By Karen Quinn, Head of Marketing at biometric security specialists AimBrain
Technology has embedded itself within our lives: it’s trained to recognise us, second-guess us and make our lives easier. In areas such as biometrics, adoption has been rapid and enthusiastic.
Banks have been early adopters of biometric technology: selfie-enabled mobile banking, document scanning, and other means of user authentication have been actively explored and deployed by many financial institutions. The introduction of the second Payment Services Directive (PSD2) has also increased this technology adoption.
PSD2 and biometrics
PSD2’s Strong Customer Authentication (SCA) is putting technology at the centre of open banking, requiring certain transactions to authenticate using two factors from three; the well-discussed knowledge, possession, and inherence. Biometrics are providing the inherence factor and becoming a familiar and trusted step.
But for all the enthusiasm around biometrics, the implementation hasn’t always been smooth. The trouble with our appetite for technology is that anything less than perfect doesn’t pass muster. When one bank rolled out its customer acquisition programme that onboarded users with document scanning, there were some issues with certain smartphone models – which ultimately required owners of these devices to take photos of their documents with a webcam before uploading them to the online service.
This was a frustrating process for customers, and some went directly to a competitor after a few failed attempts to provide their documents. First impressions matter: technology has progressed to a point where customers have an extremely low tolerance for imperfection – causing banks that fall short to miss out on relationships that might otherwise last decades.
Banking of the future
Newer organisations aren’t bogged down with legacy systems, processes and mindsets spanning several decades. Challenger banks are putting customer experience at the very heart of what they do and designing their services around what the consumer wants today and in the future. This has included simplifying authentication by ditching passwords for facial or voice authentication – although, until now, this has focused almost exclusively on the mobile channel. It’s now easier to access banking services through biometrics linked to your smartphone, but the average consumer now has 3.2 devices. What happens when they’re using their tablet or work laptop or at home? Does fixing one channel represent progress if there’s no continuity or synchronicity across all channels?
Customers demand the same experience and excellence in every way they interact with an organisation. Security is more important than it’s ever been, and the rise of biometrics in mobile banking has been swift and impressive. But unless it’s part of a cohesive strategy to synchronise the experience across all channels, it’s simply another different, disjointed way to reach the same organisation. The customer has to remember passwords, PINs, special phrases and more to access internet banking – and provide telephone banking codes, bill information, and other evidence of identity to reach their bank by phone.
It’s similar to selling a car with a different key for every door: frustrating, inconvenient, and needlessly complex when a master key to open every door would be far more effective. Institutions must be the same brand and adopt the same technologically-savvy, customer-first approach across every channel.
This isn’t always easy. One MIT Sloan report found that “companies with multiple channels to the customer are experiencing pressure to provide an integrated experience” – and that “multichannel services require envisioning and implementing change across customer experience and internal operational processes.”
But times have evolved, and technology can now provide easy ways to deliver an integrated, consistent customer experience. By using a BIDaaS (Biometric Identity as-a-Service) provider, a bank can use an Application Programming Interface (API) to improve security and experience in a consistent way across any channel. AimBrain’s facial authentication technology lets a user enrol on one channel – such as a laptop or smartphone – and then log in using any other channel with a camera. Its voice authentication module lets a customer enrol using one device, then authenticate across any channel that features a microphone. The combined AimFace//LipSync module can be used across any device with both a camera and a microphone to enable a simple, Snapchat-like authentication. AimBrain’s behavioural authentication component also continually analyses in-session gestures and movements – whether via mouse, keyboard, touchpad, screen or phone. As all data is captured (within the bank’s infrastructure), encrypted and converted into a pseudonymised form in the cloud – away from any personal or financial information – the biometric template serves as a digital identity upon which a user can be authenticated across any channel.
This means no more PINs for the ATM, telephone codes for the call centre, one-time passcodes, call-backs, errant SMS codes, online passwords, or physical ID in a branch. The customer’s voice, face and behaviour will be all that’s required however they interact with their bank, which makes for a simple, smart solution to customer authentication that offers a universal key for all doors – and one that can’t be lost or copied.
Banks which focus their efforts on providing such a key will be rewarded; those which continue to patch-fix, upgrading one door at a time, may find that their customers have traded them in for a faster, safer, more modern alternative.
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv
Financial services firms are increasingly being told to embrace disruption in order to compete in a fast-evolving market. But this very disruption threatens to drive a new type of risk: the risk of data loss, service outages and fraud on a massive scale. The resulting hit to the bottom line and corporate reputation may undo all the good work that digital transformation has helped to foment.
As we enter a new decade, banks need to think carefully about how they respond to these mounting cyber-risks, without holding back digital innovation. Cybersecurity, with threat intelligence at its core, must be a central part not just of business strategy but also of corporate culture.
Digital goes mainstream
According to PwC, financial institutions are increasingly migrating infrastructure to public cloud systems, as “digital becomes mainstream” in 2020. These investments are helping to create the more user-friendly services that customers are demanding today. With fintech innovators often leading the way, lenders have invested heavily in mobile app-based services at the front-end and more streamlined processes for opening accounts and other laborious tasks. In the future, it’s predicted that AI and robotics will become commonplace, and that blockchain will disrupt.
However, PwC also warns that amidst all this change, cybersecurity will be one of the top challenges facing financial institutions in 2020. The truth is that financial institutions have always been a main target for hackers — after all, they guard huge volumes of highly sensitive data, as well as money. And as they build out more digital infrastructure, cyber-risk increases unless proper controls are put in place.
What does cyber-risk look like?
The bad news is that hackers have developed multiple ways to get what they want. A typical financial institution’s attack surface covers not just core banking IT systems, but also customer accounts and the wider payment ecosystem. That’s a lot to protect.
Humans are often perceived as the weakest link in the security chain. That’s why attackers target banking customers in raids aimed at accessing their back accounts. Phishing emails, automated tools which try huge volumes of breached passwords (known as credential stuffing), and malware are some of the most popular mechanisms for account takeover. In fact, earlier this year Blueliv’s threat researchers noticed a 283% increase in activity linked to Trickbot, one of the key botnets used to spread a banking Trojans designed to compromise customer accounts.
Humans are also targeted inside banks themselves. Phishing emails sent to employees are a common first step in potentially sophisticated multi-stage attacks designed to illegally transfer huge sums of money or steal large data troves. Other threats to banks and their customers come from ransomware and DDoS, designed to extort money and deny critical services, and attacks aimed at harvesting payment card details — either from POS systems in retail and hospitality outlets or from e-commerce sites.
Money, money, money
If any indication were needed of the riches to be gained from targeting financial institutions, it’s the relatively large number of sophisticated attack groups that have emerged over recent years. The Carbanak/Cobalt gang is believed to have stolen $1.2 billion from over 100 banks in 40 countries, installing malware internally via phishing emails which either dispensed cash via ATMs or facilitated illegal SWIFT wire transfers, for example.
Others include Dridex, the group behind one of the most prolific banking Trojans ever created, and the North Korean state-backed Lazarus Group, which is thought to have been responsible for the audacious $81 million cyber heist at Bangladesh Bank.
As for the victims of such attacks, there’s a host of potential knock-on effects that can undermine financial stability and customer confidence. There are costs associated with: investigation and remediation of the incident itself; customer notification and possible credit monitoring; and business interruption, if services are taken offline. Legal costs may follow if customers take their bank to court and there may be follow-on fraud attempts to tackle. Then there are the less immediate impacts such as regulatory fines, declining share price, damaged reputation and customer churn.
The latter risk is particularly acute given the UK’s new Open Banking environment, in which a new breed of fintech start-ups are entering the market. More than ever, banks have to prove that they can offer their customers value, and keep their data and finances safe.
What happens next?
The bad news is that attacks are on the rise. The number of cybersecurity incidents reported to the FCA jumped by 1000% between 2017 and 2018. But there are things financial institutions can do.
A layered approach to security is required, promoted from the top down by engaged executives. Company-wide security awareness training is also essential: even by spotting and reporting phishing emails more effectively, staff could transform from being the weakest link to a formidable first line of defence against attacks. Tried and tested incident response plans are also essential: it’s inevitable that hackers will eventually target an organisation, so best be prepared.
Most importantly, banks need to improve their threat intelligence. Systems powered by accurate, real-time data from multiple sources can enhance decision making, improve the resilience of existing cyber-defences, automatically block attacks and support incident response. They can also scour dark web marketplaces to alert security teams if customer card data or user logins are about to be traded by cyber-criminals.
With this in place, banks can move from a reactive to a proactive security posture, hunting down those who seek to do them harm, cancelling cards and resetting passwords before an attack can even be monetised. Collaboration within and between organisations is also key. The bad guys are past masters at sharing information and expertise to get what they want. It’s time the security teams within our banks did the same.
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank
Myanmar’s economy is one of the fastest growing in Asia and presents a dynamic business environment for international investments and business. But it is not without its problems. High interest rates, fluctuation and instability of the local currency vs the dollar exchange rate can all present difficulties.
The lack of a centralized scoring system has led to problems with verifying credible candidates for access to finance options. With many companies indebted to banks and unable to repay their overdrafts this has led to high non-performing loan ratios. There is a real need for companies to agree a timetable to repay these loans, as this affected the long-term security of the banking system.
Opportunities provided by new technology
There are 53 million people in Myanmar and by 2030 and the smart phone user rate is constantly increasing. The digital technology sector in ASEAN could be worth up to US$625billion, which represents 8% of the region’s entire GDP. To reach this, our region must establish cohesive regulatory frameworks for the delivery of new services, which includes the development of Fintech.
Banks and financial institutions play a key role in the transformation in market economies. Fintech is largely an untapped market within the ASEAN region. This is where the financial sector should focus its opportunities and increase awareness and understanding of digital banking, e-commerce and online business.
Is cash still king?
In an economy where 99% of all estimated transactions are cash, the future of banking still lies in digital. Only 23% of adults have a bank account which presents some challenges to the finance industry in Myanmar. Branch penetration across all banks in Myanmar is less than 10 percent which equates to 3.8 branches per 100,000 people, with the global average a lot higher at 11.7 per 100,000.
However, smart phone penetration is at its highest rates, with an estimated 80% of adults having access to the internet. Data usage across the country on a par with more developed European countries. This leads to a strong shift towards the digitisation of products and services from banks throughout the country.
In countries such as China the increase of smart phone penetration has driven the requirement for more mobile payment options, and I’d see the development in Myanmar to be similar. Smart phones have opened new avenues of integration to financial services such as new apps and services.
Digital wallets and lifestyle mobile apps, like Onepay, are on the rise and enable the unbanked population to perform mobile transactions. Most banks in Myanmar are seeing the change and creating their own versions of e-wallets, such as KBZ Pay, MAB Mobile and Onepay supported by its banking partner AGD Bank.
Digital wallets offer a lot more security for their users, as there’s no need to carry large amounts of cash around. Mobile, or digital, wallets also help the unbanked population establish a credit rating in order to access finance. For example, AGD Bank use the data from their usage to establish credit scores for future use, or similar to use the data to cross-sell other banking products.
But retail businesses and merchants are benefitting too from the development in new technologies. Both electronic and physical merchants are now all accepting card payments through Visa, Mastercard, UnionPay or MPU. With applications like AGD Pay, the first QR payment application in Myanmar it has opened access to more access to mobile transactions.
The rise of new technologies in Myanmar has led to a new trend of mobile payments, with explosive growth of mobile and internet penetration that is making a huge impact on the financial services sector. Merchants will be able to offer users a secure and easy way to pay for goods and services as well the ability to add or withdraw cash to and from their e-wallet.
The future of banking
Banking in Myanmar is constantly changing, and I expect this to continue in the future. It’s looking good and I predict that we’ll be seeing an increasing amount of the population gaining access to financing.
In June 2019, International banks were granted licences to begin retail banking in Myanmar, and whilst I don’t necessarily see International banks opening loads of branches as it’s a very long process to get the licence, I think they’ll start looking to local banks to start new partnerships.
Whilst the opening of International bank branches will present some competition for local banks, we don’t see it being with our retail customer base. Local banks have the knowledge and a solid branch base which benefits our customer relationships going forward.
The Myanmar banking system has always had the willingness to develop and invest in new technology and we’re already seen
AGD bank is already seeing a strong shift to the digitalisation of products and services and I expect this to continue for some time.
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv Financial services firms are increasingly being told to embrace disruption in order...
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank Myanmar’s economy is one of the fastest growing in Asia...
WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION
Chris McLaughlin is chief product and marketing officer at Nuxeo Few would argue against the notion that the UK...
WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?
By Roberts Lasovskis, Investment Platform Lead, TWINO It’s a new year; time for resolutions and forward planning, positivity and...
WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK
Aaron Brooks, Co-Founder of Vamp For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...
DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET
Graham Glass, CEO of Cypher Learning What has enabled Cypher to continue to grow in an increasingly saturated market?...
WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?
By Ken Timsit, ConsenSys Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...
FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS
Rahul Singh, president of financial services at HCL Technologies We’ve just finished a very exciting decade in financial services, with new...
COMBATING INSURANCE FRAUD WITH MACHINE LEARNING
By Georgios Kapetanvasileiou, Analytical Consultant at SAS Most insurance companies depend on human expertise and business rules-based software to...
DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS
By Mike Smith, Executive Director, Virgin Media Business (Direct) Is there anything more frustrating than finding out your bank account...
BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND
battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...
VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES
HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach Leading customer onboarding and KYC technology...
WHY NEOBANKS ARE ON THE RISE IN THE UK
New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...
RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020
Marie Tatibouet is the CMO at Gate.io It has been a bold and progressive year for the digital asset...
WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?
Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....
HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?
By Steve Georgiou, Business Consultant at Xpedition Charities are under constant scrutiny for how they handle their finances. Budgets...
RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS
By Alex Balcombe, Partner at Harris Balcombe John Lewis, Tesco, and Hotpoint have all been in the news in...
THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN
Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...
MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION
New online portal leverages low-code’s speed and flexibility Mendix, a Siemens business and the global leader in low-code and...
RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED
By Gerard Visser, Financial Planning Consultant at Alexander Forbes There are a number of ways to save and a...