Connect with us

Finance

A NEW AGE IN CYBERCRIME: HOW THE FINANCIAL SERVICES SECTOR CAN PROTECT ITSELF AGAINST THE LATEST THREATS

Published

on

Max Locatelli, Regional Director Western Europe at Infoblox  

 

Financial Services (FS) firms have traditionally faced a host of different obstacles when it comes to protecting their users’ data from cybercriminals. With a growing number of regional regulation requirements and laws as well as general security and compliance concerns, the landscape is growing increasingly complex each year. Add to this the many layers of sensitive and financial information that they regularly handle and it’s easy to see why FS organisations have become one of the most high-value targets for those looking to make a quick profit. This was only exacerbated when the pandemic broke out last year.

As office closures took hold and the majority of operations became virtual, many FS organisations were forced to embrace digital transformation at a rapid pace in order to continue to deliver their services and try to achieve some level of “business-as-usual.” As a result, the digital attack surface these organisations had to defend expanded significantly. Individuals moving from centralised locations — i.e. the office — to the edge of the network, brought greater risk and many FS organisations found themselves vulnerable. Meanwhile, innovative cybercriminals were able to adapt rapidly and take advantage of the chaos to launch multiple attacks. In fact, a recent cybersecurity report from Infoblox — released in May 2021 — found that over half of all FS firms (54%) were hit by data breaches during a 12-month period, while nearly half (49%) encountered cloud-based malware attacks.

With hackers getting more sophisticated and a new wave of cyberattacks just around the corner, FS organisations need to act today. If they fail to adapt to the landscape and adopt a proactive approach to cybersecurity, the consequences could be severe.

 

A costly business

For FS organisations, a single data breach can have far reaching consequences. Depending on the severity of the attack, and how much and what type of data is impacted, some might never fully bounce back.

For example, one of the biggest data breaches in recent history involved US-based credit rating agency Equifax. In 2017, due to flaws in the company’s systems, 145 million people’s personal records were compromised by hackers. The breach was sizable but what really made it so alarming was the sensitive nature of the breached data, which ranged from full names and addresses to credit card information. Equifax has now revealed that costs relating to the incident, as well as expenditure on IT and data security, have reached at least $1.35 billion, excluding legal fees for lawsuits.

Equifax is far from being the only company to face severe financial repercussions following a breach. In fact, Infoblox’s report discovered that on average, FS firms that experienced a data breach reported an estimated average loss of roughly $4.2 million. Of course, this goes up if we take into account the unplanned network outages that often follow a successful cyberattack.

Financial repercussions are the top impact of network outage attacks, with 60% of FS organisations agreeing. However, it’s not just the initial cost that victims need to worry about. Almost half (45%) of respondents also highlighted the reputational damage caused by a breach. This can have a long-term impact, both on retaining current customers and the ability to win new ones. In today’s ultra-connected, competitive landscape, it ultimately could be the difference between a business thriving and failing.

 

A new threat landscape calls for a new security approach

With recent research discovering that one in four UK FS workers would like to work fully remote post-pandemic and the vast majority (69%) in favour of a hybrid model – the digital landscape is only becoming more complex. Network architecture will no longer be centralised on a physical campus, with a core data center into which users connect. This requires security practices to adapt to a cloud-first environment. It’s far from surprising that PwC recently discovered that 70% of firms are planning to invest more in cybersecurity over the next 12 months.

In order to make these investments count and defend against the latest and most sophisticated threats, FS organisations must set strong IT foundations for defending the expanded enterprise. One way to achieve this is to use cloud-managed DDI to simplify and scale connectivity across all corporate devices wherever they sit . This integration of Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management (IPAM) into a unified service, is designed with the modern borderless enterprise in mind, to eliminate the management complexities of backhauling traffic through the traditional branch office.

DDI provides visibility into the activities of each connected device — giving networking teams deeper insight into potentially suspicious activities. 90% of malware touches DNS — the first D in DDI — when entering or leaving the network, making DNS a critical detection tool that, when connected to the security stack, can enable stronger threat remediation for FS businesses. Additionally, DDI includes a software-defined perimeter that supports network identity and context for policy rules and their enforcement in security orchestration, automation and response (SOAR); security information and event management (SIEM); cloud access security brokers (CASBs); zero trust; next-generation firewalls and more. Ultimately, DDI enables FS firms to boost control and quickly detect and fix any vulnerabilities, no matter where they originate or where users are based. It could be an invaluable tool in our new hybrid landscape.

Whilst every single organisation operating in the world today is a potential victim of cybercrime, FS firms are a particularly obvious target. In order to avoid the potentially devastating cyberattacks of tomorrow, action needs to be taken today. Cybersecurity today needs a proactive approach that stretches across the extended infrastructure and protects users no matter where they are located. It is only then that FS organisations can truly say that they are adequately prepared for whatever security threat is around the corner.

 

Finance

AIRBANK SELECTS YAPILY TO BUILD A FINANCIAL MANAGEMENT SOLUTION FOR SMBS

Published

on

By

Airbank, a financial management solution for European startups and SMBs, has selected open banking infrastructure provider Yapily to help its users manage their finances with ease.

Airbank provides a simple financial management solution that aggregates all bank accounts in one place and delivers more control, visibility, and automation to modern finance teams. Startups & SMBs use Airbank to access bank accounts, monitor cash flow in real-time, create reliable forecasts, and make business payments.

Airbank matches bank transactions with merchant and category data to give finance teams complete visibility into revenues and expenses, thus helping make their lives easier with cash flow budgeting, forecasting, and reporting.

Yapily’s API infrastructure provides Airbank users with a smooth, simple way to connect to more than 1,500 banks across the UK and Europe including Deutsche Bank, Commerzbank, Sparkassen, Volksbanken and neobanks. Airbank selected Yapily for its strong coverage in Europe, with a specific focus on Germany, France, Spain, and the UK. Yapily’s European bank connectivity enables Airbank’s customers to scale and grow across Europe, delivering forecast visibility anywhere they go.

The partnership with Yapily alleviates Airbank’s customers from spending time and resources managing their finances – giving them direct access to all the financial and contextual data they need in one tool. Historically, most businesses created budgets and cash flow forecasts in manual spreadsheets which is time-consuming and error-prone. With Airbank, customers save time and costs to focus on value-adding business tasks.

The partnership also enables Airbank’s customers to use its data enrichment platform and transaction categorisation engine to turn the raw data from bank accounts into meaningful and actionable insights. Airbank reconciles account balances, forecasts financials and helps business owners make smarter business decisions every day. Harnessing Yapily’s leading open banking infrastructure, Airbank can accelerate its adoption of digital banking services.

Airbank’s vision is to simplify financial management for SMBs and to create a unified platform that helps its users with the full cycle of financial management from cash flow analysis and forecasting, to accounts receivables and payables management, and more. Airbank has raised $3m seed funding from leading VCs, and counts hundreds of users in Germany, Austria, France, Spain and the UK.

Open Banking has enabled smooth integrations with banks, which we utilize to offer richer banking and payments experiences for our users. We’re building a business banking solution that connects all your financial accounts in one place. Our partnership with Yapily gives users a smooth and simple way to connect to thousands of banks in Europe, unlocking real-time insights into their cash flow. We eliminate the pains of finance admin so business owners can focus on what’s really important — growing their business.

Christopher Zemina, Co-founder and CEO of Airbank

Airbank helps simplify the daily routine of banking and finance management for small and medium sized businesses. By leveraging Yapily’s open banking infrastructure, Airbank can provide actionable insights to businesses – at a time where it’s needed. As a small yet fast growing company, Yapily is committed to supporting the SMB community and we are excited to see how Airbank delivers the benefits of open banking to many businesses across Europe.

Comment by Chris Scheuermann, Commercial Lead DACH at Yapily

 

Continue Reading

Finance

AI AND HOW IT’S LEADING THE FIGHT AGAINST FRAUD IN THE FINANCIAL SECTOR

Published

on

Geoff Clark, Managing Director, Aerospike EMEA

Much like many other sectors financial institutions have accelerated their digital transformation projects since the beginning of the pandemic. Lockdown meant that customers could no longer visit local branches or meet in person with their financial advisor. Financial institutions have no choice but to find alternative ways to serve their customers.

We saw banks quickly adapt and improve their automation tools to interact with their customers online.  Technologies that enable chatbots, credit card brokerage, contactless payment cards, digital verification for onboarding, online insurance applications, mobile apps, recommendation engines, robo-investing and robotic process automation (RPA) were just some of the many solutions deployed. Here in Europe, Ernst and Young (E&Y) reported an increase of 72% increase in the use of FinTech apps since the start of COVID-19.

Geoff Clark

Cybercriminals typically opt for the lowest hanging fruit and as financial institutions clambered to expand their digital services the cybercriminals looked to identify and exploit any weakness in the infrastructure providing the backbone for these technologies. Exploiting the vulnerabilities of financial institutions is not new as they have long been a coveted target for fraudsters. In the main, that’s due to the wealth of sensitive personal and financial information they hold. Throw into the mix pandemic relief funds, increased unemployment benefits, and stimulus payments, and you have the perfect playground for fraudsters.

A recent report found that every dollar lost to fraud costs financial service companies as much as $3.78 — an increase from $3.25 in 2019. But fraud’s impact is much deeper than financial loss. It drains company resources to investigate and prosecute fraud, damages reputations, and puts customer retention at risk. For these reasons alone, it is imperative that the appropriate systems and processes are in place to combat fraud.

 

Analysing Fraud

The majority of financial institutions still rely on dated rule-based systems to mitigate fraud risk. These systems can consist of thousands of predefined rules that store, sort, and manipulate data to find fraud patterns. For example, a rule could say, if there is a credit card transaction in one state and another transaction in a different state within a 30-minute time frame, then this is likely a fraudulent transaction and therefore it declines the transaction.

Rule-based systems are static, hard-coded, and time-consuming to update, and are often one step behind the sophisticated techniques fraudsters use. When fraud occurs, the typical response is to create another rule that prevents another attack, but it’s often too late.

Fraudsters continue to find new ways to commit fraud that rules don’t capture.

The trend we’re seeing from financial institutions is to replace rule-based systems with AI and machine learning-based systems as they’re more effective. These systems are largely self-learning and there is so much more data available and the more information they’re fed the more effective they can be. Rather than using tens of data attributes with rule-based systems, AI and machine learning-based systems can analyse hundreds of data attributes over enormous data sets and longer time frames to automatically detect with higher accuracy unusual behaviours that indicate fraud. For example, Barclays Bank has implemented AI systems to detect and mitigate fraud improving the customer experience in the process through the reduction of false positives and false negatives.

AI and machine learning-based systems are heading toward explainable AI (XAI), an emerging sector in machine learning that addresses how AI systems arrive at their black-box decisions. Financial institutions know the inputs and outputs of these systems, but they lack visibility into how they reached the results.

Building XAI into AI systems enables banks to understand how decisions are made and create better models to improve their systems by removing bias. For example, suppose a fraud system declines a legitimate customer’s credit card transaction. In this situation the financial institution needs to understand why the false positive has occurred so it can further refine its model.

XAI also has data privacy in its favour particularly when it comes to compliance. Under the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA)—and with other data privacy laws coming—financial institutions need to comply with specific mandates. They must be able to explain how they use a customer’s personal information and how they came to decision such as declining a credit card transaction. Overlaying XAI on top of their AI systems, ensures they have far great visibility into how decisions are being made by AI/ML systems.

 

Constructing a Fraud System Architecture

To emulate some of the industry’s more innovative organisations financial institutions must understand and pursue best practices when building their AI-based fraud systems. They should work alongside technology organisations but also work with their line of business managers to understand how fraud is impacting their business, what their greatest weaknesses are, how customer satisfaction can be improved, and how they can incorporate customer fraud/risk metrics into their customer analytics to improve their omnichannel marketing campaigns. Customer data collected and analysed by fraud teams are some of the most robust depositories of customer information making them invaluable to marketers.

When looking to build a world-class system, financial services firms should consider the following steps:

  • The fraud system needs to likely consume hundreds of terabytes of data, perhaps even petabytes for the largest firms.
  • Data must be continuously updated in real time from many sources such as internal customer and transaction data from storefronts, web pages, and mobile devices, as well as third-party demographic, behavioural, geo-location, identity management, credit bureau, and other data types.
  • This data will usually need to be prepared, e.g., cleansed, standardised, and normalised, to convert it into a form that AI/ML models can more easily digest and understand.
  • The data needs to move back to the central data platform to be further enriched.
  • At this point those financial institutions can fine-tune the model parameters, test and select the optimal machine learning algorithms, feed them with data to learn the underlying patterns, and validate the model’s accuracy to make good decisions using data that was not part of the training set.

After the above steps are completed and they are satisfied the model can be deployed to act in the microsecond moments that are necessary to fight fraud.

As technology evolves at such a fast pace all organisations must aim to implement a fraud solution that can combat the increasingly sophisticated fraudsters while implementing the following key elements

  1. Large data sets (TeraBytes, PetaBytes) consisting of both internal company data supplemented with third-party data;
  2. Highly optimised and validated AI/ML algorithms that detect fraud and minimise false positives and false negatives;
  3. A real-time data platform capable of running these AI/ML algorithms across enormous data sets in sub-millisecond response times to provide customers with the fast customer experience that they expect.

 

 

 

Continue Reading

Magazine

Trending

Business22 hours ago

OUTSOURCING YOUR IT SOLUTIONS CAN SAVE YOU FROM COSTLY DOWNTIME

Amir Hashmi, CEO and Founder of leading IT and Cloud services provider Zsah, discusses why you need full-time professionals if...

Banking2 days ago

HOW TRADITIONAL INSURERS CAN USE TECHNOLOGY TO IMPROVE THEIR RELATIONSHIP WITH CUSTOMERS

The customer experience with insurance is anomalous, in that one is only required to engage with their insurer if things...

Business3 days ago

THE FUTURE OF CLOUD: HOW TO KEEP YOUR DATA SAFE

By Pete Braithwaite, COO of KIT Online Cloud services are inherently scalable, responsive and flexible. They offer huge flexibility –...

Business4 days ago

ETRADING SOFTWARE AND ARTIS HOLDINGS LOANS ELECTRONIC PLATFORM OPEN FOR BUSINESS

The Bids Wanted in Competition (BWIC) process completes on the WIC trading platform   Etrading Software, the independent, global provider...

Finance4 days ago

AIRBANK SELECTS YAPILY TO BUILD A FINANCIAL MANAGEMENT SOLUTION FOR SMBS

Airbank, a financial management solution for European startups and SMBs, has selected open banking infrastructure provider Yapily to help its...

Interviews4 days ago

COULD YOU PROVIDE US WITH SOME BACKGROUND ON YOUR CURRENT ROLE WITHIN THE FINANCIAL SERVICES SECTOR?

– Shanker Ramamurthy, Global Managing Partner – Banking at IBM, BIAN Executive Board Member   I lead the banking consulting...

Business4 days ago

IT COST MANAGEMENT: 10 STEPS BUSINESSES CAN’T IGNORE

By Matt Dando, Director, Strategic Business Value Consulting at Serviceware   In today’s ever-accelerating digital era, and as we recover...

Banking5 days ago

UNCHARTED TERRITORY: HOW OPEN BANKING CAN HELP BANKS NAVIGATE COVID CHALLENGES

Opinion from Rafa Plantier, Head of UK and Ireland at Tink The last year has propelled banks, businesses and consumers...

Finance5 days ago

AI AND HOW IT’S LEADING THE FIGHT AGAINST FRAUD IN THE FINANCIAL SECTOR

Geoff Clark, Managing Director, Aerospike EMEA Much like many other sectors financial institutions have accelerated their digital transformation projects since...

Banking5 days ago

HOW DIGITAL IS MAKING THE ‘IMPOSSIBLE’ POSSIBLE FOR FINANCIAL FIRMS

  By Lavanya Kaul, Head of Customer Success, BFSI, UK&I, LTI Article synopsis: Focused on the digital transformation of the...

News5 days ago

DANSKE BANK TO BRING DOMESTIC SCHEME, DANKORT, TO APPLE PAY

Danske Bank, Denmark’s leading bank, supported by Nets, will bring Dankort to Apple Pay Dankort is the preferred means of payment...

News5 days ago

TACKLING THE FORGOTTEN PLASTIC PANDEMIC: CLIMATE CHANGE

By Mark Taylor, Group CCO, Waterlogic   Last year the COVID-19 pandemic was, quite rightfully, at the forefront of all...

News5 days ago

CROWN AGENTS BANK ACCELERATES GLOBAL GROWTH AND EXPANDS INTO NEW MARKETS WITH MULESOFT

MuleSoft, provider of the world’s #1 integration and API platform, today announced that Crown Agents Bank (https://www.crownagentsbank.com)  is using MuleSoft to digitally...

Finance5 days ago

THE IMPORTANCE OF ACCURATE AND TRUSTED TIMESTAMPING IN FINANCIAL SERVICES

Richard Hoptroff, CTO, Hoptroff   Recent global financial regulations such as MiFID II require that all stock exchanges, credit institutions,...

Business5 days ago

HOW OPEN DATA CAN HELP FIGHT CLIMATE CHANGE

David Lais, Co-Founder and CPO at Ecolytiq – providing banks and financial institutions with the digital infrastructure for green finance....

Business1 week ago

NOW’S THE TIME FOR THE INFRASTRUCTURE SECTOR TO GET IR35 RIGHT

Matt Fryer, Head of Legal Services at Brookson Legal   The Government’s recently announced £650bn programme of infrastructure works is...

Business1 week ago

MAKING THE MOST OF RPA TO ENHANCE THE CUSTOMER EXPERIENCE

Standfirst: Capturing and analysing business processes should be a prerequisite for any implementation of robotic process automation, argues Dr Gero...

Banking1 week ago

FINTECHS AND BANKING POST-COVID

COVID-19 has forced businesses and society to adapt to new realities. From big-name Wall Street banks to up-and-coming financial technology...

Technology2 weeks ago

WHY AGILE TECHNOLOGY PLATFORMS ARE THE KEY TO EFFECTIVE INNOVATION

Sujit Unni,CTO, Paysafe   A main reason why platform technology can prove to be so effective for a business is...

News2 weeks ago

DIGITAL TOKEN IDENTIFIER REGISTRATION OPENS WITH ETRADING SOFTWARE

Top 100 cryptocurrencies can now be tracked authoritatively using new ISO standard   Etrading Software, through its non-profit division the...

Trending