Connect with us

Finance

CFOs – the forgotten ally in the fight against ransomware

Published

on

Justin Vaughan-Brown, VP Market Insight at Deep Instinct

 

Ransomware attacks have nearly doubled in the past couple of years. According to a new report from an international law firm the number of ransomware attacks reported to the Information Commissioners Office (ICO) went up within a year from 236 to 654 in 2021.  With threat actors using increasingly advanced methods to launch attacks, organisations are too often financially unprepared when disaster strikes.

Apart from taking a mental toll, cyber-attacks put significant financial burdens on an organisation. Our own research among the C-Suite and IT security decision makers revealed that last year, UK-based organisations paid an average ransom of £3 million. While the decision to pay the ransom should fall on the shoulder of CEOs and CFOs, in many cases the latter were side-lined from the decision-making process. In only 14% of cases, financial officials play an active role in making final decisions around paying ransoms. This is an alarming proposition, as ransomware at its core is a financially motivated attack.

The unmasking of this vast disconnect in ways that the management team determines the risks and aftermath on their organisations after a cyber-attack, reveals a potentially risky misalignment of understanding and priorities when it comes to securing their organisation. So why do CFOs feel that their organisations are not prepared to face a cyber-attack and how does the CFO’s perception of the company differ from that of the CEO?

Justin Vaughan-Brown

Why do CFOs feel their firm is ill-prepared against cyber-attacks?

One of the core challenges is the financial cost gap between those willing to pay a ransom and those who paid a ransom. Those who were willing to pay a ransom demand vastly underestimated the cost. For example, respondents who would be willing to pay a ransom in the future, estimated that the pay-out would cost, on average, £760,000; however, in reality the average amount paid was four times higher – standing at £3 million. In addition, it was revealed that only 32% of organisations were able to recover their entire data and show positive outcomes after the ransomware attack.

While CFOs of a company play a major role in boosting the morale of an organisation, CEOs are expected to exude confidence in their organisation. If CFOs do not assume their place in the team to help fight cyber-crime, then the organisation develops a false sense of security. This leads the CEOs and other members of the organisation to believe that they can effectively fight malware gangs.

Due to the plummeting number of financial officials being involved in the risk assessment of cyber-attacks on their organisation, fewer and fewer CFOs feel confident enough to state that their organisations are prepared to withstand a cyber threat. CFOs have also been excluded from making the decisions of paying ransom to malware gangs despite it being a financial issue.

For example, 56% of respondents stated they had paid the ransom to recover their data, with only 14% claimed that their CFO had made the decision – in the other 29%, the CEO had been in charge. Given the fact that there is a true monetary risk to such decisions, it’s essential that CFOs and financial executives should have a critical role in these decisions.

Moreover, only 12% of CFOs are actively involved in the risk management processes and hence only 14% feel their organisation is prepared to withstand a cyber-attack. On the other hand, 63% of CEOs are under the impression that their organisation is well prepared for it.

A wake-up call for the exec suite

From the organisations we spoke to, nearly two-thirds of the respondents confessed that their business had endured a ransomware attack. With the increasing number of cyber-attacks, it has become essential for an organisation to assess the impact a cyberattack may cause. Threat actors provide no assurance that all the data that has been encrypted will be returned even after a ransom is paid. In such cases, it would be important to have an estimate on the losses incurred.

Only 38% of respondents seemed confident in evaluating monetary value to the data within their organisation and analysing the potential impact of the loss. But 48% of organisations revealed inadequacy and inaccurate assessment of the cyber-attack and in some cases, no assessment at all.

Firms should initially analyse the monetary risks of a ransomware attack and response accurately to understand the true cost of any decisions, or else they will fall into the pit of false security after the true cost of the ransom is revealed. It’s imperative that senior executives at all levels should be a part of the ransomware response strategy and all relevant decision-making processes. Afterall, they all have a role in making sure that the business is buoyant and prepared in the face of adversity.  Otherwise, organisations will continue to fill the pockets of cybercriminals, while incurring huge losses themselves.

Finance

In-Store, Online & In-App – Unifying Payment Authentication

Published

on

By

Michel Roig, President of Payment and Access, Fingerprints

 

Often, new technologies are lauded as the death of existing ones. This has been undoubtedly true in some areas. Think audio cassettes and CDs, Betamax and VHS, fax machines and email… and a host of other examples. Sometimes the market and product vendors can influence this decision but, mostly, consumers decide which technologies win based on the value they bring to their everyday lives.

Often though, new technologies coexist with, and complement, existing ones. This is very much the case in the payments ecosystem. The advent of mobile payments had many claiming the death of the humble payment card. In a world still using cheques and with significant innovation happening across both mobile and card payments, the card is not going anywhere for the foreseeable future because consumers choose different payment methods based on different situations and preferences.

But, as new payment methods are made available to consumers, and each keeps evolving, the payments ecosystem needs to ensure that the security, convenience and user experience is consistent. This blog will trace the adoption of card and mobile payments, discuss the need for strong authentication and highlight the role biometrics is playing in enabling unified experiences for consumers.

Card & mobile payment adoption

There is still a mix of how consumers make in-store payments today. For example, Fingerprints research found that more than 70% of consumers elect to use their cards most often, compared to less than 5% choosing their smartphones.

But mobile contactless is growing. Mobile payment experience enabling the same (or better!) convenience of traditional card payments, with additional security and more opportunities for richer experienced and value added services like loyalty and discount integration. Because of this, for example, last year the U.S. saw in-store grow by 29%.

Additionally, we can consider in-app and online mobile payments. Allied Market Research reports the global in-app purchasing market size was valued at $76.43 billion in 2019 and is projected to reach $340.76 billion by 2027, growing at a CAGR (compound annual growth rate) of 19.8% from 2020 to 2027.

Safety first, right?

It’s clear that contactless transactions are growing, but safety is still a concern for a lot of consumers, particularly with cards.

Consumers around the world have come to love the convenience of contactless. While 77% of consumers use contactless regularly, half are worried about the lack of security if their card is lost or stolen and around a quarter are confused about spending limits.

And even as contactless use was rocketing, fraud was a cause for concern. According to UK Finance’s latest Annual Fraud Report, lost and stolen card fraud incidents increased by 1% between 2020-21, despite this being a time when normal high-street shopping habits were drastically altered due to pandemic restrictions. Worryingly, the same report highlighted that when pandemic restrictions were eased in late 2021, contactless fraud on payment cards and devices went up 20%.

Historically, the authentication methods for card, mobile and online payments have been diverse and inconsistent. Biometrics is helping to unify, strengthen and simplify the payment authentication process, no matter where or how consumers choose to pay.

Biometrics bringing benefits

One innovation helping consumers – that increasingly demand more convenient, secure and hygienic payment experiences – is the addition of biometrics to strengthen and unify authentication.

After over a decade of integrations, mobile is the most mature and established market for consumer biometrics, and we now estimate that more than 80% of smartphones sold now incorporate some form of biometric sensor.

Recently Fingerprints celebrated that its own sensors have been integrated in more than 650 mobile device models globally, in nine out of the top ten smartphone OEM brands. But this is by no means a static market.

Crucially, continued adoption is being driven by innovation. Ongoing R&D on the biometric sensors and software are enabling biometrics to support broader product development and innovative use cases. This is supporting ongoing mobile adoption and diversification into other devices like payment cards.

Ongoing momentum is down to biometrics’ fundamental benefits; the technology’s ability to strengthen security and authentication while maintaining or even improving the user experience by removing the need to enter PINs and passwords.

Unifying the authentication UX

On top of these core benefits, biometrics can also help banks and card manufacturers to harmonize the payment authentication experience. Consumers are already used to unlocking their smartphone with a fingerprint sensor. With mobile payments and banking apps on the rise, biometric authentication is now increasingly common in consumer finance.  By offering biometric technology in payments cards, banks can offer their customers the same convenience and security they are used to from their mobile and in-app transactions.

Not all consumers pay for items in the same way, so the important factor is to offer trusted options that help a wide range of users. The addition of more secure authentication to cards is therefore a logical development in order to cater to the requirements of the less tech-savvy individuals all the way through to the digital natives.

Evolution not revolution

So, it is not a question of new payment technologies replacing existing ones. Technology evolves, yes. But cards are not static and, for many, will continue to be the default method of payment. For others card, mobile contactless, online, in-app and others all have a time and a place.

Moving forward, banks and other issuers can support customers by adding strong authentication to the ‘tap’ of contactless to bring it in line with mobile and in-app payments. Alongside added protection reducing fraud risks and lost revenue, it provides the convenience of avoiding contactless limits – and the confusion they can bring – altogether.

With the clear need for security that does not compromise convenience, the desire among consumers for the technology, and the readiness of the technology for mass rollout, the coming years look exciting for biometrics and its role in smarter payment experiences.

Continue Reading

Banking

Why the future is phygital

Published

on

By

By Eric Megret-Dorne, Head of Card Issuance Services and Service Operations at Giesecke + Devrient

 

Digital banking has become increasingly ingrained in people’s everyday lives. Today, 73% of people globally use online banking at least once a month. Traditional bricks-and-mortar banks, which have long relied on the in-person experience with customers, are now having to step up their offering. With new ways of working blurring the work-home boundary, banks must ensure a fast, seamless connection between face-to-face processes and virtual customer experiences.

However, this does not mean that physical and digital banking are in competition with each other. In fact, many continue to use physical bank cards, with 1.12 billion in circulation in 2021, which provides the basis for digital payments and offerings. As a result, the benefits of digitalisation should converge with the comfort of physical touchpoints to create a holistic, “phygital” experience.

The path to phygital

Banks are accelerating their digital transformation strategies to keep up with the fast pace of fintech innovations. To meet the changing needs and preferences of customers, the payment world is leveraging new technologies to create personalised experiences through a range of different channels.

While the digitalisation of banking has been underway for quite some time – particularly for younger generations – events such as the Covid-19 crisis forced banks and customers of all ages to use digital tools and processes to compensate for branch, office, and call centre closures. With branches worldwide typically operating at reduced capacity due to social distancing requirements, consumers embraced online banking to avoid both the virus and potentially long queues.

However, some consumers still enjoy physical touchpoints, meaning a digital-only approach won’t suit everyone.

Striking a balance

It’s all about options – consumers now want to freely switch between traditional and digital channels without being forced into one. But how can banks achieve this phygital balance? One way is to equip physical channels with digital capabilities, so that online tools can augment the physical experience. For example, personalised bank cards with a bespoke design can be activated digitally, offering customers an extra layer of convenience. Having to wait for a new PIN to arrive in the mail is a common bugbear for consumers, so bringing card activation processes into the digital ecosystem will ensure a more seamless experience.

Greater automation in the card issuance and activation process enables the benefits of digital to be integrated into the physical banking experience without being intrusive. For instance, self-service kiosks empower customers to print their own cards, reducing the time between acquisition and card issuance, while still allowing for in-branch expertise if needed.

The personal touch

Phygital strategies also give banks a range of valuable data insights that can help them better serve their customers. This includes data on purchasing behaviours and habits, which can then be utilised to improve banks’ offerings and unify the physical and digital brand experience. Using omnichannel data helps to build a hyperpersonalisation strategy to provide real-time services.

In this way, digital solutions help banks maximise their user experience. Whenever a consumer interact with a bank, it creates data and behaviours. With fragmented databases, legacy systems and real-time data created by interactions with third-party partners through Application Programming Interfaces (APIs), it is not always easy for banks to streamline this data from different sources. By understanding patterns in that data and behaviours, banks can tailor and personalise unique experiences for each and every user.

Where security meets innovation

With big data opportunities abound, banks should be mindful of their consumers’ security concerns. Customers are now demanding much more transparency when it comes to how information is stored and collected. At the same time, they still desire greater personalisation via digital methods. Therefore, any successful phygital strategy requires a robust digital security to ensure customers have the same peace of mind as when they complete physical transactions.

To close the gap between innovation and security, banks should utilise tokenised infrastructure, which ensures the safe provision of payment credentials and securing of customer payments across all touchpoints. This is particularly important as regulations such as PSD2 and SCA demand strong authentication requirements.

The use of a token greatly enhances the consumer experience. For example, it allows for card details to be automatically updated for subscription services upon the expiry of an existing one, avoiding any service disruption.  Multi-factor authentication can also ensure an additional layer of security, as it combines a password with verifiable human biometrics such as fingerprints or facial recognition.

Best of both worlds

Every consumer has unique preferences when it comes to banking. Therefore, banks must evolve by bringing both physical and virtual touchpoints into a ‘phygital’ world. Only a phygital approach can meet the needs of all end users – whether they favour an in-person experience, an online one, or a blend of the two. The holistic data insights, personalisation opportunities, and optimised security ensured at every touchpoint are also critical in building future-ready banks.

Continue Reading

Magazine

Trending

Business1 day ago

How app usage can help brands increase their online revenues and customer retention

Arunabh Madhur, Regional VP & Head Business EMEA at SHAREit Group   Brands are continuing to invest heavily in the...

Banking1 day ago

Will ‘Britcoin’ change the way we bank?

The Treasury and Bank of England recently announced a state-backed digital pound is likely to be launched in the UK...

Finance1 day ago

In-Store, Online & In-App – Unifying Payment Authentication

Michel Roig, President of Payment and Access, Fingerprints   Often, new technologies are lauded as the death of existing ones....

Banking1 day ago

Why the future is phygital

By Eric Megret-Dorne, Head of Card Issuance Services and Service Operations at Giesecke + Devrient   Digital banking has become...

Finance1 day ago

Why Keeping Track of Cash Is Key to Economic Survival

By Joshua May, Consulting Manager EMEA, BlackLine   Finance and Accounting (F&A) has always had a reputation for its calm...

Business2 days ago

Does the middle market have a financial edge?  

Ilija Ugrinic, Commercial Solutions Director at Proactis   Companies tend to look up the ladder when searching for ways to...

Business3 days ago

Hybrid Intelligence – The only way to face the problems of the future

Author: Prof. Dr. Iris Lorscheid, Vice-Rector Research and Professor of Digital Business and Data Science Computer Science at the University...

Business4 days ago

Consumer demand driving sustainable payments

Jenn Markey, VP Payments & Identity, Entrust   Sustainability is a buzzword that seems to be at the forefront of...

News4 days ago

Adyen drives conversion uplift with advanced authentication solution

The company’s expanded authentication offering optimizes authorization, security, and end revenue   Adyen (AMS: ADYEN), the global financial technology platform...

Finance4 days ago

It’s time for financial institutions to take personalization seriously

David Hetling, Global Marketing Director, Financial Services, RWS   Financial institutions will always play a critical role in society, offering...

Banking6 days ago

The Future of Capital Markets: Democratisation of Retail Investing

Nicky Maan, CEO of Spectrum Markets   Over the past decades, global capital markets have undergone tremendous changes. There have...

Top 101 week ago

5 Often-Overlooked Investment Options To Consider Exploring In 2023

When choosing what to invest in, many people will initially focus on the stock market which is considered a more...

News1 week ago

New Open Banking platform Archie waves a timely hello to Britain’s beleaguered businesses

Archie is a game-changing payments and data platform that’s inherently human in its approach; a refreshing proposition in the jargon-heavy...

Finance1 week ago

Innovating inclusivity: How invoice financing is diversifying access to financial streams

“Entrepreneurs, particularly those in the supply chain in Europe, the United Kingdom, and indeed the rest of the world, frustrated...

Business1 week ago

The data behind AI’s success in the financial sector

Or Lenchner, CEO at Bright Data   AI (Artificial Intelligence) has taken the world by storm. The OECD estimates that...

Business1 week ago

The Risks Of Company Mergers And How To Avoid Them

There are a lot of benefits to agreeing on a company merger with another business, and this includes, but is...

Finance1 week ago

How diversity is evolving in the fintech industry

by Elena Dimova, VP HR Bulgaria and Operations & Technology at Paysafe.   With both finance and technology being traditionally male-dominated...

Finance1 week ago

How the Isle of Man is encouraging a new generation of FinTech innovators

FinTech’s potential to transform how finance and business operates has gained attention around the world in recent years. In 2022,...

Business1 week ago

Protecting Customer Data in Online Business

With the increasing number of online businesses, protecting customer data has become more important than ever. Cybersecurity breaches can cause...

Business2 weeks ago

END OF AN ERA OF CHEAP MONEY

Professor Milos Petkovic, PhD Lecturer at Berlin School of Business & Innovation   Prior to 2022, the global financial market...

Trending