Finance
CFOs – the forgotten ally in the fight against ransomware
Published
6 months agoon
By
admin
Justin Vaughan-Brown, VP Market Insight at Deep Instinct
Ransomware attacks have nearly doubled in the past couple of years. According to a new report from an international law firm the number of ransomware attacks reported to the Information Commissioners Office (ICO) went up within a year from 236 to 654 in 2021. With threat actors using increasingly advanced methods to launch attacks, organisations are too often financially unprepared when disaster strikes.
Apart from taking a mental toll, cyber-attacks put significant financial burdens on an organisation. Our own research among the C-Suite and IT security decision makers revealed that last year, UK-based organisations paid an average ransom of £3 million. While the decision to pay the ransom should fall on the shoulder of CEOs and CFOs, in many cases the latter were side-lined from the decision-making process. In only 14% of cases, financial officials play an active role in making final decisions around paying ransoms. This is an alarming proposition, as ransomware at its core is a financially motivated attack.
The unmasking of this vast disconnect in ways that the management team determines the risks and aftermath on their organisations after a cyber-attack, reveals a potentially risky misalignment of understanding and priorities when it comes to securing their organisation. So why do CFOs feel that their organisations are not prepared to face a cyber-attack and how does the CFO’s perception of the company differ from that of the CEO?

Justin Vaughan-Brown
Why do CFOs feel their firm is ill-prepared against cyber-attacks?
One of the core challenges is the financial cost gap between those willing to pay a ransom and those who paid a ransom. Those who were willing to pay a ransom demand vastly underestimated the cost. For example, respondents who would be willing to pay a ransom in the future, estimated that the pay-out would cost, on average, £760,000; however, in reality the average amount paid was four times higher – standing at £3 million. In addition, it was revealed that only 32% of organisations were able to recover their entire data and show positive outcomes after the ransomware attack.
While CFOs of a company play a major role in boosting the morale of an organisation, CEOs are expected to exude confidence in their organisation. If CFOs do not assume their place in the team to help fight cyber-crime, then the organisation develops a false sense of security. This leads the CEOs and other members of the organisation to believe that they can effectively fight malware gangs.
Due to the plummeting number of financial officials being involved in the risk assessment of cyber-attacks on their organisation, fewer and fewer CFOs feel confident enough to state that their organisations are prepared to withstand a cyber threat. CFOs have also been excluded from making the decisions of paying ransom to malware gangs despite it being a financial issue.
For example, 56% of respondents stated they had paid the ransom to recover their data, with only 14% claimed that their CFO had made the decision – in the other 29%, the CEO had been in charge. Given the fact that there is a true monetary risk to such decisions, it’s essential that CFOs and financial executives should have a critical role in these decisions.
Moreover, only 12% of CFOs are actively involved in the risk management processes and hence only 14% feel their organisation is prepared to withstand a cyber-attack. On the other hand, 63% of CEOs are under the impression that their organisation is well prepared for it.
A wake-up call for the exec suite
From the organisations we spoke to, nearly two-thirds of the respondents confessed that their business had endured a ransomware attack. With the increasing number of cyber-attacks, it has become essential for an organisation to assess the impact a cyberattack may cause. Threat actors provide no assurance that all the data that has been encrypted will be returned even after a ransom is paid. In such cases, it would be important to have an estimate on the losses incurred.
Only 38% of respondents seemed confident in evaluating monetary value to the data within their organisation and analysing the potential impact of the loss. But 48% of organisations revealed inadequacy and inaccurate assessment of the cyber-attack and in some cases, no assessment at all.
Firms should initially analyse the monetary risks of a ransomware attack and response accurately to understand the true cost of any decisions, or else they will fall into the pit of false security after the true cost of the ransom is revealed. It’s imperative that senior executives at all levels should be a part of the ransomware response strategy and all relevant decision-making processes. Afterall, they all have a role in making sure that the business is buoyant and prepared in the face of adversity. Otherwise, organisations will continue to fill the pockets of cybercriminals, while incurring huge losses themselves.
Finance
In-Store, Online & In-App – Unifying Payment Authentication
Published
1 day agoon
March 23, 2023By
admin
Michel Roig, President of Payment and Access, Fingerprints
Often, new technologies are lauded as the death of existing ones. This has been undoubtedly true in some areas. Think audio cassettes and CDs, Betamax and VHS, fax machines and email… and a host of other examples. Sometimes the market and product vendors can influence this decision but, mostly, consumers decide which technologies win based on the value they bring to their everyday lives.
Often though, new technologies coexist with, and complement, existing ones. This is very much the case in the payments ecosystem. The advent of mobile payments had many claiming the death of the humble payment card. In a world still using cheques and with significant innovation happening across both mobile and card payments, the card is not going anywhere for the foreseeable future because consumers choose different payment methods based on different situations and preferences.
But, as new payment methods are made available to consumers, and each keeps evolving, the payments ecosystem needs to ensure that the security, convenience and user experience is consistent. This blog will trace the adoption of card and mobile payments, discuss the need for strong authentication and highlight the role biometrics is playing in enabling unified experiences for consumers.
Card & mobile payment adoption
There is still a mix of how consumers make in-store payments today. For example, Fingerprints research found that more than 70% of consumers elect to use their cards most often, compared to less than 5% choosing their smartphones.
But mobile contactless is growing. Mobile payment experience enabling the same (or better!) convenience of traditional card payments, with additional security and more opportunities for richer experienced and value added services like loyalty and discount integration. Because of this, for example, last year the U.S. saw in-store grow by 29%.
Additionally, we can consider in-app and online mobile payments. Allied Market Research reports the global in-app purchasing market size was valued at $76.43 billion in 2019 and is projected to reach $340.76 billion by 2027, growing at a CAGR (compound annual growth rate) of 19.8% from 2020 to 2027.
Safety first, right?
It’s clear that contactless transactions are growing, but safety is still a concern for a lot of consumers, particularly with cards.
Consumers around the world have come to love the convenience of contactless. While 77% of consumers use contactless regularly, half are worried about the lack of security if their card is lost or stolen and around a quarter are confused about spending limits.
And even as contactless use was rocketing, fraud was a cause for concern. According to UK Finance’s latest Annual Fraud Report, lost and stolen card fraud incidents increased by 1% between 2020-21, despite this being a time when normal high-street shopping habits were drastically altered due to pandemic restrictions. Worryingly, the same report highlighted that when pandemic restrictions were eased in late 2021, contactless fraud on payment cards and devices went up 20%.
Historically, the authentication methods for card, mobile and online payments have been diverse and inconsistent. Biometrics is helping to unify, strengthen and simplify the payment authentication process, no matter where or how consumers choose to pay.
Biometrics bringing benefits
One innovation helping consumers – that increasingly demand more convenient, secure and hygienic payment experiences – is the addition of biometrics to strengthen and unify authentication.
After over a decade of integrations, mobile is the most mature and established market for consumer biometrics, and we now estimate that more than 80% of smartphones sold now incorporate some form of biometric sensor.
Recently Fingerprints celebrated that its own sensors have been integrated in more than 650 mobile device models globally, in nine out of the top ten smartphone OEM brands. But this is by no means a static market.
Crucially, continued adoption is being driven by innovation. Ongoing R&D on the biometric sensors and software are enabling biometrics to support broader product development and innovative use cases. This is supporting ongoing mobile adoption and diversification into other devices like payment cards.
Ongoing momentum is down to biometrics’ fundamental benefits; the technology’s ability to strengthen security and authentication while maintaining or even improving the user experience by removing the need to enter PINs and passwords.
Unifying the authentication UX
On top of these core benefits, biometrics can also help banks and card manufacturers to harmonize the payment authentication experience. Consumers are already used to unlocking their smartphone with a fingerprint sensor. With mobile payments and banking apps on the rise, biometric authentication is now increasingly common in consumer finance. By offering biometric technology in payments cards, banks can offer their customers the same convenience and security they are used to from their mobile and in-app transactions.
Not all consumers pay for items in the same way, so the important factor is to offer trusted options that help a wide range of users. The addition of more secure authentication to cards is therefore a logical development in order to cater to the requirements of the less tech-savvy individuals all the way through to the digital natives.
Evolution not revolution
So, it is not a question of new payment technologies replacing existing ones. Technology evolves, yes. But cards are not static and, for many, will continue to be the default method of payment. For others card, mobile contactless, online, in-app and others all have a time and a place.
Moving forward, banks and other issuers can support customers by adding strong authentication to the ‘tap’ of contactless to bring it in line with mobile and in-app payments. Alongside added protection reducing fraud risks and lost revenue, it provides the convenience of avoiding contactless limits – and the confusion they can bring – altogether.
With the clear need for security that does not compromise convenience, the desire among consumers for the technology, and the readiness of the technology for mass rollout, the coming years look exciting for biometrics and its role in smarter payment experiences.

By Eric Megret-Dorne, Head of Card Issuance Services and Service Operations at Giesecke + Devrient
Digital banking has become increasingly ingrained in people’s everyday lives. Today, 73% of people globally use online banking at least once a month. Traditional bricks-and-mortar banks, which have long relied on the in-person experience with customers, are now having to step up their offering. With new ways of working blurring the work-home boundary, banks must ensure a fast, seamless connection between face-to-face processes and virtual customer experiences.
However, this does not mean that physical and digital banking are in competition with each other. In fact, many continue to use physical bank cards, with 1.12 billion in circulation in 2021, which provides the basis for digital payments and offerings. As a result, the benefits of digitalisation should converge with the comfort of physical touchpoints to create a holistic, “phygital” experience.
The path to phygital
Banks are accelerating their digital transformation strategies to keep up with the fast pace of fintech innovations. To meet the changing needs and preferences of customers, the payment world is leveraging new technologies to create personalised experiences through a range of different channels.
While the digitalisation of banking has been underway for quite some time – particularly for younger generations – events such as the Covid-19 crisis forced banks and customers of all ages to use digital tools and processes to compensate for branch, office, and call centre closures. With branches worldwide typically operating at reduced capacity due to social distancing requirements, consumers embraced online banking to avoid both the virus and potentially long queues.
However, some consumers still enjoy physical touchpoints, meaning a digital-only approach won’t suit everyone.
Striking a balance
It’s all about options – consumers now want to freely switch between traditional and digital channels without being forced into one. But how can banks achieve this phygital balance? One way is to equip physical channels with digital capabilities, so that online tools can augment the physical experience. For example, personalised bank cards with a bespoke design can be activated digitally, offering customers an extra layer of convenience. Having to wait for a new PIN to arrive in the mail is a common bugbear for consumers, so bringing card activation processes into the digital ecosystem will ensure a more seamless experience.
Greater automation in the card issuance and activation process enables the benefits of digital to be integrated into the physical banking experience without being intrusive. For instance, self-service kiosks empower customers to print their own cards, reducing the time between acquisition and card issuance, while still allowing for in-branch expertise if needed.
The personal touch
Phygital strategies also give banks a range of valuable data insights that can help them better serve their customers. This includes data on purchasing behaviours and habits, which can then be utilised to improve banks’ offerings and unify the physical and digital brand experience. Using omnichannel data helps to build a hyperpersonalisation strategy to provide real-time services.
In this way, digital solutions help banks maximise their user experience. Whenever a consumer interact with a bank, it creates data and behaviours. With fragmented databases, legacy systems and real-time data created by interactions with third-party partners through Application Programming Interfaces (APIs), it is not always easy for banks to streamline this data from different sources. By understanding patterns in that data and behaviours, banks can tailor and personalise unique experiences for each and every user.
Where security meets innovation
With big data opportunities abound, banks should be mindful of their consumers’ security concerns. Customers are now demanding much more transparency when it comes to how information is stored and collected. At the same time, they still desire greater personalisation via digital methods. Therefore, any successful phygital strategy requires a robust digital security to ensure customers have the same peace of mind as when they complete physical transactions.
To close the gap between innovation and security, banks should utilise tokenised infrastructure, which ensures the safe provision of payment credentials and securing of customer payments across all touchpoints. This is particularly important as regulations such as PSD2 and SCA demand strong authentication requirements.
The use of a token greatly enhances the consumer experience. For example, it allows for card details to be automatically updated for subscription services upon the expiry of an existing one, avoiding any service disruption. Multi-factor authentication can also ensure an additional layer of security, as it combines a password with verifiable human biometrics such as fingerprints or facial recognition.
Best of both worlds
Every consumer has unique preferences when it comes to banking. Therefore, banks must evolve by bringing both physical and virtual touchpoints into a ‘phygital’ world. Only a phygital approach can meet the needs of all end users – whether they favour an in-person experience, an online one, or a blend of the two. The holistic data insights, personalisation opportunities, and optimised security ensured at every touchpoint are also critical in building future-ready banks.
Magazine
Trending


How app usage can help brands increase their online revenues and customer retention
Arunabh Madhur, Regional VP & Head Business EMEA at SHAREit Group Brands are continuing to invest heavily in the...


Will ‘Britcoin’ change the way we bank?
The Treasury and Bank of England recently announced a state-backed digital pound is likely to be launched in the UK...


In-Store, Online & In-App – Unifying Payment Authentication
Michel Roig, President of Payment and Access, Fingerprints Often, new technologies are lauded as the death of existing ones....


Why the future is phygital
By Eric Megret-Dorne, Head of Card Issuance Services and Service Operations at Giesecke + Devrient Digital banking has become...


Why Keeping Track of Cash Is Key to Economic Survival
By Joshua May, Consulting Manager EMEA, BlackLine Finance and Accounting (F&A) has always had a reputation for its calm...


Does the middle market have a financial edge?
Ilija Ugrinic, Commercial Solutions Director at Proactis Companies tend to look up the ladder when searching for ways to...


Hybrid Intelligence – The only way to face the problems of the future
Author: Prof. Dr. Iris Lorscheid, Vice-Rector Research and Professor of Digital Business and Data Science Computer Science at the University...


Consumer demand driving sustainable payments
Jenn Markey, VP Payments & Identity, Entrust Sustainability is a buzzword that seems to be at the forefront of...


Adyen drives conversion uplift with advanced authentication solution
The company’s expanded authentication offering optimizes authorization, security, and end revenue Adyen (AMS: ADYEN), the global financial technology platform...


It’s time for financial institutions to take personalization seriously
David Hetling, Global Marketing Director, Financial Services, RWS Financial institutions will always play a critical role in society, offering...


The Future of Capital Markets: Democratisation of Retail Investing
Nicky Maan, CEO of Spectrum Markets Over the past decades, global capital markets have undergone tremendous changes. There have...


5 Often-Overlooked Investment Options To Consider Exploring In 2023
When choosing what to invest in, many people will initially focus on the stock market which is considered a more...


New Open Banking platform Archie waves a timely hello to Britain’s beleaguered businesses
Archie is a game-changing payments and data platform that’s inherently human in its approach; a refreshing proposition in the jargon-heavy...


Innovating inclusivity: How invoice financing is diversifying access to financial streams
“Entrepreneurs, particularly those in the supply chain in Europe, the United Kingdom, and indeed the rest of the world, frustrated...


The data behind AI’s success in the financial sector
Or Lenchner, CEO at Bright Data AI (Artificial Intelligence) has taken the world by storm. The OECD estimates that...


The Risks Of Company Mergers And How To Avoid Them
There are a lot of benefits to agreeing on a company merger with another business, and this includes, but is...


How diversity is evolving in the fintech industry
by Elena Dimova, VP HR Bulgaria and Operations & Technology at Paysafe. With both finance and technology being traditionally male-dominated...


How the Isle of Man is encouraging a new generation of FinTech innovators
FinTech’s potential to transform how finance and business operates has gained attention around the world in recent years. In 2022,...


Protecting Customer Data in Online Business
With the increasing number of online businesses, protecting customer data has become more important than ever. Cybersecurity breaches can cause...


END OF AN ERA OF CHEAP MONEY
Professor Milos Petkovic, PhD Lecturer at Berlin School of Business & Innovation Prior to 2022, the global financial market...

How app usage can help brands increase their online revenues and customer retention

Will ‘Britcoin’ change the way we bank?

In-Store, Online & In-App – Unifying Payment Authentication

Why the future is phygital

Why Keeping Track of Cash Is Key to Economic Survival

Does the middle market have a financial edge?

RBI’s MASTER DIRECTION ON DIGITAL PAYMENTS SECURITY CONTROLS

EMV® 3-D SECURE: ENABLING STRONG CUSTOMER AUTHENTICATION

HOW TO SIMPLIFY IDENTIFICATION IN THE GLOBAL DIGITAL ECONOMY WITH THE LEI

EXEGER – CHANGING THE PERCEPTION OF POWER

FUTURE FX PROMO

FutureFX Profile
Trending
-
News4 days ago
Adyen drives conversion uplift with advanced authentication solution
-
Business4 days ago
Consumer demand driving sustainable payments
-
Finance4 days ago
It’s time for financial institutions to take personalization seriously
-
Business2 days ago
Does the middle market have a financial edge?