Connect with us

Technology

HOW FINANCIAL INSTITUTIONS CAN PROTECT THEIR ONLINE ACTIVITY FROM HACKERS

Published

on

As working from home becomes the new normal, senior leaders of financial institutions need confidence that their company information will remain secure when employees are discussing work matters online.

A recent survey by PwC, as part of its Cyber Security Strategy 2021, found that 50% of UK organisations said cyber security would be baked into every business decision. The research, presented as an ‘urgent business priority’, highlighted how organisations will seek to improve their cyber resilience in 2021. Only 36% of the UK respondents said they were very confident that they were getting the best return on their cyber spend although 56% said they had plans to increase their cyber budgets in 2021.

When taken into consideration with a recent survey conducted by Forcepoint in partnership with WSJ Intelligence, which revealed that 71% of global CEOs said they were losing sleep over the prospect of their company’s next security breach, it comes as no surprise that effective cyber-security is high on the corporate agenda for 2021 and beyond.

So, what is the risk of a security breach when discussing sensitive and confidential financial reports, strategy and information in cyber space? How can organisations protect themselves against hackers and malicious threat actors?

Hackers listen in to conversations and can see and read data – information which can be very useful to a competitor, criminal or some other nefarious entity. If a hacker succeeds it can be hugely costly to the company which falls prey through a data breach fine, as well as being commercially damaging in terms of productivity and reputation.

Financial institutions must be acutely aware of the potential threats that hackers pose to their business and reputation, the security issues they need to consider when choosing an online video, calls, messaging and file sharing platform, as well as the practical measures they can take to protect their company and its interests.

The problem is real, and it’s one that is on the minds of those responsible for protecting not only internal company data, but also that of their complex chain of suppliers and clients. With the Forcepoint and WSJ Intelligence survey also revealing less than half (46%) regularly reviewed their cyber security strategy – coupled with more and more companies relying on video technology for remote working – the likelihood, and therefore the risk, of a security breach is significantly higher.

When it comes to technology to keep us connected, there are many different platforms available that those in the finance industry could use for remote working with some having been around for a long time, but how many of them are as secure as they need them to be? As hackers become increasingly sophisticated, it’s crucial companies check that the systems they use have moved with the times, and that they continue to review and improve the security of the technology they rely on to communicate.

Here are my top tips to consider when choosing a secure videoconferencing, calls, messaging and file-sharing platform to facilitate remote working for businesses in the finance industry:

 

Avoid allowing the use of ‘unofficial’ social media platforms

A simple step here is to have policies in place to insist your employees use systems approved by their employer, rather than using popular social media messaging platforms for business communications. These platforms are inherently risky and despite claims about encryption, are often compromised, providing a gateway to other data on your computer or mobile device.

 

Keep everything to one application

Use a supported enterprise system that meets true end-to-end Advanced Encryption Standard (AES) 256-bit encryption. This might sound costly and overly ‘techy’, but in reality is very cost effective, especially when compared to the potential reputational and financial costs of a data breach.

Ideally, choose a system where all features are integrated within one application (app), so that messaging, calling, video conferencing and file sharing stays within one eco-system. As soon as users need to go ‘outside’ the system, the risk from hackers opens up.

 

Keep things simple

Remember, not all your employees will be tech experts. Staff productivity will benefit from having easy to use platforms that work in a similar way to those employees are used to using every day on their computers and mobile devices. Even better, look for a system that works on their own devices without the need to install sophisticated new software.

 

Invest in training

It is vital that companies working in the financial sphere implement cyber-security training for all its staff to make them aware of the risks and gain their buy-in for its online security policies. Consider extending this training to all companies and individuals in the supply chain, including contractors and clients. These interdependent supply chains can be undermined through ransomware attacks and service disruptions. Your company may have state of the art cyber-security, but if your interdependent supply chain doesn’t, then you have a weak link.

 

Consider the costs

Think about the cost in terms of productivity, reputational damage and even potential fines rising from data protection breaches. Do your homework before choosing a platform; where will your communication be routed? Where are the servers based? Are they trusted and do they directly support your business needs? Some systems offer features that are better suited for social use, but the development costs are often recovered through charging business users.

Aim for a system that is designed for your business needs and don’t pay for features you don’t need. Security standards can never be too high, and the system needs to have high fidelity in terms of video and audio quality. Go for a system that can be used via mobile devices and the web without having to be installed onto computers or local servers.

 

John Parkinson OBE is a former UK Police Chief and Senior National Counter Terrorism Coordinator. With broad experience as an international security consultant he is now president of US tech company Secured Communications, which recently launched its Mercury secure video conferencing, audio calling, messaging and file transfer platform in the UK.

 

Technology

BIOMETRICS: BALANCING SECURITY WITH CONVENIENCE

Published

on

By

Jean Fang, Authentication Product Manager and Joël Di Manno, Authentication and Biometrics Laboratory Service Line Manager at Fime

 

From a person’s face to their iris, voice or fingerprint, biometric solutions are giving us new ways to authenticate ourselves when using a device or making a payment. Research suggests that the global facial recognition market alone will be worth up to $13.87 billion by 2028, with other modes of authentication following a similar growth pattern.

The trend towards biometric authentication has been further accelerated by the global pandemic. Hygienic touchless identification solutions have become critically important. And, with customers already familiar with using biometric solutions on their phones, the growth of this industry only looks to continue. In this blog we will evaluate this growth and discuss some of the potential opportunities and challenges that lie ahead.

 

Addressing fragmentation

Biometric authentication is an innovative and rapidly evolving technology. However, the speed with which it has developed brings with it unique challenges. The technology operates within a largely non-standardized ecosystem, meaning that it is fragmented on many fundamental issues. Little regulates how manufacturers and developers create and implement solutions.

The fragmentation that currently exists means that developers and manufacturers face three main challenges:

  • Increasing interoperability and adaptability.
  • Looking for a standardized certification process.
  • Formulating uniform benchmarking practices to allow developers to compare key performance metrics.

Addressing these three concerns will help create a simpler, more standardized biometrics ecosystem, allowing innovations to reach the market quicker and cheaper.

 

Security vs UX

The most notable emerging use cases for biometrics are payment authentication, access control and government administrative projects. All three require access to extremely personal data, and therefore it is essential for them to have very strong security.

Perhaps the major selling point of biometric solutions is their ability to provide the necessary security while enhancing the user experience (UX). However, overly-stringent security can negatively impact the UX. Therefore, there must be a trade-off between the two.

The best way to understand this balance is by comparing the False Acceptance Rate (FAR) with the False Rejection Rate (FRR). A low FAR gives a good indication that a solution is secure, as it only accepts the right user. Meanwhile, a high FRR provides a very high level of security, but creates friction – and potentially damages the UX – as it prevents genuine individuals from authenticating. Striking the right balance between these two is crucial to maintaining high security standards without creating a poor UX.

 

Multiple modalities for multiple solutions

The adaptability of biometric solutions means that original equipment manufacturers (OEMs) must constantly evaluate the available solutions and determine which is the best for their device. OEMs must develop a clear strategy to determine which biometric modality is best suited, factoring in cost, UX, speed and security.

However, there are also situations where device manufacturers may want to utilize multiple modalities. This can benefit both the UX and security of their solution, as it can address numerous concerns:

  • It can account for environmental concerns. For example, if a user is wearing gloves due to cold weather, making fingerprint scanning impossible, authentication can be achieved another way.
  • For high-risk authentications, multiple modalities can be utilized at once to achieve heightened security.
  • It also allows for adaptability regarding any future changes to the industry or regulatory requirements.

Determining which modalities will best serve a device and its deployment is one of the major challenges OEMs and developers face. The current lack of standardization only further complicates this. However, as the field grows and becomes less fragmented, the multimodality of biometric solutions will facilitate innovation and security for years to come.

 

Just the beginning

Biometrics have become a fixture of consumers’ everyday lives, but the huge successes seen in mobile technologies have not yet translated to other sectors. Innovations continue to push the boundaries of how we use biometrics, as they are rolled out in workplaces, homes and transportation. To reach widespread adoption, companies need to provide customers with assurance that their products are secure. Standardized testing and certification lay the foundations for this.

Biometric technologies continue to evolve daily, which means that the regulations and requirements that govern them need to do likewise. Standardizing the entire ecosystem would allow developers and OEMs to regularly test their products against uniform benchmarks, ensuring they are secure while keeping costs down and launching quicker.

 

Continue Reading

Technology

HOW CAN THE PAYMENTS INDUSTRY PREPARE FOR SCA WITH BIOMETRICS?

Published

on

By

By Vince Graziani, CEO, IDEX Biometrics ASA

 

Significant developments are afoot in the retail and payments industry, with vendors needing to prepare for Strong Customer Authentication (SCA). It’s set to be the most significant change to how people pay for things, not only online but also for card-present retailers across Europe. The deadline for compliance with the regulation has recently been extended again, this time to March 2022.

This is now the third time the deadline for retailer compliance has been pushed back, with the Financial Conduct Authority (FCA) worried vendors are not prepared for the new payment security approach. Which raises the question, will SCA every really take off?  Well, for retailers the extended deadline can be viewed in a positive light. The fact that there are now a further ten months to pilot and then launch their response gives retailers more time to adapt their authentication and verification tools. But it’s also a benefit for banks and payment providers too.

The ongoing delay to the SCA will give the payments industry extra time to prepare for the rollout of the directive so they can deliver a secure SCA payment option to consumers. If the payment ecosystem fails to use this time to prepare or implement the right technology to comply with this new ruling, it will open consumers up to a significant threat of card fraud.

 

Vince Graziani

The challenges faced within the retail space

There has been a large amount of focus on the implications of SCA when shopping online; however, face to face purchases will also need to be revisited. Even when using a card physically, SCA will require two-factor authentication for every purchase made over the contactless limit. This additional layer of protection provides a more stringent authentication process that will help to keep millions of accounts safe from both traditional fraudsters and cybercriminals.

Two-factor authentication means that not only will the user need to provide their details when making a purchase, they’ll also have to confirm their identity with:

  • something they know (a PIN or password),
  • something they have (such as a smartphone),
  • or something they are (biometric face or voice features or a fingerprint).

Once implemented, this will be beneficial in protecting consumers, however, getting to this stage will be a challenge. The requirements are set to cause widespread disruption to the retail space. The introduction of SCA will require in person merchants and card issuers as well as online Payment Service Providers (PSPs), such as PayPal and WorldPay, to have in place the technical enhancements and testing needed by the deadline.

 

Educating the shopping public on SCA

This presents a significant logistical challenge; maintaining effective fraud prevention while keeping an optimised customer experience is not easy. But perhaps the biggest challenge of all is that consumers themselves still aren’t entirely aware of SCA or what will be expected of them come March.

The introduction of SCA demands collaboration within the industry to educate consumers, but ultimately it is up to payment providers to provide a reliable, secure and SCA-approved method of payment to consumers. Providers must also ensure that the method they choose is not only up to standard but is affordable and accessible to all.

 

Preparing for the future of secure payments with biometrics

Biometric payment cards offer the answer for payment providers to help prepare for SCA. Not only will these cards – with inbuilt fingerprint sensors to verify ownership – provide strong customer authentication, but they also come with the added benefit of convenience. Validating your payment with a fingerprint speeds up the transaction process and removes the requirement of PINs or the use of a smartphone.

Biometric fingerprint payment cards offer banks and payment providers, an opportunity to embrace payment innovation that will help them meet these new secure forms of authentication with confidence and ease.

It is worth noting that some payment card manufacturers, such as IDEMIA, are already preparing biometric payment card solutions. These will be ready for banks and card issuers to adopt so they have the time they need to pilot and roll out the new payment method before the new SCA deadline is imposed.

The FCA has also outlined previously that long-term authentication through biometrics and mobile app-based solutions is the future of secure payments. The use of biometric payment cards to authenticate online payments will offer an important way for retailers to balance security measures that comply with the SCA regulation whilst also delivering ease of use for the consumer.

 

Continue Reading

Magazine

Trending

Business3 days ago

HOW TO CREATE A PROFORMA INCOME STATEMENT FOR YOUR STARTUP?

There are two reasons why you are on this page right now. First, you are just starting with your business,...

News3 days ago

EXPERTS SHARE SIX STEPS TO RAISING MONEY SAVVY KIDS

The ability to manage finances is not something that is known naturally; it must be taught to us as we...

News4 days ago

CORE BANKING FINTECH OHPEN APPOINTS JERRY MULLE AS UK MD TO FUEL CONTINUED GLOBAL EXPANSION

Ohpen, the first fintech platform to bring a bank to the cloud, today announces the appointment of Jerry Mulle as its new UK Managing Director,...

Technology4 days ago

BIOMETRICS: BALANCING SECURITY WITH CONVENIENCE

Jean Fang, Authentication Product Manager and Joël Di Manno, Authentication and Biometrics Laboratory Service Line Manager at Fime   From...

News4 days ago

THE VALUE OF A HEALTHCARE ADVISER

By Rachel Janssens, principal consultant at Alexander Forbes Health   Navigating the vast number of schemes available and sifting through all...

Wealth Management5 days ago

WHAT WILL TRADING FLOORS OF A POST-COVID WORLD LOOK LIKE?

Ganesh Iyer, Chief Marketing and Strategy Officer, IPC   The last year brought around a monumental change to the way...

Business5 days ago

WAYS TO KEEP YOUR HYBRID WORKPLACE SECURE FROM THE IRREVERSIBLE DAMAGE OF A CYBER ATTACK

By Alex Bransome, CISO at Doherty Associates, specialists in managing and securing cloud services in the finance sector.   A recent in-depth study into 3000 UK...

News6 days ago

CONTOUR DRIVES TRADE GROWTH FOR BANGLADESH BUSINESSES WITH DOMESTIC LETTERS OF CREDIT

Aims to onboard 50+ corporates supported by Bangladeshi and international banks in next six months   Contour has launched its...

Business6 days ago

A LOW-CODE LONDON MARKET – THE KEY TO INDUSTRY FUTUREPROOFING

By Richard Farrell, Chief Innovation Officer at Netcall   Aged 332 years, the London Market isn’t new to the need to modernise....

Banking6 days ago

LEGACY INFRASTRUCTURES MUSTN’T HOLD BACK INNOVATION IN FINANCIAL SERVICES

Ian Perry, Principal Solution Architect at Zscaler   We are living in a changed world; one of hybrid home/office work...

Finance6 days ago

HOW CFOS CAN TAKE A HOLISTIC APPROACH TO ENTERPRISE AGILITY

Frederic Portal, Financials Product Marketing Director, at Workday   Whether brought on by a market shift, technological innovation or as we...

Technology6 days ago

HOW CAN THE PAYMENTS INDUSTRY PREPARE FOR SCA WITH BIOMETRICS?

By Vince Graziani, CEO, IDEX Biometrics ASA   Significant developments are afoot in the retail and payments industry, with vendors...

News6 days ago

NEXO STANDARDS EXPANDS SCOPE BEYOND CARD-BASED TRANSACTIONS

Advancements will ease integration of payment acceptance solutions across a range of transaction technology   nexo standards, which offers the...

News6 days ago

TRUSTONIC AND SYNTHESIS PARTNER TO MAKE PIN ENTRY POSSIBLE AND UNLOCK THE MOBILE POINT OF SALE MARKET

Cybersecurity technology leader Trustonic today announces its partnership with software and consulting company Synthesis Software Technologies to increase the opportunities available to businesses...

Business7 days ago

HOW TO ENHANCE THE CUSTOMER EXPERIENCE IN YOUR RETAIL STORE

Do you own your own retail store? Are you hoping that 2021 is the year you are able to grow...

Finance7 days ago

THREE STEPS TO ENSURE RECOVERY OF COVID LOANS GOES SMOOTHLY

In the wake of the pandemic, the government acted quickly to provide financial Covid support packages to help struggling businesses....

News7 days ago

SALESFORCE EXPANDS ITS FINANCIAL SERVICES OFFERINGS WITH NEW PRODUCTS FOR CORPORATE AND INVESTMENT BANKING

Tailored tools integrated into Financial Services Cloud support the industry’s transition to digital-first, helping deals get done from anywhere New...

Finance7 days ago

FOUR STEPS TO INTEGRATING INTELLIGENT AUTOMATION IN THE FINANCE DEPARTMENT

Marieke Saeij, CEO of Visma | Onguard   It’s clear that Intelligent Automation (IA) is still very much an emerging...

Technology7 days ago

READING BETWEEN THE BUZZWORDS: DISCOVERING THE POWER OF INTELLIGENT AUTOMATION?

by Yad Jaura, Product Marketing Manager at Netcall    The nature of automation means that new technologies, ideas and solutions are frequently...

Finance7 days ago

FOR THE FINANCIAL SERVICES INDUSTRY TO THRIVE POST-COVID-19, AUTOMATION WILL BE KEY

By Anubhav Mehrotra- Vice President and Head of Financial Services, UK & Ireland, HCL Technologies.   The economic challenges emerging...

Trending