Connect with us

Finance

HOW FINANCIAL ORGANIZATIONS CAN PROTECT THEIR DATA

Published

on

Yuval Wollman, President, CyberProof and Chief Cyber Officer, UST

 

Top executives from Wall Street’s largest banks pinpointed cybersecurity as the greatest threat to America’s financial system, at a Congressional hearing that took place in May.

The concern of financial industry leaders with cyber-attacks is neither surprising, nor new. The attraction of cybercriminals to banks and other financial institutions makes sense, given the fact that the financial sector functions as gatekeepers – not just of financial assets, but also of valuable Personally identifiable information (PII).

Threat actors are attracted to attack financial institutions to earn a profit through increasingly sophisticated attacks that range from ransomware attacks to identity theft. But while the threat continues to grow, there is much that can be done to mitigate the risks.

 

The Downsides of Digital Banking

The number of attacks on financial institutions increased sharply in the last two years due to the upheavals wrought by COVID-19, which prompted a dramatic rise in the number of online transactions.

With so much of today’s financial transactions done on both web and mobile devices, threat actors have more opportunities than ever before. Take, for example, the growing importance of Man in the Middle (MITM) Attacks, which impersonate another party online and give criminals access to personal data, passwords, and banking details.

With the widespread adoption of digital banking, consumers have become increasingly worried about cyber-attack. As a result, there’s growing demand to create better consumer protection laws that respond to the rapidly evolving technology. The U.S. Federal Trade Commission (FTC), for example, recently strengthened security safeguards for consumer financial information.

 

It’s Not “Just” About the Money

Financial organizations are at risk not just from threat actors looking for profit, but also from nation-states and hacktivists acting out of idealistic motives or as a means of achieving specific political ends.

The most famous examples of this type of attack include Russia’s 2016 attack on Ukraine’s electric grid and North Korea’s 2017 attack on Britain’s National Health Service.

Because of the extent of the damage that this type of attack could cause, NATO established cyberspace as the “fifth domain of warfare” in 2016. It developed a definition of when foreign factions are banned from attacking financial institutions, due to the fear that this type of attack could directly lead to a country’s destabilization.

 

Recognizing Risk Factors

The digital transformation of financial services helps banks and other financial institutions provide more a more convenient customer experience.

And while significant customer demand has led many banks to implement changes such as the transition from legacy to cloud-based solutions, these shifts also have the potential to create additional security risks.

For example, if we’re talking specifically about cloud migration, there’s need for additional security layers to protect organizations working with public cloud providers from the range of attacks targeting the financial sector: ransomware, account takeover, data theft and manipulation, phishing attacks, identity theft, and more.

Another example is the extensive use of third-party vendors, which has increased the risk of attack for organizations in the financial sector. Because third-party vendors enlarge the attack surface, they create more entry points to the system and make it harder to protect customer data.

 

Accelerating Detection & Response

By adopting an agile approach that supports continuous improvement, financial organizations can facilitate proactive identification of evolving threats and vulnerabilities in the wild. More specifically, by placing an emphasis on use case optimization – which starts by mapping out an organization’s threat detection gaps to a framework such as MITRE ATT&CK – enterprises can prioritize threats and invest their time and resources in mitigating risk more effectively.

For organizations transitioning to the cloud, what’s key is managing the migration process in a way that provides optimal visibility in the cloud and supports ongoing optimization at the enterprise level. Digital playbooks are a crucial tool in providing improved detection and response, creating automated or guided responses that allow faster, more effective, collaborative action.

The development and regular review of incident response plans similarly allows for efficient response in emergency situations and helps reduce the business impact of cyber-attacks.

 

Targeted Threat Intelligence

Threat intelligence that’s tailored to the financial services sector is another key component of timely detection and response. By working with expert Cyber Threat Intelligence (CTI) services, organizations can obtain up-to-date information about industry-specific threats in real time – information that is a highly valuable tool in strengthening the defense of an enterprise.

 

Cyber Hygiene

Employees make mistakes; after all, it’s only human. But these errors can lead to massive data breaches. For example, when someone clicks on a phishing email or leaves passwords for a company computer on a slip of paper that’s easily seen by the wrong person, the damage can be astronomical.

Providing regular cybersecurity training programs for employees can help minimize the risk of an accidental or careless action leading to cyber-attack. To be effective, training programs should not only explain how to spot cybersecurity risks like phishing emails but should also discuss how and where it’s safe to access company information.

Aside from employee training, there are fundamental cybersecurity-related decisions that should be implemented at the enterprise level such as Zero Trust, DevSecOps, and multi-factor authentication (MFA). From a policy perspective, for example, it’s crucial to enforce MFA for all applications. Moreover, technology-related vulnerabilities can be minimized through frequent patching and updates for systems. Audits, as well as vulnerability and penetration tests, must be conducted regularly.

 

For the Financial Sector, “Best Practices” are Key

With the growth in number and complexity of cybersecurity attacks on financial organizations and the increased risk of nation-state attacks, proactively approaching the question of cybersecurity and implementing “best practices” makes the difference in reducing the degree of risk to an enterprise.

By modernizing the SOC with a carefully navigated migration to the cloud, adopting continuous improvement of use cases and the development of digital playbooks that improve detection and response – as well as by leveraging targeted threat intelligence and maintaining strong cyber hygiene – enterprises can put themselves in a stronger position to minimize the potential business impact of a cyber-attack on their organizations.

 

Finance

astrantiaPay Selects SaaScada to Enrich Swiss Landscape of Business Payments and Fill Market Gap

Published

on

By

Swiss financial firm, astrantiaPay, to use SaaScada’s cloud-native core banking engine to simplify cross-border payments for SMEs and facilitate international trade and services across the old and new economies

 Cloud-native core banking engine, SaaScada, today announced it was selected by astrantiaPay to launch a Swiss point of contact for international businesses looking to open and run corporate bank accounts in Switzerland. Once regulatory approval is in place, astrantiaPay will provide mission-critical payment services to sophisticated Swiss, European, and global companies.

“Promoting SMEs is high on the agenda of policymakers, but the reality is very different when dealing directly with banks. In fact, financial institutions often show little or no appetite for low-margin, labour-intensive company accounts with regular cross-border payments”, explains Lukas Wissner, CEO of astrantiaPay. “As a result, opening and maintaining corporate bank accounts can become a complex and costly procedure, posing a real challenge for Swiss and European start-ups and established businesses. This can hinder growth, and sometimes even threaten a company’s existence. Ultimately, corporate bank accounts with a foreign nexus are an underserved niche segment in the Swiss financial ecosystem which is historically dominated by asset managers and private banking.”

SaaScada is an industry-proven core banking system that unlocks trapped customer value, mitigates risk, and drives real-time data insights. It was founded from a desire to provide first-class financial services capabilities for everyone. SaaScada’s configurable product features and transactional ledgers can be connected to any payment scheme, gateway, channel, or FX provider. Its event-driven architecture will provide astrantiaPay with a real-time stream of events for each company account.

“SaaScada’s experience and deep understanding of how to execute a bank in the Swiss financial and regulatory landscape convinced us,” concludes Lukas Wissner. “Looking back, SaaScada was the right starting point on our integration journey, as its experienced team of programmers readily enable open API connections to virtually any data source and endpoint; be it software tools for onboarding, client relationship management (CRM) and transaction monitoring (TM), or accounting systems, payment aggregators and international correspondent banks. Leveraging SaaScada’s proficiency and infrastructure has helped us create an organic whole.”

“Lukas Wissner and the team at astrantiaPay have a distinct vision to make bank account opening simpler for international SMEs,” explains Nelson Wootton, Co-Founder and CEO at SaaScada. “SaaScada is delighted to support astrantiaPay in driving financial inclusivity for its customers, solving complex compliance challenges, and enabling SMEs to thrive.”

Continue Reading

Banking

How Biometric Payments Are Tackling Financial Exclusion

Published

on

By Catharina Eklof, CCO, IDEX Biometrics

We are moving closer to a cashless society: 89% of payments in the UK are contactless and, globally, contactless payment transaction values are set to surpass $10 trillion by 2027. Ease, convenience, security, and inclusion have accelerated the transition away from cash. However, many of today’s current payment solutions are leaving entire cross sections of society behind: including the most vulnerable, underserved, and unbanked populations.

Developments in the payment sector over the past decade still aren’t a perfect fit for all. Those suffering from dementia, literacy challenges, or impaired vision can find current payment methods – with a PIN to remember – extremely challenging. Financial inclusion requires us to make payments accessible to all demographics. Though the financially excluded represent minorities, they account for an estimated 1.7 billion people – almost a third of adults globally.

Enabled by huge advances in technology, our evolving social dialogue has become accelerated and unfettered, on a global scale. It is critical to harness technology as a force for dynamic economic improvement: democratizing access to banking and payments. As such, we need to look beyond mobile wallets or digital payments and support those in need of easier access to payment and fintech solutions. A more inclusive form of payment technology is essential.

Catharina Eklof

 

Personal Identity as the New Pin Code

Many communities remain vulnerable or underserved by the functionality of traditional payment solutions such as bank cards. These products are, at their core, only linked to the owner by way of name and signature, offering limited security and protection. With contactless payments, no link whatsoever is required to a card for payment.

In an increasingly contactless society, fraud and digital security are growing concerns. Credit and debit cards can be used by anyone, and card readers don’t understand if cards have been apprehended illegally. Vulnerable groups may also struggle to input their credentials into what can be, for some, a complex system. Empowering those vulnerable groups therefore means providing them with the independence to access payments with greater ease.

Biometric payment cards play a significant role in bridging the gap between the financially underserved and the financially included. Simple and secure financial authentication, like facial or fingerprint recognition, allow payments to become about who a person is rather than what they know or remember. If individuals can be personally linked to a payment card via biometrics, it can address the significant 1.1 billion people worldwide who are currently without official government identification or access to it. In Nigeria alone, 149 million individuals lack the legal means to evidence their identity, while in South Africa, 12 million individuals are excluded from the country’s formal identity system.

Fingerprint authentication has the added benefit of optimizing security, in that it requires the individual to opt into a purchase, avoiding any issues of unauthorized or unintentional payments from having a reader placed near the card owner’s face. This provides increased independence for the blind and visually impaired, who account for an estimated 2.2 billion people globally, as it allows for seamless payment authentication without sensory barriers. Similarly, biometric smart cards can be transformative for more than 55 million people living with dementia and Alzheimer’s, as it enables access to payment without the difficulty of remembering passcodes.

Literacy is also a little talked about hurdle to inclusion. Globally, there are 750 million “functionally illiterate” individuals struggling to use and understand financial products. Across all levels of education, biometric authentication is a universally inclusive concept. It is easy to communicate and understand that one’s fingerprint is inherent to their identity, and can act as a form of verification. Biometric smart cards facilitate and secure payments with ease by simply requiring their fingerprint to instantly authenticate their own card.

 

Pushing on With Progress

Even the most reluctant individuals are likely to have succumbed to contactless payments and some form of digitized banking in recent times. This will have the positive impact of making the needed transition to biometrics more seamless. Using fingerprints or facial recognition to unlock phones or access apps is not unusual. If anything, they have been convenient and comforting additions to the surge of tech innovations over the last couple of decades. There is a relief in knowing that these portals are being secured by methods that are almost impossible to replicate.

It is a breakthrough that financial players and governments in the world’s most developed countries still need to catch up with, as emerging economies have already capitalized on biometrics’ capabilities for almost a decade now. In India, for example, internal fraud and leakage from pension payments dropped by 47 percent after transitioning from cash to biometric smart cards. Because the solution bypasses the need for prior credit ratings or credentials, the country has also been able to catalyze safe online banking among previously unbanked adults since biometrics’ introduction in 2014.

Meanwhile, in Pakistan, the total number of mobile wallet accounts tripled from 5 to 15 million in 2015, with an estimated 50 percent of new registered mobile wallet accounts opened using biometric authentication. This was a result of Pakistan’s National Database and Registration Authority’s (NADRA’s) effort of collecting biometric information to allow for more convenient and democratic account opening processes.

Many around the world have been marginalized by both the pace of change in banking and the solutions that have, to this point, been created to accommodate such change. With the mass adoption of biometric smart cards, the same benefits seen in India could be realized on a global scale. If we take on the opportunity in front of us – promoting solutions like biometric smart cards to increase accessibility to the global economy – we will foster a digitally-focused, equitable and inclusive society. This doesn’t just mean ease and convenience, but also security for all and financial inclusion of those who have been left out of digital evolution, until now.

Continue Reading

Magazine

Trending

Banking2 mins ago

BANKING FOR BETTER 

By Alex Kwiatkowski, Director of Global Financial Services, SAS. From shifting market dynamics and mounting geopolitical tensions, to skyrocketing cyber threats...

Banking6 mins ago

Why traditional banks need to embrace the agility of fintech competitors

Paul Higgins, EMEA Banking Lead, Mendix   Tech has long played a role in the finance space. The legacy applications running...

Technology13 mins ago

SaaS Procurement’s Silver Bullet – How Automation is Changing the Game

Sven Lackinger, Co-Founder, Sastrify   Sven Lackinger is Co-Founder at Sastrify, the digital procurement platform for Software-as-a-Service products. Founded in...

News1 hour ago

Tata Motors partners with IndusInd Bank to offer exclusive Electric Vehicle Dealer Financing

Key Highlights:   One-of-its kind Electric Vehicle Inventory Financing program for Tata Motors’ dealers  Limits extended towards EVs will be over...

Finance1 hour ago

astrantiaPay Selects SaaScada to Enrich Swiss Landscape of Business Payments and Fill Market Gap

Swiss financial firm, astrantiaPay, to use SaaScada’s cloud-native core banking engine to simplify cross-border payments for SMEs and facilitate international...

Business15 hours ago

How Big Data is Transforming Bilateral Trading

By Stuart Smith, Co-Head Business Development – Data & Risk   Since its inception, Big Data has been an important...

Banking16 hours ago

Three tips to help banks profit from the rise of managed services

By Chris Mills, Global Head of Managed Services Sales, Finastra Research from IDC finds that only 29% of banks claim...

Banking16 hours ago

How Biometric Payments Are Tackling Financial Exclusion

By Catharina Eklof, CCO, IDEX Biometrics We are moving closer to a cashless society: 89% of payments in the UK...

Banking2 days ago

Poor software testing puts banks at high risk of IT failures

 Sune Engsig, VP Product at Leapwork   IT failures have plagued the banking industry for several years. From the TSB computer...

Finance2 days ago

The Importance of Experienced Customer Service Advisors in Finance

If there is one thing which can be said about the finance sector, it would be that as a customer-facing...

Business4 days ago

Financial Services Makes Gains In Employee Engagement

By Phil Chambers, GM Workday Peakon Employee Voice    A new report shows that the financial services industry improved in...

Business4 days ago

The FTX collapse: Lessons learnt for the CFO

Hartmut Wagner ,CEO of Serrala   ‘A complete absence of trustworthy financial information’ were the words used to describe the...

Business5 days ago

Black Friday, Cyber Monday and beyond: The inevitable shift to mcommerce

Arunabh Madhur, Regional VP & Head Business EMEA at SHAREit Group   Last year, we saw explosive growth in Black...

Business5 days ago

Keeping your options open and flexible: How to manage cloud migration for Financial Services Organisations

By Rachel Mcelroy, Marketing Director at Cloud Gateway   Financial Services Organisations, such as banks, insurance firms, and accounting firms,...

Business5 days ago

What makes a good entrepreneur?

By Emma Lewis, Myriad Associates Ireland   Many of us have dreamed of coming up with the next big thing...

Finance5 days ago

Things To Think About Before Starting Your Cryptocurrency Investment Journey

Making the decision to start investing can be an exciting time. Knowing that you’re going to be taking a more...

Banking5 days ago

How banks can increase customer acquisition and user engagement with sustainability

By Karolina Szweda, Head of Growth Marketing at Connect Earth Young people are demanding more innovation from traditional financial institutions,...

Banking5 days ago

The new blueprint for Open Finance? – A look inside the new Saudi Open Banking Framework

Chris Michael, Co-Founder & CEO, Ozone API   It has been a genuine privilege for all of us at Ozone...

Business6 days ago

How intelligent AP automation can put construction businesses on solid ground for growth

Cody Manning, NORAM Chief Sales Officer at Yooz   The ability to access personal emails, utility bills, invoices and other...

Finance6 days ago

Unlocking the power of AP Automation to tackle payment fraud in an economic downturn

Daniel Ball, SVP Innovation at Medius   Fraudulent activity in the workplace is not stopping any time soon. According to...

Trending