Connect with us

Banking

CRYPTOCURRENCY EXCHANGES MUST TACKLE THEIR CYBERSECURITY ISSUES

Published

on

By Andrew Shikiar, executive director of the FIDO Alliance

 

Cryptocurrencies are becoming mainstream. Despite recent dramatic price falls after bitcoin hit an all-time high of around $65,000 in April, interest in owning cryptocurrency has continued to grow this past year. A report from the Financial Conduct Authority released last month estimated that around 2.3 million UK adults now own some form of cryptocurrency, up 21% over 12 months, and that 78% of the population have now heard of cryptocurrency.

Andrew Shikiar

However, alongside this growing interest in cryptocurrencies is a significant increase in cybersecurity risks. Investors need to be aware of these risks and the industry must do all it can to make cryptocurrency safer.

The first main issue is rising crime, as new crypto investors are targeted by scam artists, fraudsters and cyber criminals.

Nearly $3.78 billion was stolen in 122 blockchain-related attacks throughout 2020, equivalent to $10 million a day. Meanwhile, according to the US Federal Trade Commission, nearly 7,000 people lost more than $80 million in scams between October 2020 and March 2021 — a 1,000% increase from the year before.

These scams range from fake currency exchanges to phoney giveaway websites offering free cryptocurrency. In March, scammers took advantage of the highly publicised appearance of Tesla CEO Elon Musk on US comedy show “Saturday Night Live” to steal around $10 million worth of various cryptocurrencies.

Investors are particularly vulnerable as there is virtually no way to protect their accounts from theft; in the world of cryptocurrency, there are no guarantees. Traditional banks will generally cover losses if you are the victim of fraud or identity theft, while the Financial Services Compensation Scheme will protect UK consumers when a financial firm fails, but there is no equivalent scheme protecting your crypto assets.

In order to prevent theft, it is essential to enable secure access to these cryptocurrency assets. However, this is where we encounter the other major cybersecurity issue concerning cryptocurrency: how do we enhance security while also that investors can always access their accounts?

 

Security issues and problematic passwords

Many accounts are initially set up using passwords or other knowledge-based authentication (KBA) – both of which are inherently unfit for purpose to protect high-value accounts.

Specifically, passwords simply aren’t suitable for securing high-value accounts, because they can be easily compromised, either through phishing attacks (a form of social engineering where a victim is tricked into divulging their personal information, such as login credentials) or outright theft by purchasing one of the 15 billion credential pairs that are readily available on the dark web.

Furthermore, if you forget your password, you may have trouble recovering access to your account. There are several high-profile news stories of cryptocurrency investors being locked out of a fortune after forgetting a crucial password, such as that of German bitcoin trader Stefan Thomas, who has lost the password to hard drive containing the key needed to access to a digital wallet containing 7,002 bitcoins, currently worth around $165 million.

Meanwhile, KBA suffers from several problems, such as a user’s inability to remember a key piece of information or the wide availability of personal information on the internet through social media or data leaks. It also is possible to buy huge amounts of personal data from the dark web for relatively little cost.

Even if an account is protected by traditional two-factor authentication, such as requiring a code sent via SMS, attackers use SIM swapping and other techniques to get the code sent to their phone instead of the intended recipient. These methods as well as dedicated authenticator apps are also vulnerable to replay attacks – where the cybercriminal injects themselves into the authentication flow, unbeknownst to the account holder.

Using these approaches, cryptocurrency account takeovers are occurring more and more frequently. Once inside an account, criminals can quickly empty its contents, as almost all transactions are finalised within minutes and not easily reversible. Cryptocurrency exchanges themselves are also commonly targeted; in 2020, there were 28 exchange breaches, totalling over $300 million in losses.

Unfortunately, there are few pre-established trust relationships between users and the exchange or wallet provider. Many users have experienced terrible customer support with these exchanges, often having to wait for weeks or even months to regain access to their accounts, simply because it is so difficult to prove that they are the rightful owner.

 

How modern authentication can protect digital assets

So how do we address these issues? The answer lies in moving away from knowledge-based authentication to possession-based authentication. In this scenario, all cryptographic login credentials are stored on a physical device, like a smartphone or security key, that the account holder – and only the account holder – is in possession of.

This approach is proven to be resistant to phishing and account takeovers, and the technology is already embedded into billions of devices worldwide and available to anyone using a modern internet browser.

Crypto exchanges are already aware of these benefits and several have already added support for the FIDO(Fast IDentity Online) possession-based authentication protocols, including Coinbase, Binance, and STEX. Gemini was an early adopter of FIDO for both its smartphone app and web browser, with a growing percentage of its users protecting their accounts with FIDO authentication by purchasing FIDO Certified security keys.

However, standardised authentication alone cannot solve security issues unless it is adopted widely throughout the industry. A consistent approach to security and standardised authentication flows across exchanges, as well as for digital and physical cryptocurrency wallets, is desperately needed to protect investors and their assets – and these best practices should be universally encouraged to all users, across exchanges More can and needs to be done to take the onus of protection away from individuals and onto the institutions.

In conjunction with this push towards possession-based authentication, users should be required to have multiple authenticators to assist with account recovery for each cryptocurrency exchange – whether that is two security keys or a security key and a biometric authenticator. Having multiple account recovery keys for each exchange will reduce pressure on customer support and help users who lose a device. It would also offer users a choice of stronger authentication options.

Finally, exchanges should eliminate using less secure backup and recovery options such as using SMS or other knowledge-based factors. This will help improve overall security, especially for account recovery.

For the crypto industry to reach its full potential, exchanges must balance cryptocurrency’s anonymity and privacy with the security needed for accounts and assets. Following in the footsteps of exchanges like Gemini and enabling users to fully secure their accounts would help to protect customers from phishing attacks and account takeovers, without sacrificing convenience and privacy.

 

Banking

HOW TRADITIONAL INSURERS CAN USE TECHNOLOGY TO IMPROVE THEIR RELATIONSHIP WITH CUSTOMERS

Published

on

The customer experience with insurance is anomalous, in that one is only required to engage with their insurer if things are going wrong for them. To add value to the relationship, new technology and methods should be adopted, in turn driving loyalty and business growth, writes Oliver Werneyer, CEO and Co-founder of Imburse

Oliver Werneyer

Insurance is one of the oldest industries in the world and it is still, to this day, considered a grudge purchase. Looking back, insurance has a history of having a challenging relationship with its customers. According to an IBM study, in 2008, only 39% of consumers trusted the insurance industry. This percentage has stayed largely similar over the years, having reached only 42% in 2020. For any business with growth ambitions, good customer relationships are crucial.

I believe that now more than ever, the insurance industry not only needs to continue investing in improving relationships with customers, but to really think about new ways of doing so. At a basic level, the moment of truth for an insurance customer is when either they need to pay or are getting paid. Insurers can have the best policy wording, quick claims processes, apps and advisors, but if the experience to pay premiums or to receive a claim is bad, the customer immediately loses trust.

The pandemic has exposed this tenuous relationship between insurers and its customers. The need to move everything online and provide personalised services has exposed significant shortcomings in the service insurers provide. The industry has been too slow to adopt newer technologies and move engagements closer to the customer (self-service and empowered). This is largely due to the legacy systems and processes that insurers failed to modernise over previous years.

This means that the better-positioned incumbents have stronger customer relationships and benefit disproportionately from the pandemic, as they are able to win more new customers and convert customers from other insurers. They also benefit from significantly lower customer acquisition costs and much better growth, as illustrated in this McKinsey report. Even new entrants or InsurTechs are benefitting massively by focusing on improved customer experience and customer relationships.

However, it is never too late for insurers to build better relationships with customers. The main way to build a good relationship with a client is to make life easier, live up to promises and add value through the relationship with them. By working on these key elements, insurers can start building strong relationships with their customers, and, through the right partners, deliver this in a timely and non-disruptive manner.

 

Embedded Services

Insurance products often get a bad reputation because they cost money, but the benefits might only come much later, or never. Customers don’t get to experience a positive relationship with insurance products, either because they never claim and feel like they lost out, or they claim and they’re in a bad situation. By either embedding other services into the insurance experience to deliver a more transactional engagement, or embedding insurance products into general customer experiences such as online shopping or rewards, insurers can enrich customer relationships to generate value.

This way, insurers become a value-adding part of the customers’ everyday activities and not just a product that they have to pay for and may never get anything back from. One example is to embed micro-savings capabilities, often found in banking, into pension savings and insurance products. This can allow customers to save more for pension, attract younger customers and build a portfolio of fiscally disciplined customers.

 

Tailored journeys and personalisation

Customers have come to expect personalised journeys and engagements from product providers. Streaming services, social media, e-commerce or mobility services have shaped the customer expectations. Now, customers are also expecting personalisation for insurers.

Insurers need to invest very heavily in delivering personalisation and customisation to customers as they engage with their products. Failure to deliver this puts renewed strain on the value perceived by the customer and their relationship with the insurer. This applies not only to customer interfaces, but to aspects such as payments. Insurers should make it easy and pleasant for customers to pay and get paid. As the main moment of truth, payment experiences need to work optimally.

 

Perceived customer value metrics and delivery

The value customers derive from insurance products is, generally, monetary. Therefore, insurers must invest in product enhancement to increase its perceived value. Perceived value is not tied to a monetary value. By being able to choose between multiple payment options, such as a $300 pay-out to a bank account or a $320 Amazon voucher, the customer has a higher perceived value of the payment. This can be achieved by leveraging non-insurance products that can be purchased at a discounted price, exclusive access that the customer would otherwise not have or conversion into a form that is more useful to the customer.

Payments, for collection and pay-out, are at the core of delivering this value. An excellent payment experience immediately influences the customer to be positively inclined toward a product (PwC report). In order to offer this, insurers need to leverage multiple technologies and providers, offer any speed of transaction in any market, and deliver faster automation and better risk control. The key is to transform insurance products into transactional value-adds to customers’ lives and use this opportunity to continuously build on relationships with customers.

The main roadblock for insurers is still the operational implications of these activities and the costs that arise. In looking to build a better customer relationship, insurers need to look at partners that are operational enablers to deliver this. Partners that can solve the integration and speed-to-market problem so that insurers are enabled to deliver new capabilities, not bombard them with new ideas and no path to delivery.

Imburse, for instance, enables insurers to access all the global payment providers and technologies available in any market. Through a single connection, insurers can deploy any payment capability into any channel, for collection and pay-outs, without ever again needing to build a direct operational integration to the providers. This gives them full freedom to leverage payments as a key value driver and customer experience enhancer.

Building a better relationship with insurance customers is key for the insurance industry to close the protection gap. Incumbents are in the prime position to look at Insurtech and Fintech partners to rapidly and significantly modernise, digitalise and transform their own capabilities to deliver major enhanced value to their customers.

Imburse is an advanced universal payment connector that enables businesses to gain cost-effective access to complete global payments technology, regardless of the service provider. To learn more, please visit www.imbursepayments.com.

Continue Reading

Banking

UNCHARTED TERRITORY: HOW OPEN BANKING CAN HELP BANKS NAVIGATE COVID CHALLENGES

Published

on

Opinion from Rafa Plantier, Head of UK and Ireland at Tink

The last year has propelled banks, businesses and consumers alike into uncharted territory. Changes which would normally have spanned years were compressed into months. Financial institutions who had already embarked on the path of digital transformation had to accelerate their plans, and customers of all walks of life had to become acquainted with using digital services almost exclusively.

Rafa Plantier

According to our recent research report ‘Open banking in the post-pandemic world’, 41% of European financial executives believe the shift from digital-sometimes to digital-first during the Covid-19 pandemic will be permanent for the financial services industry.

There are two sides to this coin: it’s indisputable that industry and economies have been weakened as a result of Covid-19. A drop in revenues and profits, regulatory challenges, new disruptive market entrants, and low interest rates, all mean that banks are poised in a delicate position. However, open banking represents a significant opportunity for banks transitioning from analogue to digital, and from closed to open. Here are three ways open banking can benefit financial institutions in the post-pandemic world.

 

Putting innovation in the fast-lane

Covid-19 led to a rapid, unforeseen change in consumer behaviour that meant digital innovation became a need-right-now rather than a nice-to-have. Over the last year, financial institutions had to innovate in real time to ensure business continuity and serve their customers as their needs changed swiftly.

The sense of urgency is palpable across the industry. Over two thirds (65%) of financial services executives surveyed agreed that it’s necessary for banks to increase their speed of innovation as a result of the pandemic, and 74% of financial executives believe the pandemic has increased the need to enhance digital services.

Open banking technology can act as a catalyst to innovation and digitalisation. It can enable access to tools and capabilities which are scalable across geographies, lines of business and customer segments. For example, by using techniques such as recycling code or toggling different data-driven services, banks can short-circuit the time to market for their own digital services.

 

Unlocking commercial opportunities

Legacy revenue streams have recently faced downward pressure and profit lines have begun to diminish for banks. Banks now need to ensure their digital ventures are competitive enough to survive in an increasingly crowded digital marketplace.

Open banking technology helps improve customer value and engagement — crucial as seven in 10 (70%) financial executives believe that the pandemic has increased focus on the customer experience.

It also provides the opportunity for banks to identify customer needs and deliver a personalised proposition shaped to each individual. For example, through account information services, banks can create bespoke user experiences which keep customers coming back. In addition to this, financial institutions can use personal finance management technology to engage with and create value for the customer — giving them invaluable insights to boost their financial health and identify risk areas.

 

Empowering operational efficiencies

Historically in banking, customers were required to transfer several onboarding documents — from proof of address to citizenship status. Not only was this a drain on the customer, but at the other end banks had to manually review and assess the documents provided.

Open banking can expedite everything from customer onboarding and due diligence to risk assessment processes. It simplifies the process for the customer as well as increasing operational efficiencies on the bank’s end, by allowing them to quickly retrieve customer information through connections to their primary bank.

Now customer data can be fetched in real-time and in a machine-readable format, financial institutions can onboard quickly and with significantly lower risk. With 68% of financial executives believing there has been a renewed focus on profitability since the pandemic, lowering costs and enabling efficiencies wherever possible will be make or break for some institutions.

The good news is that the benefits offered by open banking are now also coming to business accounts. At Tink, we are already live with this in the UK and Sweden — enabling companies to leverage business account data to create the same seamless services and enhanced user experiences for business and individual account holders alike. And in a world where customers are actively consenting to access their financial information to get better services, requesting that consent to enable open banking payments and transfers is a natural next step

 

The industry is just at the start of the open banking journey

The appetite for leveraging open banking technology is accelerating, as it climbs even higher on the agenda of executives. Over two thirds (68%) of financial executives surveyed across Europe say that their interest in open banking has been piqued by the pandemic as they recognised its potential to lower risk, anticipate financial distress, increase sales, and enhance customer experience.

As the dust settles, one thing has become clear – open banking has emerged as a vital enabler of gaining a competitive advantage for financial institutions, by improving the customer experience in a post-pandemic world.

To learn more, read Tink’s open banking report ‘Open banking in a post-pandemic world’, here.

Continue Reading

Magazine

Trending

Business23 hours ago

OUTSOURCING YOUR IT SOLUTIONS CAN SAVE YOU FROM COSTLY DOWNTIME

Amir Hashmi, CEO and Founder of leading IT and Cloud services provider Zsah, discusses why you need full-time professionals if...

Banking2 days ago

HOW TRADITIONAL INSURERS CAN USE TECHNOLOGY TO IMPROVE THEIR RELATIONSHIP WITH CUSTOMERS

The customer experience with insurance is anomalous, in that one is only required to engage with their insurer if things...

Business3 days ago

THE FUTURE OF CLOUD: HOW TO KEEP YOUR DATA SAFE

By Pete Braithwaite, COO of KIT Online Cloud services are inherently scalable, responsive and flexible. They offer huge flexibility –...

Business4 days ago

ETRADING SOFTWARE AND ARTIS HOLDINGS LOANS ELECTRONIC PLATFORM OPEN FOR BUSINESS

The Bids Wanted in Competition (BWIC) process completes on the WIC trading platform   Etrading Software, the independent, global provider...

Finance4 days ago

AIRBANK SELECTS YAPILY TO BUILD A FINANCIAL MANAGEMENT SOLUTION FOR SMBS

Airbank, a financial management solution for European startups and SMBs, has selected open banking infrastructure provider Yapily to help its...

Interviews4 days ago

COULD YOU PROVIDE US WITH SOME BACKGROUND ON YOUR CURRENT ROLE WITHIN THE FINANCIAL SERVICES SECTOR?

– Shanker Ramamurthy, Global Managing Partner – Banking at IBM, BIAN Executive Board Member   I lead the banking consulting...

Business4 days ago

IT COST MANAGEMENT: 10 STEPS BUSINESSES CAN’T IGNORE

By Matt Dando, Director, Strategic Business Value Consulting at Serviceware   In today’s ever-accelerating digital era, and as we recover...

Banking5 days ago

UNCHARTED TERRITORY: HOW OPEN BANKING CAN HELP BANKS NAVIGATE COVID CHALLENGES

Opinion from Rafa Plantier, Head of UK and Ireland at Tink The last year has propelled banks, businesses and consumers...

Finance5 days ago

AI AND HOW IT’S LEADING THE FIGHT AGAINST FRAUD IN THE FINANCIAL SECTOR

Geoff Clark, Managing Director, Aerospike EMEA Much like many other sectors financial institutions have accelerated their digital transformation projects since...

Banking5 days ago

HOW DIGITAL IS MAKING THE ‘IMPOSSIBLE’ POSSIBLE FOR FINANCIAL FIRMS

  By Lavanya Kaul, Head of Customer Success, BFSI, UK&I, LTI Article synopsis: Focused on the digital transformation of the...

News5 days ago

DANSKE BANK TO BRING DOMESTIC SCHEME, DANKORT, TO APPLE PAY

Danske Bank, Denmark’s leading bank, supported by Nets, will bring Dankort to Apple Pay Dankort is the preferred means of payment...

News5 days ago

TACKLING THE FORGOTTEN PLASTIC PANDEMIC: CLIMATE CHANGE

By Mark Taylor, Group CCO, Waterlogic   Last year the COVID-19 pandemic was, quite rightfully, at the forefront of all...

News5 days ago

CROWN AGENTS BANK ACCELERATES GLOBAL GROWTH AND EXPANDS INTO NEW MARKETS WITH MULESOFT

MuleSoft, provider of the world’s #1 integration and API platform, today announced that Crown Agents Bank (https://www.crownagentsbank.com)  is using MuleSoft to digitally...

Finance5 days ago

THE IMPORTANCE OF ACCURATE AND TRUSTED TIMESTAMPING IN FINANCIAL SERVICES

Richard Hoptroff, CTO, Hoptroff   Recent global financial regulations such as MiFID II require that all stock exchanges, credit institutions,...

Business5 days ago

HOW OPEN DATA CAN HELP FIGHT CLIMATE CHANGE

David Lais, Co-Founder and CPO at Ecolytiq – providing banks and financial institutions with the digital infrastructure for green finance....

Business1 week ago

NOW’S THE TIME FOR THE INFRASTRUCTURE SECTOR TO GET IR35 RIGHT

Matt Fryer, Head of Legal Services at Brookson Legal   The Government’s recently announced £650bn programme of infrastructure works is...

Business1 week ago

MAKING THE MOST OF RPA TO ENHANCE THE CUSTOMER EXPERIENCE

Standfirst: Capturing and analysing business processes should be a prerequisite for any implementation of robotic process automation, argues Dr Gero...

Banking1 week ago

FINTECHS AND BANKING POST-COVID

COVID-19 has forced businesses and society to adapt to new realities. From big-name Wall Street banks to up-and-coming financial technology...

Technology2 weeks ago

WHY AGILE TECHNOLOGY PLATFORMS ARE THE KEY TO EFFECTIVE INNOVATION

Sujit Unni,CTO, Paysafe   A main reason why platform technology can prove to be so effective for a business is...

News2 weeks ago

DIGITAL TOKEN IDENTIFIER REGISTRATION OPENS WITH ETRADING SOFTWARE

Top 100 cryptocurrencies can now be tracked authoritatively using new ISO standard   Etrading Software, through its non-profit division the...

Trending