Connect with us

Top 10

TIME TO TAKE A SECURITY-FIRST APPROACH TO APIS IN INSURTECH

By Olaf van Gorp, Perforce Software

 

Insurance is one of the latest sectors to start to benefit from advancements in digitalization. A big part of insurance’s digital transformation is the increasing use of APIs, bits of software that connect different services and apps — whether internally or externally — to connect in a friction-free way. Part of the whole open finance movement, APIs remove the need for complex and costly integrations between disparate systems and networks.
Insurers and associated third parties benefit from being able to share data more easily, processes happen faster, workload and unnecessary costs are reduced, and customers get faster response. It’s an all-round win.
However, while one of the reasons for using APIs is that they provide a controlled route to share confidential and sensitive data, APIs can also potentially introduce risk. If an API contains a vulnerability, then that can lead to problems, including cyberattacks and data breaches. Furthermore, once an API is published, there is usually little or no time to remedy the situation.
To understand how easily these weaknesses can be introduced, let’s look at how APIs are created. First, development has always been the point at which vulnerabilities are inadvertently introduced, potentially leading to issues further down the line, including performance and security problems. Second, development teams have traditionally worked siloed from the rest of the business (even from their colleagues in the IT operations team), with little visibility into their work. Plus, traditionally, security has not been their focus: that was something for the QA or test manager to worry about later.

Olaf van Gorp

That culture is changing, particularly with the DevOps movement, whereby the barriers between development and operations teams is broken down, and they work in a more collaborative way. However, with the understandable emphasis on getting an API published as soon as possible, security often still takes a backseat.
Finally, APIs are being created by a much wider group of people (including external agencies), not just software developers. That is good and bad: it makes it easier to keep up with the demand for APIs, but the new breed of API creators may not be trained software engineers, and arguably even more likely to introduce vulnerabilities.
So, what is the solution to this dilemma? APIs are an integral part of the entire financial sector’s future, but they have to be secure. Fortunately, there are some ways in which their security can be improved.

Four ways to improve API security

ONE – create a security-first mindset – get everyone on board on putting security in the spotlight, rather than an afterthought. Bake security into development processes and throughout the API’s entire lifecycle. Make sure everyone understands their roles around risk mitigation, including external contributors. Consider investing in security training for anyone responsible for API development.

TWO – go the extra mile – some compliance and standards already address API security. For instance, in Europe, the banking sector’s PSD2 requires security measures at the API level. In insurance, the NAIC Registry in the USA is putting more emphasis on API security and overall management, with automated filing of standard reporting documentation from insurance providers to meet state-level compliance. We are likely to see more API security requirements worldwide and within all aspects of finance, including insurance. However, open finance standards have a specific scope, and there are other security measures that can be adopted to further reduce risk. A good source is the OWASP API Security Top 10, which covers the most common API vulnerabilities and ways to prevent them.

THREE – put the brakes in place – comprehensive security processes need to cover all deployment and approval processes, people and teams. They should cover: authentication, authorisation, malicious pattern detection, message content security, and rate limiting. An API should also not be published without time-stamped approval from an authorised person, and this is typically a combined manual and automated process, involving the software development’s Continuous Delivery/Continuous Integration pipeline. Finally, make sure that there is a clear audit trail, so that if a problem occurs in the future, it can be traced back to root cause.

FOUR – reduce human intervention – automate security policies as much as possible, because this will not only reduce the risk of manual error, it will also help prevent security becoming a bottleneck. Introducing an API gateway will help achieve this, as well as making it harder for people to switch off security policies at will. Make sure that the chosen API gateway can operate with external contributors, as well as support all the main types of API, and deal with high volume. People still make the final decisions, but automation is the workhorse.

Take away security from developers
This may sound counter-intuitive to what is happening in other parts of software development (especially the Shift Left movement whereby software developers are taken on more responsibility for testing), but take away security from developers. Instead, leave API product managers, security specialists and other people to keep watch on API security. Use software tools to continually inspect code so that any issues are found early. Again, this can be a largely automated process, with humans then taking action depending on the results.
APIs are transforming financial services of all kinds, opening up faster and more efficient ways to communicate. By making security a priority across an API’s lifecycle, this will make it easier to reap the rewards of APIs, to reduce costs, speed up processes, and keep customers satisfied.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

WHAT’S NEXT? PAYMENT TRENDS IN 2021

Philip McHugh, CEO at Paysafe

 

Undoubtedly COVID-19 is going to continue having an impact on us all at least for the next few months and maybe all of this year, but there are still reasons to be optimistic. The industry continues to evolve quickly, and that in mind, here’s five of our predictions to watch out for in payments in 2021:

 

1. New consumers to online change the digital payments landscape

As more consumers headed online during the first wave of COVID-19, businesses noticed that their customers were also paying differently. Three quarters (76%) of the businesses we recently asked for our Lost in Transaction research report series said that consumers were using different payment methods during the pandemic, with the increased use of digital wallets being the most common. Having more customers that were new to eCommerce, and customers now shopping regularly with businesses that they were not comfortable sharing their financial details with, were key reasons for this.

Consumers confirmed this was true. When we asked in April, 18% of consumers told us they shopped online for the first time during the pandemic. With 38% of consumers telling us they are planning to shop online more even when COVID-19 is no longer a factor in their lives, we should see this shift to alternative payments continue.

 

2. SCA will drive mass adoption of biometric authentication 

Perhaps the first factor to shake up the payments industry in 2021 is going to have the greatest impact of any trend we will see in the coming year. That is because, after a series of extensions, the deadline for PSD2 Strong Customer Authentication is fast approaching. From December 31 2020 any transaction that isn’t verified by multi-factor authentication will be automatically declined.

One of the inevitable consequences of this is going to be a huge increase in the use of biometrics to verify payments. With the growth of mCommerce that we have seen before and during COVID-19, it seems very likely this will accelerate beyond predictions made at the initial SCA deadline in 2019. Juniper Research has already predicted that biometrics will be used for more than 18 billion transactions in 2021, with a value exceeding $210 billion in 2021.

 

3. A renewed focus on 5G

The importance of 5G and the growth of the IOT was another prediction we made for 2020. But while the impact of the pandemic has been to accelerate many of the trends we expected to see, perhaps one area where the pandemic has actually slowed adoption is the growth of 5G. With consumers spending so much time at home, appetite for personal 5G-enabled devices has been limited.

But at the same time, the need for the in-store shopping experience to be as frictionless as possible is now more important than ever. Almost half (46%) of businesses told us that they had lost sales in 2020 because their checkout times were too slow. So the use of 5G technology to overhaul the checkout will be back at the top of retailers’ agendas.

Almost half (47%) of stores told us that 5G will mean the end of the traditional checkout, and more than half (53%) believe that Amazon-Go style frictionless checkouts are the future of retail. Omnichannel experiences where consumers shop in a store and then pay via a digital checkout on a smartphone app are also on businesses’ radars.

 

4. A surge in subscription models

Almost one fifth (18%) of stores told us that they had launched a subscription services during the pandemic, and this is not only a result of business need but also customer demand. Overall, 27% of consumers told us that they were already planning to increase the number of subscriptions they had in the future, and this rose to 37% for consumers aged 18-34.

The growth will not be limited to digital either. Pret A Manger recently launched the first in-store coffee subscription service in the UK, and we expect to see similar models populating malls and independent stores soon.

Also, only the initial purchase of a subscription is subject to PSD2 multi-factor authentication. So for some businesses, launching a subscription service may be a way to reduce friction in the online checkout.

 

5. AI and machine learning as the cornerstone of fraud prevention

We’ve known about the importance of artificial intelligence (AI) and machine learning to financial services for years, but in many cases the industry has been slow to implement the technology. With the sophistication of financial crime increasing, and the growing concerns of consumers of being a victim of fraud, it is no surprise that adoption is now accelerating rapidly.

Banks have currently spent as much as $217bn on AI applications already, and in 2021 AI and machine learning based systems will be the standard in fraud prevention.

 

Continue Reading

Top 10

THE TOP 5 CRYPTO EXCHANGES IN THE WORLD YOU SHOULD KNOW ABOUT

Introduction

Crypto Exchange is a very important part of the Cryptocurrency EcoSystem. Crypto exchanges are the platform where transactions take place. You can also purchase Bitcoins in crypto exchanges.

It is a marketplace in the digital sphere that allows traders to purchase and sell Bitcoins. Do note that fiat currencies and altcoins can also be used in crypto exchanges. Since you have clicked on the link to this blog, there is a high chance you are a Bitcoin investor, or you are someone who likes to keep a keen eye on the crypto space.

And why should you not? Given all the buzz that cryptos are making in the financial markets. Bitcoin is the most famous cryptos, so I will be talking only about bitcoins in this blog for the sake of convenience.

 

Crypto Exchanges 101

A Crypto Exchange’s primary objective is to act as a broker and bring a buyer and seller to one place. It is pretty much like a traditional stock exchange; the only difference is that everything related to crypto exchanges happens digitally.

However, the process is not that different. On Crypto exchanges, traders have the option to sell and buy Bitcoins after inputting a value or order. When a trader selects the market value, the crypto scans the best market value available for the Bitcoins and presents it to the trader. Visit daily profit to start investing.

In order for a trader to transact in bitcoin, he needs to get himself signed up with the exchange platform. And then go through the various amounts of verification procedures. Once the trader has successfully verified his identity. He can start trading. But before that, he needs to transfer his fiat currencies to Bitcoins, and only after that, he can buy Bitcoins.

The currency exchange methods vary from exchanges to exchanges. Some allow users to transfer it via wiring through the bank; some well-established exchanges allow a direct transfer from the bank. Some allow the use of credit and debit cards.

 

Features of a Crypto Exchange

Crypto Exchanges have a lot of features that will ease up your transaction process.

  • Crypto Exchanges are decentralized – Decentralised means it operates without any governing body. There are no intermediaries in between. It offers peer to peer trading without having to show an account of your spending to the regulatory body.
  • Low Processing Fees – As crypto exchanges are decentralized, it is a peer to peer connection.

 

The Top 5 Crypto Exchanges In The World You Should Know About

There are more than a thousand crypto exchanges; trying them out one by one will take a lifetime. So as a crypto investor, I have personally selected the top five most popular crypto exchanges that you ought to know about.

1.    Gemini

The most widely used Crypto exchange on the face of the Earth is Gemini. It is perfect for all the major cryptocurrencies, but when it comes to Bitcoins. The only little drawback that I find in Gemini is that it asks for way too much personal information.

2.    Etoro

Etoro is more of a financial trading service than an actual crypto exchange, but it is worth talking about nonetheless. Crypto investors hold this app in high regard; it has a very good reputation. It has very high processing fees, which may annoy some traders.

3.    Kraken

When it comes to security, none can match Kraken. Apart from that, it has a very big user base. And it also charges very low transaction fees. A handful of traders do not like Kraken as it does not offer the best customer support services.

4.    Binance

Unless you had been living a rock, you must know Binance. Binance is the go-to crypto exchange. You get to see the ads of the Binance app over the Internet a lot. Binance gives you the added advantage of trading huge amounts of cryptos in a single time. Binance is only meant for experienced traders. It is not recommended for newbies.

5.    Coinmama 

Coinmama offers very strong security. The UI is user friendly. The best part is the customer support. I personally like Binance the most because it takes a step further and makes sure that proper security measures are implemented and add to that its classy user interface.

Many traders may not like Coinmama as the significant-high processing fees.

 

Final Words

There you go, there was the list of top 5 crypto exchanges. Please invest your money at your own risk. You should have a very strong knowledge of the crypto market before investing. Otherwise, you may face huge losses.

 

Continue Reading

Magazine

Trending

Banking8 hours ago

WHY AGILE, SCALABLE DATA MANAGEMENT IS KEY TO DIGITAL BANKING

By Jason Hand, Global Account Executive – Enterprise Sales, Commvault   Back at the start of 2019, before we’d ever...

Wealth Management9 hours ago

WHAT LIFESTYLE DO YOU WANT IN RETIREMENT?

By Jaco Prinsloo, Certified financial planner, Alexander Forbes Financial Planning Consultants   The answer to this question will be different...

News1 day ago

BRICKENDON STRENGTHENS SENIOR LEADERSHIP TEAM, PROPELLING FURTHER GROWTH IN 2021

Transformational consultancy appoints new Director of Financial Services, Strategy & Business Development alongside a series of senior promotions   Brickendon,...

Finance1 day ago

WHAT’S NEXT? PAYMENT TRENDS IN 2021

Philip McHugh, CEO at Paysafe   Undoubtedly COVID-19 is going to continue having an impact on us all at least...

Top 101 day ago

THE TOP 5 CRYPTO EXCHANGES IN THE WORLD YOU SHOULD KNOW ABOUT

Introduction Crypto Exchange is a very important part of the Cryptocurrency EcoSystem. Crypto exchanges are the platform where transactions take...

Finance3 days ago

FIVE TRENDS THAT WILL IMPACT THE FINANCIAL SERVICES INDUSTRY IN 2021

Ian Johnson, Managing Director Europe at Marqeta   Coronavirus has shaken things up across all industries, and financial services is no...

Wealth Management4 days ago

CHECKLISTS FOR CHOOSING A CORRECT TRADING MENTOR

The trading mentor should be proficient in the particular field and have proper cognition about the field. The duty of...

News4 days ago

FUNDS’ RUSH TO THE CLOUD MUST NOT BE A BOX TICKING EXERCISE

By Ed Gouldstone, Global Head of R&D for Asset Management at Linedata   The fund management industry has held up...

News4 days ago

MORE THAN HALF OF EUROPEAN SMES CONFIDENT IN 2021 BUSINESS RECOVERY

Finland most confident in Europe followed by France, UK and Germany – Spain, doesn’t show the same optimism Hope for...

Business4 days ago

BOUNCING BACK IN 2021: DIGITAL TRANSFORMATION IS NO LONGER A CHOICE AS DEPENDENCE ON 5G, IOT AND DATA INCREASES IN SOCIETY AND BUSINESS

Ivan Ericsson, Head of Quality Management, Expleo Group Limited   The global pandemic has put enormous strain on businesses and brought into...

Finance4 days ago

2021 IS THE YEAR FOR DIGITAL WORKFORCE MANAGEMENT IN FINANCIAL SERVICES

By Tyler Suss, Product Marketing Director at Kofax   Even before the pandemic, the UK financial services sector viewed digital...

Finance4 days ago

WHAT’S IN STORE FOR PAYROLL IN 2021?

Simon Parsons, Director of Payments, Benefits & Compliance Strategies, SD Worx UK   Payroll teams have recently faced up to the...

Technology4 days ago

DRIVING DIGITAL TRANSFORMATION IN 2020

by Andrew Foster, VP Consulting EMEA, AppZen   As organisations adapt to dramatic changes in working practices, the need for...

Finance4 days ago

PAYMENTS MODERNISATION – STRATEGIC PRIORITIES FOR FINANCIAL INSTITUTIONS IN 2021

Dudley White, SVP, General Manager, Financial & Risk Management Solutions, Fiserv   As the steady march toward payments modernisation continues,...

Business4 days ago

THE FUTURE OF SAVVY TECH PURCHASES IS KNOWING WHEN TO BUY

There’s no mistaking the impact technology has had in our lives. Once a novelty, technology has now infiltrated every aspect...

Wealth Management4 days ago

WHAT CAN WE LOOK FORWARD TO FOR EARLY-STAGE INVESTMENT IN THE COMING 12 MONTHS?

By Chantelle Arneaud, Envestors   What can business owners expect in the early-stage investment space in 2021? Having faced the...

Business4 days ago

PROPER ESTATE PLANNING IS ESSENTIAL AMIDST COVID-19 PANDEMIC

By Christel Botha, fiduciary services manager at Alexander Forbes   Paperwork and thinking about one’s death are both probably equally unpopular,...

News5 days ago

WHY BIOMETRIC CONTACTLESS CARDS WILL SOON BECOME THE NEW STANDARD

Payments should be time convenient and secure at the same. Biometric contactless cards not only meet these standards, but go...

Finance5 days ago

5 ACTIONABLE INSIGHTS FOR PRIVATE INVESTORS IN 2021

By Ben Hobson, Markets Editor, Stockopedia    COVID-19 has been a wake-up call for businesses and investors alike. Few could imagine...

Finance5 days ago

2021 PREDICTIONS: OPERATIONAL RESILIENCE TAKES CENTER STAGE

Brian Molk, Fusion Risk Management   Breaking down barriers between Risk and Business Continuity   What a year! Simply put,...

Trending