Can the Internet of Things Perpetuate Fraud?

One of the more exciting developments in technology in recent years is the Internet of Things. It takes machine communications and learning to a new level by taking the human out of the picture. The end result is extensive amounts of data going between computers and other sensors. It could have great potential in certain industries, especially payments, where important transactions happen automatically without worry. However, the lack of a human touch presents opportunities for fraud, which is why banks should express caution with this new concept, especially as it continues to grow.

 

The great potential of things

The Internet of Things takes a basic concept and expands it to more interesting areas. Through a series of sensors that contain computers on a chip, machines communicate a significant amount of data with one another in a network setting. Cloud-based computing enables the process through scalable computing power. Some “smart” machines can act upon the data they receive to perform certain tasks or alert humans on a situation. All of these tasks occur automatically, mean the owner of the equipment has very little input into the process if at all.

 

That basic concept alone presents a lot of potential, according to Fraud Tech Wire. For example, the publication noted the collaboration between Ford and Microsoft to add new connected features to the former company’s cars powered by the latter’s Azure cloud platform. That can help owners learn about something wrong with their vehicle more effectively, even without needing to visit the local repair shop or dealer. Such ideas mean the IoT will likely include as many as 5.4 billion connected devices by 2025.

 

When everything is a machine…

However, the most glaring problem with the Internet of Things is the same that plagues every single computer: It’s hackable. No machine is tamper-proof against hackers and other criminals. For banks and other organizations, this presents a variety of problems. Cybersecurity firm Fortinet identified a few examples in insurance. A person could hack a smoke detector so its records indicate a fire starting in one place rather than another, which allows for greater compensation. Another idea is ransomware, where hackers hold machines “hostage” or scoop up data to sell back as ransom.

 

In payments, however, the potential of fraud through the Internet of Things is already evident in the most significant data and payments story of the last few years: the Target breach. As cybersecurity blog Krebs on Security noted in a report, the story that criminals seized data by directly accessing the point-of-sale system is only partly true. While they found the data there, they got into the system through the company’s smart HVAC system, which controls heating and cooling in each store. The software that powered it was insecure and connected to the store’s intranet, allowing for a backdoor to the POS.

 

This doesn’t mean that IoT is too dangerous an endeavor. However, businesses and banks interested in getting their machines connected and communicating should look for ways to minimize potential avenues to sensitive data. In this way, they can yield the benefits of more connectedness while minimizing fraud potential.