GRAND RAPIDS, Mich. (2/19/09)--Since the Heartland Payment Systems data breach and a recent Visa fraud alert about attacks on audio response systems, CU*Answers is advising credit unions how to prevent fraud attacks designed to gain account information via audio response banking. Among its recommendations:
* Monitor personal identification number (PIN) activity. If a member's account is listed repeatedly, it could either mean the member is struggling and needs assistance, or someone is trying to guess the member's PIN. * Review your procedures for resetting PINs. If you do not have a good verification system to identify a member when someone calls and asks to reset a PIN, you are putting your members at risk. Bad guys sometimes have access to a member's name and other personal information. When in doubt, ask the member to visit the branch to verify identity before changing the PIN. * Check your default access settings. Do you automatically grant access to audio response for new members, even if they never elect to use it? Wait to grant access until the member requests it, and set up a confidential PIN while the member is in your presence. * Remind your members about audio response. Once the members are used to online banking, they don't use audio as often. Suggest they use the service periodically and change their PIN frequently.
CU*Answers is a West Michigan-based credit union service organization serving 165 credit unions across the nation with a variety of processing services.