Share these talks and lectures with your colleagues
Invite colleaguesCase study
#SafeCard: Ukraine’s answer to cyberthreats targeting cardholders
Cyber Security: A Peer-Reviewed Journal,
2
(1),
38-50
(2018)
Abstract
This paper reviews the project #SafeCard that was implemented by the Ukrainian Interbank Payment Systems Members Association (EMA) with the financial support of the US Embassy in Ukraine. The project spanned 2016–17 in Ukraine. Its aim was to minimise the level of fraud of payment instruments and ATMs. A number of political and economic factors in Ukraine have contributed to a significant growth in cybercrime schemes targeting bank clients. The main threat to Ukrainian cardholders is the use of social engineering methods that aim to complete operations in a card-not-present (CNP) environment (voice phishing (vishing), SMS phishing (smishing) and phishing websites), along with skimming and cash trapping in ATMs. Threat analysis and forecast was conducted, a common vision for the future was agreed and the following main objectives were determined: 1) To improve Ukraine’s criminal legislation; 2) To raise awareness among Ukrainian citizens; 3) To improve capacities of criminal justice professionals to obtain and check information in banks; 4) To improve the knowledge and skills of criminal justice professionals and their cooperation with banks; 5) To raise awareness among prosecutors and judges. This was the first implementation of a project on this scale in Ukraine. As well as meeting the desired challenges, the project also resulted in a hugely positive experience and strengthened the synergy of public–private partnerships. This paper describes the project and the final results. The author hopes that readers will gain some insights that will be beneficial for work to prevent payment fraud in their own countries.
Keywords: Ukraine; vishing; smishing; phishing; awareness; cooperation
The full article is available to subscribers to the journal.
Author's Biography
Olesya Danylchenko is deputy director, head of payment instruments and credits security forum for the Ukrainian Interbank Payment Systems Members Association (EMA). She has 17 years’ experience in payment cards and ATM risk management, security and fraud prevention, with seven years specialising in payment cards and ATM interbank antifraud information exchange, and private and public sector cooperation in Ukraine. She started her professional career in 2000 as a risk manager at Interbank Processing Centre Topaz of the National Bank of Ukraine after graduating from the Cybernetics Department of Kiev State University. In 2001, she was invited by the security department of JSCB Ukrsotsbank to develop strategies and implement security rules and procedures for bank in-house processing, payment card and ATM fraud prevention and monitoring. While in this post, in 2007 she obtained an MBA specialising in strategic management. In 2010, she joined EMA as head of payment instruments and credits security forum, where her remit covers improved cooperation, and exchanging incidents and experience between financial institutions and law enforcement agencies of Ukraine and neighbouring countries. Since 2011 she has represented Ukraine in the European Association for Secure Transaction (EAST) and since 2016 has been a member of the Advisory Group on Financial Services (AGFS) of EC3 (European Cyber Crime Centre) Europol.
