In the American FFIEC guidance "Authentication in an Internet Banking Environment" Published in October 2005, the use of IP Geolocation was used as an example of implementation of two-factor authentication. Having received this, the incorporation of security solutions catered for banks has been positively carried out.
In June 2011, a "Supplemental Guidance" for the guidance above was released by the American FFIEC, a principle for the necessity to correspond to even more sophisticated threats was indicated. Specifically, it is the following description: "In order to conceal their real IP address, attackers will devise an attack on the website through a proxy (relay website). If the IP address of the access point to the web server is concealed, on a simple assessment based on Geolocation information, there is a chance that the attacker's fraudulent activities may be overlooked." Even on the side of the IP Geolocation data provider, more data expansion is being planned than before, through methods such as increasing attribute data.
Authentication in an Internet Banking Environment - FFIEC
The financial sector's measures against fraudulent activity, and the electronic commerce sector's measures against fraudulent activity (both handled as solutions to detect and prevent fraudulent activity related to the movement of money online) are both referred to as "Web Fraud Detection", and are not discriminated.
In the document released by Gartner in April 2011, it is stated that, "backed by the sudden increase in cyber crime and and malware attacks, internet fraud detection market has grown by 35% since 2010." From this, we can see the increase in the amount of damage done with each type of fraud and the fact that even more emphasis is being put on the countermeasures against them.
Cases in which businesses that offer countermeasures for fraudulent activity become purchased by larger financial corporations are also attracting attention. Perhaps this again suggests that the age in which only small businesses with light security are victimized has come to an end, and that measures to counter large-scale attacks against large corporations are being demanded.