. And even the biggest insurers will not write policies for more than $100 million for risky customers. That leave companies like Target, which says its big 2013 data breach has cost $264 million, paying out of pocket.
No. 2 U.S. health insurer Anthem ran into difficulties renewing its coverage after an attack early this year that compromised some 79 million customer records, according to testimony from Anthem General Counsel Thomas Zielinski at an August hearing of the National Association of Insurance Commissioners.
Renewal rates were “prohibitively expensive,” according to minutes of that session seen by Reuters. The company managed to get $100 million in coverage, Zielinski said, but only after agreeing to pay the first $25 million in costs for any future attacks. The company would not say what that figure was before, but it was likely much smaller.
A problem with Cisco VPN systems could be exposing enterprise passwords to the sort of people who use them for bad things.
Yesterday we had Cisco warning about someone else’s problem, but today we have a company called Volexity volleying a shot in Cisco’s direction. Volexity said that it has found two exploitable vulnerabilities that can be used to drain details from databases. It reckons that this represents an upscaling in attacks, their means and their methods.
The problems exist in the web-based Cisco Clientless SSL VPN (Web VPN) that connects users to Cisco Adaptive Security Appliance devices. A screenshot shows this as a typical log-in box that asks for a username and password.
“As the industry is learning, firewalls, network devices and anything else an attacker might be able to gain access to should be scrutinised just as much as any workstation or server in an organisation.
“Having your own devices turned against you can make for a bad week. This represents yet another way attackers are taking credential theft and network persistence to the next level.”
We have asked Cisco to comment on the Volexity report, and are waiting for a response. Volexity has plenty to say, and explained that even two-factor authentication would have quailed in the face of the threat because of its positioning on the network.
The vulnerability has been present for at least a year, according to the study, and has been addressed by Cisco in the past. However, hackers moved fast and got a foot in the door.
“While Cisco provided updated software to address the vulnerability, attackers were already off to the races. Vulnerable organisations that were slow to update may have received an unwelcome addition to the source of their logon.html file,” added Volexity.
“Victim organisations effectively had their Cisco Web VPN devices turned into credential collectors for the attackers. This particular round of attacks appears to have compromised several organisations around the globe.”
This is the second time in a month that Cisco has had the insecurity finger pointed at its hardware. In September Mandiant warned about Synful Knock. Then Cisco released prophylactic tools, and thanked the messenger.
The tried and tested fake application threat has been felt again in the Android Play store, according to security research outfit ESET.
ESET is not new to this, nor is the Play store. The security firm said that the aim of the latest infections and attack is to take over a handset and flood it with advertising.
The infected applications are piggybacking on two popular games called Pou and Subway Surfers, both of which have been downloaded over 200,000 times.
“The apps pose as Cheats for Pou, Guide for Subway and Cheats For Subway, claiming to offer the same application functionality in apps. The payload of these applications is to deliver ads to users at regular intervals,” ESET said.
This sort of thing is common in a lot of apps, and is traditionally called advertising.
ESET said in a We Live Security blog post that this is much worse, explaining that once installed the application will resist all efforts at removal and will be a very stubborn presence and persistent marketing mouthpiece.
“While ad-supported applications are common in the Android ecosystem, there’s a clear boundary of behaviours that ESET cannot condone. These particular AdDisplay POUs [potentially unwanted applications] contain specialised self-protection functionalities that not only make the removal of the app from the Android device more difficult, but help it evade detection by Google Bouncer in the first place,” the firm said.
“When users realise that the apps are exhibiting very unusual behaviour and try to uninstall them, they will find that this is far from easy. The apps will ask the user to activate the device’s administrator rights. Thus, users may have difficulty removing this AdDisplay threat.”
The firm has announced workarounds for anyone suffering from the malware. We have, of course, asked Google for its own information and statements.
This isn’t the first time that Google Bouncer has been evaded for malicious gain. Perhaps the system is having some personal problems that are distracting it from work.
Soitec’s CEO and board chairman has raised an eyebrow or two when he said that the iPhone 6s has multiple RF chips built on silicon-on-insulator (SOI) substrates and that Intel and IBM are using the tech for their silicon photonics push.
According to EETimes Paul Boudre, who claimed that SOI is already being used by Apple and Intel even though neither company is broadcasting it. SOI appears to be on track to major market penetration even while the rest of the industry is talking FinFETs.
GlobalFoundries general manager Rutger Wijburg told the SEMICON Europa 2015 that his outfit’s 22-nanometer “22FDX” SOI platform delivers FinFET-like performance but at a much lower power point and at a cost comparable to 28-nanometer planar technologies.
The 300-millimeter $250 million FD-SOI foundry here in the “Silicon Saxony” area of Germany, builds on 20 years of GlobalFoundries’ investments in Europe’s largest semiconductor fabs.
GlobalFoundries said it will extend Moore’s Law by using fully-deleted silicon-on-insulator (FD-SOI) transistors on wafers bought from Soitec.
Many had thought that if GloFlo’s FD-SOI gamble paid off then it would be a while before FinFET would have a serious rival. But Boudre’s claims suggests that SOI is already being used.
Customers like Intel and OEMs supplying fully-deleted silicon-on-insulator (FD-SOI) RF transistors to Apple proves that SOI and Soitec are past the cusp of the growth curve, destined to ramp up exponentially.
The problem for Soitec is no one is really talking about it. Chipzilla is committed to the FinFET, because it is higher performance than FD-SOI, even though it is higher power too.
Boudre said that it was supplying SOI wafers to Intel for other applications that don’t require high-performance. For instance, our wafers are very good for their silicon photonics projects.
Apple is already using SOI for several radio frequency (RF) chips in their front-ends, because they use 20-times less power. The iPhone is still using gallium arsenide (GaAs) for its power amplifier (PA) because it needs the high-power device for good connections, but for other RF front-end chips, and in fact for all the chips that they want to keep “always on,” the lower power consumption of FD-SOI is pushing the smartphone makers to Soitec, Boudre said.
SOI wafers cost three-times as much as bulk silicon but the cost per die is less because of the simplified processing steps including fewer masks.
Normally GPS chips run on 0.8 volts and consume over 20 milliamps, so they must be turned off most of the time. But when they are made with SOI wafers, they can run on 0.4 volts and consume only 1 milliamp. The mobile device to leave them on all the time and new and more accurate location sensing and new kinds of location-based applications can be developed.
What is amusing then is that Intel’s reason for going with FinFETs was that SOI wafers were too expensive but it did find a use for it.
GlobalFoundries’ Saxony fab will offer four varieties of its 22FDX process.
FDX-ulp for the mainstream and low-cost smartphone market. This will use body-biasing to beat FinFETs on power, but equal them in performance.
FDX-uhp for networking applications using analogue integration to match FinFETs while minimizing energy consumption
FDX-ull for ultra-low power required by wearables and Internet of Things applications. This will have a 1 picoamp per micron leakage
DDX-rfa for radio frequency (RF) analogue applications delivering 50 percent lower power and reduced system costs for LTE-A cellular transceivers, high-order multiple-input/multiple-output (MIMO) WiFi combo chips and millimeter wave radar.
Qualcomm has continued its friendship with Microsoft by extending its latest LTE-Advanced modem, the X12, to Windows 10 notebooks and tablets.
The chipmaker was the only major chip provider to optimize its architecture for Windows Phone, and Microsoft’s Lumia devices, which run on Snapdragon 808 and 810 chips.
The Windows 10 devices which come to market later this year will have the option to integrate cellular connectivity with the X12, X7 or X5 LTE modems, which support the Microsoft operating system’s native Mobile Broadband Interface Model (MBIM).
Qualcomm said this would give business users, in particular, a similar experience on their large-screened devices as on their smartphones, giving the particular examples of location-based services and security driving LTE usage on PCs and tablets.
Integrated cellular connectivity has not been so important for notebook users, outside of a few scenarios such as WiFi-less trains, most wireless access from notebooks, and even tablets, is over a WLAN.
Qualcomm makes WiFi chips for portable devices but it does not have such a big market share. Working with Microsoft means it could have a higher presence and a far better chance of delivering mass sales. The Surface Pro and its new Surface Book, is getting good reviews and might even be popular.
Eight months after admitting a major data breach, ride service Uber is focusing its legal efforts on obtaining more information about an internet address that it has persuaded a court could lead to identifying the hacker. That address, two sources familiar with the matter say, can be traced to the chief of technology at its main U.S. rival, Lyft.
In February, Uber revealed that as many as 50,000 of its drivers’ names and license numbers had been improperly downloaded, and the company filed a lawsuit in San Francisco federal court in an attempt to unmask the perpetrator.
Uber’s court papers claim that an unidentified person using a Comcast IP address had access to a security key used in the breach. The two sources said the address was assigned to Lyft’s technology chief, Chris Lambert.
The court papers draw no direct connection between the Comcast IP address and the hacker. In fact, the IP address was not the one from which the data breach was launched.
However, U.S. Magistrate Judge Laurel Beeler ruled that the information sought by Uber in a subpoena of Comcast records was “reasonably likely” to help reveal the “bad actor” responsible for the hack.
On Monday, Lyft spokesman Brandon McCormick said the company had investigated the matter “long ago” and concluded “there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber’s May 2014 data breach.”
McCormick declined to comment on whether the Comcast IP address belongs to Lambert. He also declined to describe the scope of Lyft’s internal investigation or say who directed it.
Lambert declined to comment in person or over email.
Smartphone owners running Google’s Android operating system in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.
Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores.
“This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat,” wrote Yulong Zhang, a staff research scientist with FireEye.
Whomever created Kemoge repackaged legitimate apps with the malware and then promoted them on websites and through in-app ads to persuade people to download them.
Zhang listed a dozed affected apps: Sex Cademy, Assistive Touch, Calculator, Kiss Browser, Smart Touch, Shareit, Privacy Lock, Easy Locker, 2048kg, Talking Tom 3, WiFi Enhancer and Light Browser.
Third-party apps stores are considered risky places to download Android apps, as hackers frequently upload malicious apps to them. Google performs a security check on apps in its Play store, although harmful ones occasionally sneak in.
Kemoge not only displays unwanted ads, but it’s also loaded with eight root exploits that target a wide range of Android devices, Zhang wrote. A successful attack using those exploits means an attacker would have complete control over the device.
Kemoge will collect a device’s IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.
That command-and-control server was still running, Zhang wrote. An analysis of traffic exchanged between an infected device and the server showed Kemoge also tries to uninstall antivirus apps.
FireEye came across an app called Shareit in Google’s Play store that was signed by the same digital certificate as the malicious one found on the third-party source.
The Google Play version of ShareIt did not have the eight root exploits or contact the command-and-control server, but it did have some of the same Kemoge code libraries. It now appears to be gone from Google Play.
Samsung is not doing that well in smartphones. To be fair, no one is, but Samsung has the ability to become something much more interesting – it could replace AMD as Intel’s rival.
Actually AMD is pretty cheap right now and if it was not for the pesky arrangement that prevents AMD’s buyer getting its x86 technology then it would have been snapped up a while ago. But with, or without AMD, Samsung could still make a good fist of chipmaking if it put its mind to it. At the moment its chipmaking efforts are one of the better things on its balance sheet.
Its high-margin semiconductor business is more than making up for the shortfall in smartphones. Selling chips to rivals would be more lucrative if they were not spinning their own mobile business. The products it have are worth $11.7 billion this year, more than half the company’s total.
Growing demand for chips and thin-film displays is probably the main reason that Samsung now expects operating profit to have reached $6.3 billion. After applying Samsung’s 16 percent corporate tax rate, its chip division is likely to bring in net income of slightly less than $10 billion.
To put this figure into perspective Intel expects to earn $10.5 billion in this year. Samsung is also sitting on a $48 billion net cash pile. Samsung could see its handset and consumer electronics business as a sideline and just focus on bumping off Intel.
The two sides of such a war would be fascinating. Intel has its roots in the PC chip market which is still suffering while Samsung is based in the mobile chip market which is growing. Intel has had no luck crossing into the mobile market, but Samsung could start looking at server and PC chips.
AMD is still dying and unable to offer Intel any challenge but there is a large market for those PC users who do not want to buy Intel. What Samsung should have done is use its huge cash pile to buy its way into the PC market. It might have done so with the IBM tech which went to Lenovo. It is still not out of the running on that front. Lenovo might be happy to sell IBM tech to Samsung.
Another scenario is that it might try to buy an x86 licence from Intel. With AMD dying, Intel is sitting on a huge monopoly for PC technology. It is only a matter of time before an anti-trust suit appears. Intel might think it is worthwhile to get a reliable rival to stop those allegations taking place. Samsung would be a dangerous rival, but it would take a while before it got itself established. Intel might do well to consider it. Of course Samsung might buy AMD which could sweeten that deal for Intel.
Samsung could try adapting its mobile chip technology for the PC/server market – it has the money to do it. Then it has a huge job marketing itself as the new Intel.
It might just work.
Distributed Denial-of-Service (DDoS) attacks continue to plague companies and have spiked in numbers in the past three months, according to security firm and interested party Corero Network Security.
Some poor companies were hit with an average of 4.5 DDoS attacks a day in the past three months, an increase of about a third against the previous quarter.
While the attacks increased, they softened a bit, and Corero said that studies of its customer network found a number of low-bandwidth attacks, under 10Gbps, that lasted for less than 30 minutes. In fact, these attacks accounted for 95 percent of all those during the period.
Corero reckons that these quick fire DDoS attacks have been enabled by the ease of access to cheap, sometimes even free, attack tools that are easy to launch and easy to execute.
“Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to disrupt business operations or access sensitive corporate information, and they’re doing it in increasingly creative ways that circumvent traditional security solutions or nullify the previous effectiveness of scrubbing centres,” said Dave Larson, CTO and VP for product at Corero.
“In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against data theft and financial loss, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration.”
Corero’s findings differ from predictions by Akamai, which reported a rise in mega DDoS attacks that are large in size and scale. Akamai has previously warned that big attacks with a 100Gbps hammer blow are likely to affect companies during the quarter and in the future.
Whatever, any kind of DDoS attack is a bad thing but, as Corero helpfully points out, companies offer protective solutions for the threat. So mega or mini, we can sleep safely knowing that the threat is in safe hands.
Dell Inc, the world’s third largest personal computer maker, is holding discussions to acquire data storage company EMC Corp, a person familiar with the matter said, in what could be one of the biggest technology deals ever.
A deal could be an option for EMC, under pressure from activist investor Elliott Management Corp to spin off majority-owned VMware Inc.
The terms being discussed were not known, but if the deal goes through it would top Avago Technologies’ $37 billion offer for Broadcom. EMC has a market value of about $50 billion.
Dell is also in talks with banks to finance an all-cash offer for EMC, the person told Reuters on condition of anonymity as the talks were confidential.
Dell spokesman David Flink and EMC spokesman Dave Farmer declined to comment.
A deal could further strengthen Dell’s presence among corporate clients at a time when founder Michael Dell has been trying to transform the company he founded in 1984 into a complete provider of enterprise computing services such as Hewlett-Packard Co and IBM.
The talks come two years after Michael Dell and private-equity firm Silver Lake took Dell private for $24.9 billion, ending its decades-long run as one of the world’s largest publicly traded PC makers.
In August, Re/code reported that EMC was contemplating a takeover by VMware. The Wall Street Journal reported last year that EMC was exploring options and had held talks with Dell and HP.
The move will allow AOL to target ads at visitors to its sites and others using information from Verizon’s databases as well as its own. According to Verizon’s October 2015 privacy notice, the targeting criteria include visitors address, email address, age range, gender, interests, location, mobile web browsing history and app usage. The company can also track some non-mobile web browsing, to sites carrying AOL ads, it said.
Verizon links all this information together using a patchwork of identifiers, including ad IDs from Apple and Google, browser cookies from AOL, and its own Unique Identifier Header (UIDH) which it adds to mobile data traffic on its network. It’s this last item that ads significantly to AOL’s ad targeting power, as it’s easy to delete or change the other identifiers.
It’s also now possible to opt out of Verizon’s UIDH system too, thanks to reporting by ProPublica, which earlier this year revealed that the company was still using the identifier to track users who had deleted it.
Concern about targeted advertising is rising, with an increasing number of Internet users opting out of advertising altogether through the use of ad-blocking software. Apple recently made it possible to download content blockers for its Safari browser on iOS, prompting a flurry of players to enter the market.
Some see such blockers as a tool to force the online advertising industry to change its ways. One, Eyeo, deliberately lets through certain ads, as long as they are unobtrusive. It introduced has its own iOS content blocker — but also taken steps to win over other developers to its platform by making its process for allowing some ads through the blocker more transparent.
Jim Zemlin, chief executive of the Foundation, said in his opening remarks that this year’s opening day falls on the 24th anniversary of Linux itself and the 30th of the Free Software Foundation, giving credit to delegates for their part in the success of both.
He also noted that research conducted into the value of the Linux codebase has shown that in the past few years the code has been worth over $5bn.
As part of the launch he also made three key announcements. Firstly, a workgroup is being created to standardise the future of the software supply chain. The Openchain workgroup is centred on creating best practices to ease compliance for open source developers and companies.
In doing so it is hoped that cost and duplication of effort can be reduced significantly, and in doing so ease friction points in the supply chain. The workgroup’s founder members include ARM, Cisco, NexB, Qualcomm, SanDisk and Wind River.
By providing a baseline process, which can then be customised according to customer need, Linux developers will have a basis for monitoring and developing compliance programmes.
Existing best practices such as Debian and the Software Package Data Exchange will be used as foundations for the framework.
The second announcement involves an acceleration to the process of real-time Linux development. the Real-Time Linux Collaborative Project will bring together industry leaders and thinkers to advance the type of tech that is crucial for areas such as robotics, telecom, manufacturing, aviation and medical industries.
Two of this morning’s keynotes centred around the ideas of real-time Linux. Sean Gauley, founder of big data analysts Quid, talked about the $300m spent on a new London to New York undersea cable to cut just five milliseconds off data speed, coupled with the seven minutes of downtime the New York Stock Exchange has to suffer while humans crunch the impact of a Treasury announcement.
The Real-Time Linux Collaborative Project brings together organisations as diverse as Google, Texas Instruments, Intel, ARM and Altera.
Thomas Gleixner of the Open Source Automation Development Lab has been made a Linux Foundation fellow in order to lead the process of integrating real-time code into the main Linux kernel, which Zemlin joked would be finished within six months.
In reality this is a long-term goal, albeit a highly achievable one that could revolutionise a number of key industries.
Finally, FOSSology, the open source licence compliance software project and toolkit founded by HP in 2007, is moving home to become part of the Linux Foundation. With it comes FOSSology 3.0, due for release this week.
“As Linux and open source have become the primary building blocks for creating today’s most innovative technologies, projects like FOSSology are more relevant than ever,” said Zemlin.
“FOSSology’s proven track record for improving efficiency in licence compliance is the perfect complement to a suite of open compliance initiatives hosted at the Linux Foundation. This work is among the most important that we all do.”
FOSSology allows companies to run licence and copyright scans in a single click, and generate a Software Package Data Exchange, or readme file.
By moving the project to the Linux Foundation, the toolkit is kept in neutral hands alongside other initiatives such as the Core Infrastructure Initiative, the Open Container Project and Dronecode.
Dronecode’s Loenz Meier spoke alongside Tully Foote of the Open Source Robotics Foundation about their quest to “take back” the term ‘drone’ from its negative military connotations.
The team, whose work in Switzerland dates back to “when they were still called model aircraft”, included information about Mavlink, the self-styled ‘HTML for drones’, and Robot Operating System, a meta operating system for autonomous devices.
The team has been concentrating primarily on using telemetry data to allow drones to navigate around objects, in a similar way to that being achieved by Google’s self-driving cars.
LinuxCon Europe runs until Wednesday, bringing together representatives from back bedroom developers to giant corporations like Facebook, all sharing a common goal to nurture the community which approaches its quarter century primed to take over even more aspects of our everyday lives – quiet, unassuming but always there.
Speakers this year include people from Suse, Red Hat, Google, Raspberry Pi and the godfather of Linux, Linus Torvalds.
The INQUIRER will be talking tomorrow to some top bods from the Linux community. So early to bed for us tonight and absolutely no Guinness.
Intel’s next-generation Cannonlake consumer-targeted processors could be the chip to leap from quad-core designs for the great unwashed.
An Intel engineer has been caught boasting on this Linkedin profile that he had a hand in Cannonlake system-on-chip (SoC) parts which integrated four, six, or eight processing cores with a Converged Coherent Fabric (CCF). He described this as acting like the Northbridge of an old-fashioned chipset setup.
Intel has not used this phrase before but it does explain some rather strange job adverts wanting a ‘Coherent Fabric Architecture Engineer.’ We have not met anyone in the fashion industry who was coherent let alone a fabric maker.
Intel has been making products with lots of processing cores but it seems addicted to four cores on consumer desktops (with or without the HyperThreading technology that extends it to running eight simultaneous threads.)
If the leak is right, then the 10nm Cannonlake family could be offered in hexa- and octa-core varieties.
Boosting the number of CPU cores on its next-generation products would allow the company to continue to tell software developers to concentrate on making the best use of CPU cores rather than looking to HSA and other than the general-purpose GPU to boost performance.
Google, which has now transitioned into holding company Alphabet Inc, is in talks with messaging startup Symphony Communication Services LLC for a round of fundraising, a person familiar with the matter told Reuters.
Symphony’s chat service allows financial firms, corporate customers and individuals to put all of their digital communications on one centralized platform.
The talks are ongoing and no terms are finalized yet, the source added.
The Wall Street Journal, citing people familiar with the matter, reported earlier on Monday that Google invested in a new round of funding for Symphony that values the company at about $650 million.
The service is backed by Goldman Sachs Group Inc and other big Wall Street banks.
Goldman led a group of 14 banks including Bank of America Corp, Citigroup Inc and JPMorgan Chase & Co in making a $66 million investment in Symphony last October, when Symphony was set up. Symphony spokeswoman Samantha Singh declined to comment.
Many on Wall Street think of Symphony as a rival to Bloomberg LP and Thomson Reuters Corp, which provide messaging and information services for bankers, traders and investors.
Those terminals can cost tens of thousands of dollars per year for each customer.
Symphony is available to businesses with more than 50 users for $15 per user per month. Smaller businesses and individuals can use the tool for free.
Big data refers to companies or other institutions using digital information on consumer behavior from a wide variety of sources, such as their own databases, to make market predictions or spot patterns. The global financial services industry is expected to spend billions of dollars in coming years to improve their analysis capabilities.
But civil liberties campaigners have expressed concerns that use of such data could breach personal privacy. They also say it could be misused to discriminate against certain sections of the population in so-called profiling, for example based on age, gender, health or ethnic background.
The three EU financial regulators – the European Banking Authority, European Securities and Markets Authority, and European Insurance and Occupational Pensions Authority – will focus on the “opportunities and challenges” related to the use of big data, they said in a joint statement on Monday.
“The topic aims to analyze the adequacy of sectoral regulatory frameworks and identify any regulatory and/or supervisory measures which may need to be taken,” they added.
They will look into the matter in the coming year, but did give further details about the nature of the work or when they would announce findings.
Banks are hoping to use in-house data in better ways to spot fraudulent activities more easily, look at spending patterns to decide where to locate a new branch or personalize financial products.