Connect with us

Technology

CYBERSECURITY: BY FAILING TO PREPARE, YOU ARE PREPARING TO FAIL

By Sarah Armstrong-Smith, Head Continuity & Resilience at Fujitsu UK & Ireland

With increased scrutiny around big businesses, it’s clear that the public are placing serious value on the trustworthiness and honesty of a company. This shift in expectation and perception is indicative of various attacks, breaches and threats that have affected businesses across all verticals, not just financial services.

However, the impact of these breaches on financial services is arguably more serious due to the vast amount of personal and sensitive data that these institutions hold as the exploitation and abuse of data can cause real harm to individuals. This means that as there is more of a shift towards trust as a differentiator, financial services need to be at the forefront of this change.

Sarah Armstrong-Smith

The fact that banks are now publishing the number of operational and security incidents that have occurred is important in this journey. Whilst this voluntary scheme could present a challenge to banks, as they are exposing themselves to criticism, it also presents a great opportunity to showcase their trustworthiness and proactive approach to cybersecurity, as well as establishing their overall framework and approach to operational resilience

It is this aspect of trust that banks and financial services need to adopt and embrace in order to be competitive and to provide confidence to consumers. That’s why banks need to be show their customers that they are proactively managing cybersecurity threats.

Whilst technology may be a factor in some cybersecurity threats, it is also a big part of solution. Financial service institutions need to consider which of the cybersecurity technologies they should be investing in to ensure that they are prepared for an array of threats, rather than reacting to the breach once it has hit. What is clear is the with the pace of change and adoption of innovative technology, financial institutions need to be constantly prepared.

Back to basics

Taking a back to basics approach is an important step for any business when approaching cybersecurity. This involves having a good understanding of the network and all endpoints so that there is a good understanding of the threat landscape.

Cyber Threat Intelligence (CTI) tools can be used as an early warning system to detect and contain potential threats before they become incidents. This intelligence is essential for any businesses as cybersecurity threats become increasingly indiscriminate.

As a business, having an understanding of your cybersecurity and threat landscape is a must. Once you are aware of relevant threats and vulnerabilities, then you will understand where and how these can be exploited and the impact that this may have on the business as well as individuals. CTI gives organisations visibility into their landscape, and identifies which areas need to be mitigated as a priority.

CTI helps businesses to identify threats early on and so help to prepare them, however it is important that this is not the only step that organisations take in safeguarding their business.

Skin deep security

A key factor in securing financial services is in the authentication models that the institution uses. These have become increasingly more complex and sophisticated – for example multi-factor authentication systems for online banking – however there is still more that banks need to be doing to ensure that data is protected.

Biometrics are the next step in secure authentication as they are a reliable, highly accurate and efficient method of confirming a person’s identity. Technology such as palm vein authentication has the ability to help prevent fraud by identifying a person based on traits underneath their skin. As veins are internal and have a wealth of differentiating features, it is very difficult to deceive vein recognition systems.

People first

While technical solutions are a great way of defending against cybersecurity threats, businesses also need to be investing in their employees to ensure they have the skills, awareness and knowledge to recognise and handle security threats. In fact, a report from the Department for Digital, Culture, Media and Sport and the National Cyber Security Centre   found that in the businesses that had suffered a breach, 57% of incidents had first been spotted by employees. This demonstrates the impact that trained and skilled staff can have on a business.

However, the flip side of this is that one of the most common methods of breaching an organisation is still via phishing as many employees still don’t know how to spot and manage these threats.

Teaching employees cybersecurity skills will not only help in preventing future attacks, it will also create a level of trust between the employees and the employer. Afterall, trust and honesty need to part of the internal culture of the organisation, and it is imperative that we enable people to be the strongest link, rather than the weakest

Final thoughts

In this age of hyper-connectivity, it is no surprise that cybersecurity continues to be a major priority for all industries and businesses, not just financial services, but also that technology holds the key to many of these issues. Businesses need to be proactively putting provisions in place to combat the risk of security threats rather than having to rapidly respond. This includes predicting and responding to an array of threats, as well as continuing to evolve and test the cyber defences

The fact that banks are publishing their operational and security incidents is also a positive step in tacking cyber threats. Whilst this may not directly impact the ability for a company to resist attacks, it will deliver a level of openness and transparency that will increase the levels of trust and confidence with customers.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

AI: CUSTOMER FACING EMPLOYEES’ BEST FRIEND IN THE FINANCIAL SERVICES INDUSTRY

By Ryan Lester, Senior Director, Customer Experience Technologies at LogMeIn

 

We’ve all heard the old saying “money talks.” Well when it comes to customer loyalty and retention, good customer experience talks much louder, with 30% of customers leaving a brand and never returning due to a bad experience.

The truth is, there are a lot of companies with similar products and services, but that doesn’t mean that differentiation is impossible. So, what’s the solution? For financial services, large and small, customer experience is becoming the key competitive differentiator and the best way to deliver an impactful experience is to empower customer-facing employees to do their best work. Artificial intelligence (AI) is enabling these employees to create remarkably better customer experiences, resulting in customer loyalty, advocacy, and overall growth.

For financial institutions that have been considering new strategies for improving the quality and efficiency of their customer experience, here are a few ways AI can enable them to deliver the “human factor” that good customer experience demands whilst ensuring customer facing employees can provide a more positive experience for customers.

 

Increase employee productivity

How much of employees’ time is spent searching for answers to questions? Do they ever have to put customers on hold or even step away to get additional help? AI helps provide front-line employees real-time guidance so they can spend less time looking for information and more time solving problems. An AI-powered chatbot, for example, can be listening in the background of a conversation helping point employees to the right data, solutions, and processes to resolve customer issues faster than ever before.

 

Deliver a consistent customer experience

When banking customers engage with their financial institutions, they measure the speed and accuracy of the service through two criteria. First, how quickly can the system access their account and deliver the correct information? Is it faster than a human could type it in and share it? And second, if they eventually do need to be connected to a live customer support agent, is their information captured and passed along accurately? AI technology takes those general queries off the customer support team’s plate, providing a quick, accurate, and effective response. If a query needs a more in-depth response, AI can hand it off to support staff to address.

Not only this but leveraging a centralised, AI-powered knowledge solution ensures every employee has access to the same, updated information, so no matter who the customer speaks to, they can be assured that employee responses are both consistent and accurate across the board.

 

Accelerating employee training and onboarding

Like any industry, employee turnover is inevitable and can be costly. But, not training new employees correctly or in a timely manner could be much more costly. When it comes to financial services there is a lot to learn, whether it is something simple like the process for checking an account balance to all the nuances associated with mortgage loans. AI can support on-the-job training by helping new employees answer questions confidently, correctly, and much quicker than they could before.

 

Improving employee satisfaction

Today’s banking customer has all kinds of new ideas about their banking experience. “The Amazon Effect” has successfully raised consumer expectations to the extent that a consistent, personal, and relevant experience is the new normal. As a customer, how many times have you been told “I’m sorry, I don’t know the answer?” Customers want solutions to their problems and employees want to be able to deliver those solutions as efficiently and effectively as possible. AI assisting in the background helps minimise those negative moments – making employees job easier, less stressful, and overall more enjoyable.

 

Identify knowledge gaps

Do you know all the questions employees are getting asked? Do you know what’s easily answered and what’s not? Real-time insights allow knowledge managers to keep up to date on frequently asked questions and gaps in current resources. This allows them to strategically improve or add content where needed.

 

Augmenting customer service

Whether talking with an AI chatbot or a personable customer service team member, the modern banking customer has high expectations for convenience, speed, and security. Which means that the technology you choose to deploy and how you deploy it is now just as important as who you hire and how you train them.

Today’s AI solutions won’t replace customer service agents or get in the way of the human factors that drive the customer experience. On the contrary, they augment it, allowing the business to do more without adding human resources. The higher the quality of a AI chatbot solution, the better it will be at taking the routine requests off the plate of customer service agents—giving them more time to provide a personalized and positive experience for customers.

 

Continue Reading

Technology

BEFORE THE INK IS DRY: CORRECTING BIOMETRIC SPOOFING MYTHS

Eric Setterberg, System Design Engineer at Fingerprints

Biometric authentication is highly robust, and the latest solutions offer considerably greater security than their authentication predecessors: PINs and passwords.

But as biometrics moves into new areas such as payments and access control, privacy and security concerns are rising. Biometrics has long been subject to scrutiny, with many elaborate examples of people working to trick biometric sensors to crack devices in the media and online.

To ensure the continued adoption of biometrics, it is important to shine a light on the reality of biometric spoofing.

 

The Evolution of Biometric Solutions…

The first use of fingerprints as forensic evidence was in an Argentinean court case in the late 1800s. With the technology still in its infancy, this was done manually and by eye, comparing latent residual prints lifted from crime scenes to charts of inked fingerprints obtained from the suspects at arrest.

A few decades later, the FBI began collecting fingerprints of criminals and civilians. They also introduced the automated comparison of fingerprints by computers in the 1970s. These “traditional representations” have now been standardized by ISO and ANSI.

… and their Spoofs

The earliest and simplest of these matching devices were easy to spoof. Really, all you needed was a photocopy or a good image of a fingerprint to make a successful spoof.

But as biometrics moved to more advanced technology, the game for biometric ‘spoofers’ has changed and the task of crafting fake fingerprints is considerably more difficult.

The biggest boost for biometric security, however, came with its introduction into mobile phones.

 

How Mobile Changed the Game

Before the widespread integration of fingerprint sensors in smartphones, the technology underwent significant evolution. No operator wanted to use large biometric sensors in modern phone designs. Sensors had to become much smaller to reach the perfect price and design point for the mobile world, but this meant needing to capture data from a smaller surface area of the finger.

To maintain the security of these smaller sensors, algorithms evolved significantly in order to utilize a greater amount of data per unit area. These mobile-driven hardware and software changes resulted in the optimized image capture of modern touch sensors.

As a result, tricking these systems now requires a considerably higher level of detail to be reproduced correctly for a match to be successful, far beyond rudimentary gummi bear spoofs and photocopies

 

Setting the Perfect Spoofing Scenario

Compromising fingerprint authentication via spoofing can still be done, even with all the technological advancements. However, it now requires considerable care, skill, money, and time. And to start, a good latent print…

To retrieve a latent print that’s high quality enough to work, you either need a willing volunteer to lend you their finger, or the commitment to stalk a victim until a viable fingerprint can be retrieved. Even with a decent latent print, modern spoofs then require advanced photoshop skills and/or a lab to successfully convert latent prints into effective moulds.

So – what about those articles boasting how easily they have hacked the latest smartphone device’s fingerprint sensor?

In fact, there are only two instances of fingerprint spoofing seen in the media nowadays: proof of concept and cooperative spoofs. Lay enthusiasts and media go through the effort of setting up a lab to create spoofs with latent fingerprints either from themselves or cooperative volunteers. Even the most successful of these take months of work, a highly skilled team, and the perfect scenario of circumstances.

Put simply, the effort required for spoofing modern fingerprint sensors cannot be applied at any scale. Each biometric spoof needs to go through the same laborious process and clinical conditions. So, if you can bring together a willing group of spoofing enthusiasts, tricking a biometric device could earn you fifteen minutes of fame on the internet, but it is likely to be conducive to a successful criminal business plan…

 

A “How” Without a “Why”

Spoofing biometrics remains technically possible, and there will always be those up to the challenge of trying to hack the latest technology. But the reality is that modern biometric solutions require more time, skill, and frankly, luck, to successfully spoof than ever before. Not to mention that tireless R&D work is continuously strengthening spoofing resistance. And, as use cases start to combine multiple biometric authenticators, such as combining fingerprints with face or iris to perform an authentication, spoofing will only become more complex.

By comparison, hacking PINs and passwords is considerably simpler and more scalable, making it far more lucrative. And, criminals generally take the path of least resistance.

For the average consumer, greater use of biometric authentication is not only a means of simplifying authentication, but dramatically improving the security of their devices, applications, and personal data. With PINs and passwords still the most common authentication method outside of mobile, it is imperative that the true security and advanced nature of modern biometric authentication solutions are understood.

Continue Reading

Magazine

Partner Events

Trending

Finance1 day ago

AI: CUSTOMER FACING EMPLOYEES’ BEST FRIEND IN THE FINANCIAL SERVICES INDUSTRY

By Ryan Lester, Senior Director, Customer Experience Technologies at LogMeIn   We’ve all heard the old saying “money talks.” Well...

Banking1 day ago

HOW IDENTITY IS SECURELY UNLOCKING THE SME BANKING MARKET

By Mike Kiser, senior identity strategist at SailPoint   Have an identification card in your wallet? With a selfie and a...

Business2 days ago

FIVE REASONS WHY YOUR BUSINESS’ PROCUREMENT TEAM SHOULD BE USING A CONTRACT MANAGEMENT SYSTEM

By Daniel Ball, business development director at Wax Digital   Even in today’s digital-first environment some businesses are still storing...

Videos2 days ago

EXEGER – CHANGING THE PERCEPTION OF POWER

   

News2 days ago

FINASTRA GLOBAL SURVEY SHOWS APPETITE FOR OPEN BANKING PICKING UP PACE WORLDWIDE

86% of global banks surveyed are looking to use open APIs to enable Open Banking capabilities in the next 12...

Wealth Management2 days ago

STOCK MARKET ANALYSTS DISCUSS HOW TO INVEST DURING A RECESSION

Online tool looks back at how world markets recovered after the last recession in 2008 Analysts take learnings from previous...

TRUSTS TRUSTS
Business2 days ago

PROTECTING YOURSELF AGAINST A RECESSION

James Turner, Director at Turner Little   The coronavirus outbreak has spread to businesses, leaving many around the world counting...

News2 days ago

LIBERTY BANK REINFORCES ITS FRAUD STRATEGY TO FURTHER PROTECT ITS CUSTOMERS

Liberty Bank, the third largest bank in the Georgia, has reinforced its fraud strategy to address the rising volume of...

News2 days ago

COMMERCIAL FINANCE SPECIALIST IGF NAVIGATES THE LOCKDOWN

Leading independent commercial finance specialist, Independent Growth Finance (IGF), entered the lockdown after a record-breaking financial year came to an end in March. In April, it was accredited by...

News2 days ago

COVID-19 WILL BE THE TIPPING POINT FOR DIGITAL TRANSFORMATION IN PROCUREMENT

Seven in ten organisations in the UK say the global pandemic has increased the need for procurement to digitally transform...

News4 days ago

TRIO OF NEW REGIONAL DIRECTORS HEAD UP TIGERWIT’S GLOBAL EXPANSION

Following the release of their record revenue for the last financial year, award-winning online trading platform, TigerWit, has strengthened their...

Wealth Management4 days ago

SECURING THE EVIDENCE FOR VAT AND TAX

Filippa Jörnstedt, Senior Regulatory Counsel at Sovos   Businesses are almost entirely digital in their nature. With sophisticated technology now...

Finance4 days ago

TIPS TO PROTECT YOUR CASHFLOW DURING THE COVID-19 PANDEMIC

By Rita Cool, Certified Financial Planner at Alexander Forbes Financial Planning Consultants   The full impact of the COVID-19 pandemic is...

News4 days ago

RETAILERS WHO OPEN THEIR DOORS WILL NEED EXTRA HELP

With thousands of retail stores given the green light to open in the next few weeks the government needs to...

News4 days ago

LEADING BANK IN TURKEY USES ONESPAN’S MOBILE APP SECURITY SOLUTION TO HANDLE DOUBLING OF DEMAND FROM COVID-19

OneSpan’s scalability helps DenizBank protect millions of mobile banking users as the coronavirus pandemic drives massive increase in hacking attacks...

News4 days ago

KASKO PARTNERS WITH VIVIUM TO LAUNCH FULLY DIGITAL BIKE INSURANCE IN BELGIUM

Vivium, a member of the P&V Group, turned to the InsurTech provider to build an omni-channel and bilingual insurance product,...

News4 days ago

THE STRATEGIC ALLIANCE BETWEEN MINSAIT AND AURIGA WILL PROVIDE AN INNOVATIVE OMNICHANNEL PLATFORM FOR A SUPERIOR BANKING EXPERIENCE

Minsait, an Indra company, and Auriga have reached a strategic agreement that will strengthen their position in the digital transformation...

News4 days ago

INFORMAL PUBLIC TRANSPORT: FRONT-LINE MOBILITY HEROES

By Devin de Vries, CEO, Where Is My Transport    Every week, 5 billion commuters in emerging markets have no...

Finance7 days ago

FIXING THE FLAWS IN FINANCIAL SERVICES’ DATA MANAGEMENT

Simon Cole, CEO at Automated Intelligence, a cloud-based data compliance and governance solutions provider to the financial services sector, warns FS...

Business1 week ago

FROM MANUAL TO MACHINE LEARNING: HOW TO APPROACH THE RECONCILIATION ‘PROBLEM’

By Christian Nentwich, CEO at Duco   At the start of 2020, before the global coronavirus pandemic changed the world,...

Trending