By Mateusz Chrobok, VP of Innovation at buguroo
Every industry where business can be done online has seen the speed of digitalisation increase exponentially as Covid restrictions forced people to lead predominantly digital lives – none more so perhaps than the financial services sector. The pandemic has turned more people to online banking than ever before, and fraudsters have quickly exploited this. Indeed, just in the first half of 2020, losses from internet banking fraud were up by 32 per cent compared to the previous year. As we look at 2021, financial institutions need to draw conclusions and focus fraud prevention efforts on the three key trends that will dominate the industry this year.
- Social engineering attacks to target digital novices
The closing of physical bank branches, the limited face-to-face time and the convenience of digital channels have all led to a rapid shift to online banking services. While generally seen as a positive outcome, this can cause particular security problems for customers who have never had to use their computers or smartphones before in order to manage their money. Often these people can be older or simply not technologically savvy enough to recognise social engineering patterns, which aim to persuade a person to perform an action that they otherwise wouldn’t do. Fraudsters feed on inexperience and insecurity. As the pandemic continues to necessitate the use of digital banking services, we will likely see a rise in social engineering attacks targeting these kinds of individuals.
There is another reason why banks should pay attention to their digital novices in 2021. Those who are unsure about their abilities to avoid scams or use online banking tend to look for help from their friends and families often entrusting them with sensitive information such as passwords and logins. Not only does this automatically diminish the security of their bank accounts, but it can also result in them not being able to access their own account, as more and more banks are leveraging behavioural biometrics to detect fraud effectively. Since these systems are usually trained to recognise users based on their unique behaviour and flag anomalous sessions, only the legitimate user should be using the account. This means there is a continued need for banks to build trust, educate their customers about cybersecurity best practices and adapt to ever-changing types of attacks to avoid false positives.
- New account fraud to increase
Another change in the financial ecosystem brought on by the pandemic is around authenticating new customers. With physical branches shut, banks have had to adapt to verifying customer identities solely online. But, as it’s much harder to accurately authenticate a customer you’ve never met, fraudsters are finding a higher rate of success in submitting fake documentation or stolen personal information.
Opening seemingly legitimate bank accounts in order to commit fraud with the help of stolen or synthetic identities is called new account fraud (NAF) – a trend we can expect to hear a lot about this year, as more and more personal data is entering digital spheres. Luckily for banks, impersonating a legitimate person through stolen personal information is becoming a losing game with the proliferation of continuous authentication technologies and behavioural biometrics. As banks can reveal and block fraud attempts automatically, fraud response is gradually moving to proactive prevention.
- New tactics come to the fore to circumvent two-factor authentication
With record numbers of people shopping online, we’ve seen a development in the sophistication of fraudster techniques targeting card-not-present (CNP) e-commerce transactions. SIM swapping scams and phishing attacks are prevalent techniques that attempt to steal one-time passwords (OTP), sent to customers during two-factor authentication. For example, during SIM swapping, cybercriminals get their victim’s phone number switched onto a SIM card that they own instead, which enables them to intercept OTPs in the cardholder’s place. Modern malware such as Cerberus can also forward the OTP through SMS and obtain time-based one-time passwords (TOTP) from applications that keep them secret such as Google Authenticator.
Hijacking OTPs is dangerous, as two-factor authentication is a cornerstone of stringent regulations such as the EU’s Strong Customer Authentication rules as well as the 3D Secure payment protocol in the case of risky transactions. 3D Secure has seen growing adoption in recent times and can be a highly effective method of stopping CNP fraud. Still, as tactics aiming to bypass two-factor authentication continue to evolve and increase, card issuers will need to take extra steps to ensure the people behind the transactions are who they say they are.
As we look at the year ahead, it’s clear that the pandemic has created a plethora of new opportunities for financial fraud. Fighting these will be one of the key challenges that banks will face this year, as well as the most important. With every attack, fraudsters are not only cheating people out of their money, they are also undermining the trust in the entire system. To gain an elevated foothold against maturing fraud, banks will need to step up their authentication strategies to provide automatic fraud response – based on real-time systems – and proactively block attacks. Coupled with the ability to reveal the true identities of fraudsters and the use of relation analysis to catch them before the crime takes place, banks will avoid losses and foster customer loyalty and trust.
WHAT BANKS NEED TO KNOW ABOUT OBSERVABILITY
By Abdi Essa, Regional Vice President, UK&I, Dynatrace
More aspects of our everyday lives are taking place online – from how we work, to how we socialise and, crucially, how we bank. To keep pace, financial organisations have stepped up their digital transformation efforts, supported by a shift to dynamic multicloud environments and cloud-native architectures. However, traditional monitoring solutions and manual approaches cannot keep up with these vast, highly complex environments. As a result, many banks are turning to new, observability-based approaches to understand what is happening in their digital ecosystems. These approaches, however, bring new challenges to overcome.
Here are six things banks need to know about observability to ensure they can gain true value, combat the complexities of their modern multicloud environments, and drive digital success in 2021 and beyond.
- Most banks have very limited observability
The scale, complexity, and constant change that characterises hybrid, multicloud environments presents a real challenge to banks’ IT teams. Our research found that, on average, banking digital teams have full observability into just 11 percent of their application and infrastructure environments – not nearly enough to understand what is happening, and why, across the digital ecosystem. Additionally, 87 percent said there are barriers preventing them from monitoring a greater proportion of their applications – including limited time and resources. Without improving observability across the entire cloud environment – by drawing in metrics, logs, and traces from every application – banks’ IT teams are limited in the success they can have driving initiatives to deliver the new banking products and quality user experience customers want.
- You can’t bank on manual approaches
With many banks beginning to rely on more dynamic, distributed multicloud architectures to deliver new services, IT teams are stretched further than ever. More than a third of financial services organisations say their IT environment changes at least once per second, and 65 percent say it changes every minute or less. This rate of change creates a volume, velocity, and variety of data that has gone beyond banks’ IT teams’ ability to handle with traditional approaches – there’s no time to manually script, configure, and instrument observability and set up monitoring capabilities. The need for automation is therefore critical. By harnessing continuous automation assisted by AI in place of manual processes, teams can drastically improve observability to automatically discover, instrument, and baseline every component in their bank’s cloud ecosystem as it changes, in real-time.
- Cloud native adoption is obfuscating observability
To remain agile and keep up with the rapid pace of digital transformation, banks are increasingly turning to cloud-native architectures. Our research found 81 percent of them are using cloud-native technologies and platforms such as Kubernetes, microservices and containers. However, the complexity of managing these ecosystems has made it even harder for banks’ IT teams to maintain observability across their environments. Nearly three-quarters of banking CIOs say the rise of Kubernetes has resulted in too many moving parts for IT to manage, and that a radically different approach to IT and cloud operations management is needed. Such an approach should be based on a solution that is purpose-built to auto-discover and scale with cloud-native architectures.
- Data silos result in tunnel vision
To boost observability, many banks have simply thrown more tools at the problem. Our research found that most organisations use an average of 11 monitoring solutions across the technology stack. However, more isn’t always better, and multiple sources of monitoring data can result in fragmented insights. This fragmentation makes it harder to understand the full context of the impact that digital service performance has on user experience and unravel the nearly infinite web of interdependencies between banks’ applications, clouds, and infrastructure. Instead, financial organisations should seek a single platform with a unified data model to unlock a single source of truth. This will be integral to ensuring that all digital teams are on the same page, speaking the same language, and collaborating effectively across silos to achieve business goals.
- Observability alone is not enough
Simply having observability doesn’t help banks achieve tangible benefits or reach their business goals. To get true value, the data processed must be actionable in real-time. As such, observability is most effective when paired with AI and automation. This observability enables teams to instantly eliminate false positives, prioritise problems based on the impact it will have on the wider organisation, and understand the root cause of any problems or anomalies so they can resolve them quickly. The alternative is to manually trawl through dashboards and data to find insights, which is incredibly time-consuming and makes it almost impossible to act in real-time. Our research found that 94 percent of CIOs think AI-assistance will be critical to IT’s ability to cope with increasing workloads and deliver maximum value to the organisation. AI is clearly no longer just a ‘nice to have,’ but a business imperative.
- Observability isn’t just for the back end
Far from just having observability of their multicloud environments, banking IT teams also need to be able to see how the code they push into production impacts the end-user experience, and how that in turn affects outcomes for the business. This is a major goal for many CIOs, with 58 percent citing the ability to be more proactive and continuously optimise user experience as a benefit they hoped to achieve from increased use of automation in cloud and IT operations. By harnessing automatic and intelligent observability, banks’ digital teams can unlock code-level insights and precise answers to their questions about user experience and behaviour, so they can continuously optimise their banking services.
Observability is key for modern financial organisations looking to accelerate their digital transformation. By understanding these six key things about observability, IT teams will be better placed to master dynamic, multicloud ecosystems, and drive better digital banking services for the business and its customers.
NEARLY HALF OF BUSINESSES NEED MORE ASSURANCE ON DATA SECURITY TO ADOPT OPEN BANKING
- Financial services businesses in the UK and Netherlands call for better education, training and increased guidance on data security issues to propel adoption
- Study of 800 senior professionals from banks, lenders, personal finance management tools (PFMs) and retailers, in the UK and Netherlands
42% of financial services businesses want better support and guidance on data security in relation to open banking, according to the latest research by open banking provider YTS.
The survey of financial professionals including banks, lenders and retailers, revealed businesses want better education and training, alongside increased guidance, to help reduce fears around the security risks of open banking adoption. Respondents also stated that they wanted this support to come primarily from regulators.
This ranked higher than taking a ‘wait and see’ approach by allowing more time for open banking technology to develop (39%), which has often been cited as a way to assuage data security concerns, but as YTS’ data demonstrates, won’t solve the issues businesses are facing.
Lack of customer and business willingness to accept risks around data security were the second and third most cited factors threatening the progress of widespread open banking adoption, on 27% and 25% respectively. Over a third of respondents (35%) also believe that an ‘unfriendly’ regulatory environment is threatening the progress of widespread open banking adoption.
YTS is calling for the entire open banking and financial services industry to do more to empower businesses to adopt open banking technology, creating a more nurturing environment for the technology to thrive. This can primarily be achieved by introducing better education and accessible, transparent support for businesses looking to adopt the technology. This must be the spearhead of an industry-wide effort to banish myths and create more solid foundations for growth.
Roderick Simons, Chief Technology Officer at Yolt Technology Services comments:
“To fully maximise open banking’s potential, we must all do more to educate businesses and consumers about its security foundation . Open banking means their financial data is more protected than ever, with the individual in charge of whether their data is shared or not and secure APIs preventing risks from unwanted third-party access. We want to work with regulators, financial services institutions, and businesses themselves to lead the way in educating, training, and supporting businesses to overcome misperceptions of open banking. Doing so will unleash the power of open banking and create huge opportunities for both consumers and businesses.
“Once there is widespread adoption and trust in open banking technology, stakeholders across the open banking ecosystem can then turn their attentions to creating an open finance framework that gives consumers the ability to access their entire financial footprint in one place.”
WHAT BANKS NEED TO KNOW ABOUT OBSERVABILITY
By Abdi Essa, Regional Vice President, UK&I, Dynatrace More aspects of our everyday lives are taking place online –...
FINANCIAL SERVICES MUST FIX THEIR MISSED OPPORTUNITY AS CONSUMERS DEMAND MORE ENGAGING DIGITAL EXPERIENCES
Less than one-third (30%) of consumers believe the Financial Services firms they interact with now deliver a better digital experience...
FINANCIAL INCLUSION WITHIN DIGITAL PAYMENTS
NICK FISHER, GENERAL MANAGER, SALES AND MARKETING UK, JCB INTERNATIONAL (EUROPE) LTD. The shift towards an economy that removes...
THE EFFECTS OF JOB HOPPING ON YOUR RETIREMENT OUTCOME
By Neli Mbara, Certified Financial Planner at Alexander Forbes Job hopping – defined as spending less than two years...
VIRGIN MONEY EXPANDS PARTNERSHIP WITH FINTECH LIFE MOMENTS
Virgin Money is expanding its partnership with FinTech data expert company, Life Moments, to focus on the development of the...
THE MAJOR CHANGES SET TO RESHAPE THE WORLDS OF FINANCE AND FINTECH IN 2021
By Michael Magrath, Director of Global Regulations & Standards at OneSpan 2020 was a formative year for the world of...
FORMER HSBC COO JOINS BOARD AT REGTECH DISRUPTER
Andy Maguire takes seat on Napier’s Advisory Board Fast growing RegTech company, Napier, which provides next-generation anti-money laundering (AML)...
DISRUPT TO SURVIVE IN FINANCIAL SERVICES, BUT BEWARE: YOUR TEAM MUST BE IN SHAPE FIRST
Michael Chalmers, MD EMEA at Contino COVID is forcing extraordinary change in the financial services industry. It’s happening fast, already...
NEARLY HALF OF BUSINESSES NEED MORE ASSURANCE ON DATA SECURITY TO ADOPT OPEN BANKING
Financial services businesses in the UK and Netherlands call for better education, training and increased guidance on data security issues...
THE FUTURE OF THE UK’S FINANCE FUNCTION
By Ryan Demaray EMEA MD for SMBs at SAP Concur With businesses feeling the pressure of both the pandemic...
BUDGET 2021: PREDICTIONS
The spring Budget announcement is next week, with the Chancellor Rishi Sunak set to reveal new measures on March 3. After...
CAN SELF-SERVICE BANKING SAVE THE BANKING INDUSTRY?
Mark Aldred, Banking Specialist at Auriga 2021 should be about making the lives of customers easier by tailoring the...
FINANCIAL HEALTH PLATFORM LEVEL SECURES LANDMARK ESG DEAL WITH TRIPLE POINT
First-of-its-kind credit facility will incentivise Level to drive positive financial behavioural change for UK employees Level Financial Technology has...
FORECASTING FINTECH IN 2021
Fady Abdel-Nour, Global Head of Investments and M&A at PayU 2020 will go down in history as a pivotal...
2021 — THE YEAR FINANCIAL SERVICES COMPANIES WILL NEED TO DRASTICALLY RETHINK THE WAY THEY MANAGE DATA
By Douglas Greenwell, Head of Commercial Strategy, Duco There’s no denying that 2020 was a year of historic change...
HOW DO YOU ADAPT YOUR INSURANCE PRICING STRATEGY IN THE FACE OF INCREASED PRICE COMPETITION?
By Ketil Kristensen, Senior Advisor, Insurance, SAS Many countries in Europe have in previous years experienced increased price competition...
THE CHANGING ROLE OF TODAY’S CHIEF FINANCIAL OFFICER
By Laura Wiler, Vice President, Finance and Business Operations at Sage Intacct The CFO role is changing. Today, the...
DATA: THE MUCH-NEEDED PROCUREMENT ADRENALINE SHOT, HELPING BANKS REMAIN COMPETITIVE IN THE RACE FOR INNOVATION
By Toby Munyard, Vice President, Efficio Consulting Like a flip-switch, the pandemic saw many industries pushed over the innovation...
2021 FINANCE SPEND PREDICTIONS
by Andrew Foster, VP Consulting EMEA, AppZen As we enter a new year filled with ongoing change and uncertainty,...
FIVE PITFALLS PROFESSIONAL SERVICES MUST OVERCOME DURING THE PANDEMIC
By Andy Campbell, global solution evangelist at FinancialForce The pandemic’s impact on the global economy has, and is continuing...