As the article ‘Cybersecurity Should Be the Financial Sector’s New Year’s Resolution’ pointed out, the financial sector is under threat of cybercrime every day. Banks worldwide have lost over ₹41.6 trillion ($600 billion) due to cybercrime, with some ₹347 billion ($5 billion) lost due to ransomware alone. These numbers are staggering, and are clear evidence of the necessity to invest in IT infrastructure and cybersecurity in the internet age. This is especially the case here in India, where 76% of Indian businesses were hit by cyberattacks in 2018. Perhaps unsurprisingly, the financial sector was one of the hardest hit, along with the oil and energy industries.
Just as disconcerting is that 97% of IT managers here admit that cybersecurity is “one of the greatest issues in India” yet, many are ill-equipped — either because of expertise or infrastructure — to do anything about it. According to Sophos India Managing Director of Sales Sunil Sharma, IT personnel spend, on average, approximately four months just to investigate security incidents. “It has been found that the visibility is not there,” Sharma said. “We don’t know what kind of attack. We don’t know how many modes it has actually travelled. We don’t know how the attack is damaging, which are the endpoints, where it has actually made damage.” In other words, there is a cybersecurity gap in India, and it needs to be bridged sooner, as any delay might result in more financial losses through lost data, operational disruptions, damaged infrastructure (servers, endpoints, etc.), and damage control.
There are ways though that companies are bridging the cybersecurity gap:
With the Indian government determined to make the country a digital economy (witness the introduction of Digital Locker and the increase in digital payments in the country), India is sure to become an even bigger target for cybercriminals. This imminent threat means businesses must be proactive when it comes to cybersecurity. To this end, many seem to have taken notice. An Open Gov report notes that India ranks second in cybersecurity insurance, behind the UK, with 82% of Indian firms claiming to have it in place. However, only 48% of the businesses reported having comprehensive cybersecurity insurance (well-known providers in India include Bajaj Allianz, Lucideus, Marsh). Curiously, only 40% of firms in the financial sector have comprehensive coverage.
What these figures mean is that only 48% are adequately protected from cybercriminals, especially given India’s thriving IT industry. The rest, however, are still at risk, with those having no comprehensive coverage exposed to advance-level cyber-attacks such as those that employ automation and machine learning. The remaining 18% with no cybersecurity insurance are the most vulnerable. Businesses are therefore advised to at least explore getting cybersecurity insurance, especially with across-the-board expectations that cyberattacks will increase moving forward.
Investing in IT
Right now, 9 in 10 CISOs believe that breaches are near-certainties. The reason for this is digital transformation, which as Frolov explains, “widens the surface of attack,” thus giving cybercriminals “more opportunities to find weaknesses, to creep into systems, and to leak or exploit data.” This fact underscores the need for businesses to invest heavily in their own IT security teams, in conjunction with cybersecurity insurance. Doing so gives firms a multi-pronged mechanism against cyberattacks.
One thing to consider in this regard — again, as Frolov points out — is to shift from the prevention paradigm to the detection and response model. In the latter, the emphasis is to “detect an attack quickly enough, and respond comprehensively and quickly enough to minimise its impact.” This shift in focus is necessary because cybercriminals will eventually find ways to circumvent whatever preventive measures are in place. Case in point is last August’s Cosmos Bank hacking incident, where systems were hacked into by “a more advanced . . . and highly coordinated operation that bypassed three main layers of defence contained in International Criminal Police Organization (INTERPOL) banking/ ATM attack mitigation guidance.” In other words, the attackers were able to bypass several security systems, including the bank’s to illegally transfer funds from Cosmos to 30 different banks globally. With improved detection and response mechanisms, such an attack would have been discovered earlier, and addressed accordingly.
Procure more experts in cybersecurity
As pointed out earlier, India’s IT industry is still developing, but is not exactly clueless when it comes to safeguarding against cybercrime. Cybersecurity adviser Gulshan Rai told The Hindu Business Line that there is a need for experts in the industry, which is expected to reach a market value of ₹2.43 trillion ($35 billion) by 2025. Over a million jobs are due to be created, and cybersecurity experts will definitely be in high demand. This follows a global trend with the top economies also struggling to find enough specialists. The cybersecurity skills gap in the UK was found to be the second worst in the world, despite the country also being the third highest for advertised cybersecurity jobs. The number of jobs vacancies increased by a third between 2014 and 2016. In the U.S, Maryville University’s career evaluation for cybersecurity graduates reports that information security jobs rank third among the vacancies hiring managers are trying desperately to fill. This is despite the industry being one of the most lucrative, with experts earning up to $6,500 more than other IT positions. This is a good indication of how the industry has expanded faster than companies or governments can keep up, and has led to a global skills shortage. If India is to become a global leader in the tech industry it will also have to find a way to fill this gap.
The good news is that India is marching unabated in to the digital age, and cybersecurity is one of the two biggest challenges that the country has to face (the other being data localisation). But companies in the subcontinent are meeting that challenge head-on, and they are making headway.
AI: CUSTOMER FACING EMPLOYEES’ BEST FRIEND IN THE FINANCIAL SERVICES INDUSTRY
By Ryan Lester, Senior Director, Customer Experience Technologies at LogMeIn
We’ve all heard the old saying “money talks.” Well when it comes to customer loyalty and retention, good customer experience talks much louder, with 30% of customers leaving a brand and never returning due to a bad experience.
The truth is, there are a lot of companies with similar products and services, but that doesn’t mean that differentiation is impossible. So, what’s the solution? For financial services, large and small, customer experience is becoming the key competitive differentiator and the best way to deliver an impactful experience is to empower customer-facing employees to do their best work. Artificial intelligence (AI) is enabling these employees to create remarkably better customer experiences, resulting in customer loyalty, advocacy, and overall growth.
For financial institutions that have been considering new strategies for improving the quality and efficiency of their customer experience, here are a few ways AI can enable them to deliver the “human factor” that good customer experience demands whilst ensuring customer facing employees can provide a more positive experience for customers.
Increase employee productivity
How much of employees’ time is spent searching for answers to questions? Do they ever have to put customers on hold or even step away to get additional help? AI helps provide front-line employees real-time guidance so they can spend less time looking for information and more time solving problems. An AI-powered chatbot, for example, can be listening in the background of a conversation helping point employees to the right data, solutions, and processes to resolve customer issues faster than ever before.
Deliver a consistent customer experience
When banking customers engage with their financial institutions, they measure the speed and accuracy of the service through two criteria. First, how quickly can the system access their account and deliver the correct information? Is it faster than a human could type it in and share it? And second, if they eventually do need to be connected to a live customer support agent, is their information captured and passed along accurately? AI technology takes those general queries off the customer support team’s plate, providing a quick, accurate, and effective response. If a query needs a more in-depth response, AI can hand it off to support staff to address.
Not only this but leveraging a centralised, AI-powered knowledge solution ensures every employee has access to the same, updated information, so no matter who the customer speaks to, they can be assured that employee responses are both consistent and accurate across the board.
Accelerating employee training and onboarding
Like any industry, employee turnover is inevitable and can be costly. But, not training new employees correctly or in a timely manner could be much more costly. When it comes to financial services there is a lot to learn, whether it is something simple like the process for checking an account balance to all the nuances associated with mortgage loans. AI can support on-the-job training by helping new employees answer questions confidently, correctly, and much quicker than they could before.
Improving employee satisfaction
Today’s banking customer has all kinds of new ideas about their banking experience. “The Amazon Effect” has successfully raised consumer expectations to the extent that a consistent, personal, and relevant experience is the new normal. As a customer, how many times have you been told “I’m sorry, I don’t know the answer?” Customers want solutions to their problems and employees want to be able to deliver those solutions as efficiently and effectively as possible. AI assisting in the background helps minimise those negative moments – making employees job easier, less stressful, and overall more enjoyable.
Identify knowledge gaps
Do you know all the questions employees are getting asked? Do you know what’s easily answered and what’s not? Real-time insights allow knowledge managers to keep up to date on frequently asked questions and gaps in current resources. This allows them to strategically improve or add content where needed.
Augmenting customer service
Whether talking with an AI chatbot or a personable customer service team member, the modern banking customer has high expectations for convenience, speed, and security. Which means that the technology you choose to deploy and how you deploy it is now just as important as who you hire and how you train them.
Today’s AI solutions won’t replace customer service agents or get in the way of the human factors that drive the customer experience. On the contrary, they augment it, allowing the business to do more without adding human resources. The higher the quality of a AI chatbot solution, the better it will be at taking the routine requests off the plate of customer service agents—giving them more time to provide a personalized and positive experience for customers.
BEFORE THE INK IS DRY: CORRECTING BIOMETRIC SPOOFING MYTHS
Eric Setterberg, System Design Engineer at Fingerprints
Biometric authentication is highly robust, and the latest solutions offer considerably greater security than their authentication predecessors: PINs and passwords.
But as biometrics moves into new areas such as payments and access control, privacy and security concerns are rising. Biometrics has long been subject to scrutiny, with many elaborate examples of people working to trick biometric sensors to crack devices in the media and online.
To ensure the continued adoption of biometrics, it is important to shine a light on the reality of biometric spoofing.
The Evolution of Biometric Solutions…
The first use of fingerprints as forensic evidence was in an Argentinean court case in the late 1800s. With the technology still in its infancy, this was done manually and by eye, comparing latent residual prints lifted from crime scenes to charts of inked fingerprints obtained from the suspects at arrest.
A few decades later, the FBI began collecting fingerprints of criminals and civilians. They also introduced the automated comparison of fingerprints by computers in the 1970s. These “traditional representations” have now been standardized by ISO and ANSI.
… and their Spoofs
The earliest and simplest of these matching devices were easy to spoof. Really, all you needed was a photocopy or a good image of a fingerprint to make a successful spoof.
But as biometrics moved to more advanced technology, the game for biometric ‘spoofers’ has changed and the task of crafting fake fingerprints is considerably more difficult.
The biggest boost for biometric security, however, came with its introduction into mobile phones.
How Mobile Changed the Game
Before the widespread integration of fingerprint sensors in smartphones, the technology underwent significant evolution. No operator wanted to use large biometric sensors in modern phone designs. Sensors had to become much smaller to reach the perfect price and design point for the mobile world, but this meant needing to capture data from a smaller surface area of the finger.
To maintain the security of these smaller sensors, algorithms evolved significantly in order to utilize a greater amount of data per unit area. These mobile-driven hardware and software changes resulted in the optimized image capture of modern touch sensors.
As a result, tricking these systems now requires a considerably higher level of detail to be reproduced correctly for a match to be successful, far beyond rudimentary gummi bear spoofs and photocopies…
Setting the Perfect Spoofing Scenario
Compromising fingerprint authentication via spoofing can still be done, even with all the technological advancements. However, it now requires considerable care, skill, money, and time. And to start, a good latent print…
To retrieve a latent print that’s high quality enough to work, you either need a willing volunteer to lend you their finger, or the commitment to stalk a victim until a viable fingerprint can be retrieved. Even with a decent latent print, modern spoofs then require advanced photoshop skills and/or a lab to successfully convert latent prints into effective moulds.
So – what about those articles boasting how easily they have hacked the latest smartphone device’s fingerprint sensor?
In fact, there are only two instances of fingerprint spoofing seen in the media nowadays: proof of concept and cooperative spoofs. Lay enthusiasts and media go through the effort of setting up a lab to create spoofs with latent fingerprints either from themselves or cooperative volunteers. Even the most successful of these take months of work, a highly skilled team, and the perfect scenario of circumstances.
Put simply, the effort required for spoofing modern fingerprint sensors cannot be applied at any scale. Each biometric spoof needs to go through the same laborious process and clinical conditions. So, if you can bring together a willing group of spoofing enthusiasts, tricking a biometric device could earn you fifteen minutes of fame on the internet, but it is likely to be conducive to a successful criminal business plan…
A “How” Without a “Why”
Spoofing biometrics remains technically possible, and there will always be those up to the challenge of trying to hack the latest technology. But the reality is that modern biometric solutions require more time, skill, and frankly, luck, to successfully spoof than ever before. Not to mention that tireless R&D work is continuously strengthening spoofing resistance. And, as use cases start to combine multiple biometric authenticators, such as combining fingerprints with face or iris to perform an authentication, spoofing will only become more complex.
By comparison, hacking PINs and passwords is considerably simpler and more scalable, making it far more lucrative. And, criminals generally take the path of least resistance.
For the average consumer, greater use of biometric authentication is not only a means of simplifying authentication, but dramatically improving the security of their devices, applications, and personal data. With PINs and passwords still the most common authentication method outside of mobile, it is imperative that the true security and advanced nature of modern biometric authentication solutions are understood.
AI: CUSTOMER FACING EMPLOYEES’ BEST FRIEND IN THE FINANCIAL SERVICES INDUSTRY
By Ryan Lester, Senior Director, Customer Experience Technologies at LogMeIn We’ve all heard the old saying “money talks.” Well...
HOW IDENTITY IS SECURELY UNLOCKING THE SME BANKING MARKET
By Mike Kiser, senior identity strategist at SailPoint Have an identification card in your wallet? With a selfie and a...
FIVE REASONS WHY YOUR BUSINESS’ PROCUREMENT TEAM SHOULD BE USING A CONTRACT MANAGEMENT SYSTEM
By Daniel Ball, business development director at Wax Digital Even in today’s digital-first environment some businesses are still storing...
EXEGER – CHANGING THE PERCEPTION OF POWER
FINASTRA GLOBAL SURVEY SHOWS APPETITE FOR OPEN BANKING PICKING UP PACE WORLDWIDE
86% of global banks surveyed are looking to use open APIs to enable Open Banking capabilities in the next 12...
STOCK MARKET ANALYSTS DISCUSS HOW TO INVEST DURING A RECESSION
Online tool looks back at how world markets recovered after the last recession in 2008 Analysts take learnings from previous...
PROTECTING YOURSELF AGAINST A RECESSION
James Turner, Director at Turner Little The coronavirus outbreak has spread to businesses, leaving many around the world counting...
LIBERTY BANK REINFORCES ITS FRAUD STRATEGY TO FURTHER PROTECT ITS CUSTOMERS
Liberty Bank, the third largest bank in the Georgia, has reinforced its fraud strategy to address the rising volume of...
COMMERCIAL FINANCE SPECIALIST IGF NAVIGATES THE LOCKDOWN
Leading independent commercial finance specialist, Independent Growth Finance (IGF), entered the lockdown after a record-breaking financial year came to an end in March. In April, it was accredited by...
COVID-19 WILL BE THE TIPPING POINT FOR DIGITAL TRANSFORMATION IN PROCUREMENT
Seven in ten organisations in the UK say the global pandemic has increased the need for procurement to digitally transform...
TRIO OF NEW REGIONAL DIRECTORS HEAD UP TIGERWIT’S GLOBAL EXPANSION
Following the release of their record revenue for the last financial year, award-winning online trading platform, TigerWit, has strengthened their...
SECURING THE EVIDENCE FOR VAT AND TAX
Filippa Jörnstedt, Senior Regulatory Counsel at Sovos Businesses are almost entirely digital in their nature. With sophisticated technology now...
TIPS TO PROTECT YOUR CASHFLOW DURING THE COVID-19 PANDEMIC
By Rita Cool, Certified Financial Planner at Alexander Forbes Financial Planning Consultants The full impact of the COVID-19 pandemic is...
RETAILERS WHO OPEN THEIR DOORS WILL NEED EXTRA HELP
With thousands of retail stores given the green light to open in the next few weeks the government needs to...
LEADING BANK IN TURKEY USES ONESPAN’S MOBILE APP SECURITY SOLUTION TO HANDLE DOUBLING OF DEMAND FROM COVID-19
OneSpan’s scalability helps DenizBank protect millions of mobile banking users as the coronavirus pandemic drives massive increase in hacking attacks...
KASKO PARTNERS WITH VIVIUM TO LAUNCH FULLY DIGITAL BIKE INSURANCE IN BELGIUM
Vivium, a member of the P&V Group, turned to the InsurTech provider to build an omni-channel and bilingual insurance product,...
THE STRATEGIC ALLIANCE BETWEEN MINSAIT AND AURIGA WILL PROVIDE AN INNOVATIVE OMNICHANNEL PLATFORM FOR A SUPERIOR BANKING EXPERIENCE
Minsait, an Indra company, and Auriga have reached a strategic agreement that will strengthen their position in the digital transformation...
INFORMAL PUBLIC TRANSPORT: FRONT-LINE MOBILITY HEROES
By Devin de Vries, CEO, Where Is My Transport Every week, 5 billion commuters in emerging markets have no...
FIXING THE FLAWS IN FINANCIAL SERVICES’ DATA MANAGEMENT
Simon Cole, CEO at Automated Intelligence, a cloud-based data compliance and governance solutions provider to the financial services sector, warns FS...
FROM MANUAL TO MACHINE LEARNING: HOW TO APPROACH THE RECONCILIATION ‘PROBLEM’
By Christian Nentwich, CEO at Duco At the start of 2020, before the global coronavirus pandemic changed the world,...