By Gabriel Schild, Executive Director Digital Business Transformation at Verizon Enterprise
Banks and financial institutions are responsible for customer’s money and sensitive financial information and are held to a higher standard for security. Data breaches can have severe consequences and cost a bank much more than just stolen information or funds. A cyberattack can significantly damage a company’s reputation, tarnishing its image for years and costing it customers over time. A successful data breach also diverts time and resources from a bank’s usual operations to fixing the problem. Banks have a lot to loose from a breach but fortunately there is also a lot they can do to protect their data and the data of their customers. To do so, they must understand the nature of cyberattacks in the financial services industry and what security measures will most effectively reduce their risks.
According to Verizon’s 2019 Data Breach Investigations Report (DBIR), 88 percent of all cyber incidents within the financial services and insurance industries were financially motivated. Cyber attackers look for the easiest path possible to financial gain and the financial services industry can be a cash cow. Within the space, many cyberattacks target web applications (like cloud-based email) with the use of phishing and stolen credentials. Threat actors send phishing scams to trick users into sharing their email credentials and then use these stolen credentials to access the email account and other company systems. From there, the attacker can send fraudulent emails to customers and request funds from other employees.
Phishing has been a security concern for years but the threat continues to evolve. It’s not just rank-and-file employees who get caught in these scams – C-level executives are increasingly the target in phishing attacks. The DBIR found that senior executives were twelve times more likely to be the target of a phishing attempt than in previous years. Click-through rates on phishing links are declining (in test simulations, rates fell from 24 percent to 3 percent in the past seven years) but research shows that mobile users are more susceptible to phishing.
Cyber attackers also steal credentials or compromise financial accounts via banking Trojan botnets – malware designed to capture login details and steal information. Denial of Service (DoS) attacks are now common and are used by attackers to disrupt services by flooding the bandwidth of a system to overload it. These kinds of attacks are pervasive – data shows over 40,000 breaches in the financial sector associated with botnets and 575 DoS incidents.
While the majority of breaches in the financial services industry are perpetrated by external actors (72 percent of threat actors are external), privilege misuse and miscellaneous errors by internal actors are also common. Misuse is characterized as the unapproved or malicious use of organizational resources. Employees may misuse their access for personal gain – either to steal money directly or to take sensitive information to give them an advantage at another company. Internal actor involvement in a data breach, however, does not necessarily indicate malicious intentions. Miscellaneous errors include incidents in which unintentional actions result in a security compromise, such as misconfiguring servers to allow for unwanted access or publishing data to a server that should not have been accessible by all site viewers.
Physical attacks against ATMs and card-present breaches involving point-of-sale environments continue to decline, at least in part because of the progress made in the implementation of chip and pin payment technology. While it is much less common for cards to be skimmed a cash registers, banks and retailers must now combat malware attacks on e-commerce applications that gather users’ payment information.
The good news is financial service organizations can take several steps to lower their risk of a data breach and defend against different means of attack common in their industry. The cybersecurity measures and methods that financial companies should consider include:
- Phishing prevention: Hold frequent employee trainings so they can recognize and avoid phishing scams and give employees an easy way to report phishing attempts. The majority of phishing emails are most successful in the first hour, so a good reporting system can prevent future clicks by alerting the entire organization of a phishing attempt early on. Looking beyond employees, banks can also spread security awareness to customers on the prevalence and danger of phishing.
- Two factor authentication (2FA): Financial companies should use two-factor authentication on customer-facing applications and any cloud-based email accounts. With 2FA, even if bad actors steal a set of credentials, they can’t easily access the system because it requires additional information to authorize access.
- Monitor system access: To avoid and detect privilege misuse, banks should monitor and log employee access to sensitive financial data. They should make it clear to employees that system activities are supervised for fraudulent transactions.
- Malware monitoring and protection: Financial services organizations should monitor their systems for suspicious behaviors that indicate a botnet or DoS attack or presence of malware. Additionally, they should ensure that they have adequate protection against these attacks by implementing anti-malware defenses.
Companies can reduce their risk of cyberattack by remaining vigilant about system activity and access, implementing authentication safeguards and by training employees to be aware of phishing attempts. These security measures can help financial services companies from falling victim to data breaches and keep their customers – and their money – safe from cyberattacks.
WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?
By Ken Timsit, ConsenSys
Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting experiments aimed at determining whether networks based on blockchain technology can ultimately – in whole or in part – replace the infrastructure on which financial institutions and capital markets are built.
In today’s electronic databases, any information can theoretically be replicated at will. This is why most governments allow only regulated actors to keep records of digitized assets (banks, depositories), to avoid pitfalls such as the execution of misleading transactions or the creation of artificial assets. With blockchain, these pitfalls can be avoided at the source code of the technology, which is available to all members of the network. The creation of Ethereum enabled a more robust blockchain network capable of “smart contracts”, which once programmed, can run automatically without the results being modified or manipulated.
Contrary to what some critics argue, the potential of the blockchain is not the creation of a free and unregulated space in which everyone can invent new financial instruments. Rather, the potential lies in creating a much more efficient and globalized commercial and financial infrastructure, in which many layers of control and intermediation are no longer needed as they are replaced by transparent and immutable IT rules that ensure the same risk management functions.
For example, bonds are essential financial instruments on which a large part of our economy and savings are based. The issue and exchange of a bond requires the intervention of several dozen financial institutions (issuers, intermediaries and investors). Some regulated players in this intermediary chain exist mainly to ensure that it is possible to know, at any time, who holds each bond, in order to guarantee their rights to its bearers.
It is theoretically possible to simplify these stacks of operators by linking them to a global blockchain network, open to all stakeholders in the industry. The blockchain network can thus ensure at any time that the number of outstanding bonds corresponds exactly to the number of bonds issued, and that each exchange transaction is carried out without the risk of default.
The blockchain revolution is first and foremost the reduction of costs and delays caused by the current financial infrastructure. The blockchain revolution also creates innovation opportunities for consumers, savers, and investors.
The Web3 revolution, often used to refer to the blockchain revolution, will be driven by the reduction in transaction costs, allowing the emergence of new peer-to-peer business models that we are not yet able to accurately predict, but which will probably participate in a rebalancing of the relationships between financial institutions and their clients. Some international peer-to-peer payment and loan-to-peer savings investment models are already attracting increasing interest from the most sophisticated consumers.
Where are we in 2020?
Today, the blockchain revolution is still in its infancy. Transaction volumes through blockchain networks, public and private, are low compared to those of existing systems. The fixed costs of the technology are still relatively high, and the user experience leaves something to be desired.
However, innovations abound. It is already possible for me, from my smartphone, to buy digital assets whose value is equal to about one US dollar, and to lend them in three clicks to other users who will pay me between 1% and 10% per year for this service, depending on the type of platform.
The number of large operational business projects is still small, but very promising. Numerous international commodity trading players have joined forces to create Vakt and komgo, two platforms that contribute to a significant simplification of trade and oil financing. Similar and competing projects, Voltron and Marco Polo, are being launched. On the corporate side, the Capbridge 1x platform (Singapore) already allows shares to be traded on an Ethereum blockchain network. Other important projects such as LiquidShare (France), SIX Digital Exchange (Switzerland), Daura (with Deutsche Borse and Swisscom in Switzerland), Synapse (Hong Kong Stock Exchange) are in preparation. The World Bank, Société Générale and Santander have issued bonds on an Ethereum blockchain network. These initiatives are still experimental but have attracted significant interest from financial institutions around the world.
And of course, many projects aim to revolutionize global payments by creating digital assets on blockchain networks that are fixed in Euros, U.S. Dollars or other currencies, such as those of the Monetary Authority of Singapore, the South African Reserve Bank, and Union Bank of the Philippines. Since the announcement of the Facebook-initiated Libra project, many governments have expressed concern about the possibility of private companies controlling global payment flows, and have asked their domestic financial institutions to redouble their efforts to explore competing initiatives.
All of this is to say that adoption is happening, albeit gradually. The middlemen and intermediaries of the financial world will not be replaced overnight. Moreover, the exact formation or architecture of the new financial system is impossible to predict with accuracy. However, it’s safe to say that blockchain will enable a financial system that is more efficient and yields more value-add to consumers, users, and investors.
RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020
Marie Tatibouet is the CMO at Gate.io
It has been a bold and progressive year for the digital asset market with exciting announcements flowing in from technology behemoths and government bodies around the world. However, Facebook’s launch announcement of Libra (though they are now facing regulatory issues) and China’s new cryptocurrency law caught all the attention, affecting the Bitcoin price, and the overall market sentiment.
In 2019, the global market saw several catalysts emerging for mainstream adoption despite increased scrutiny around several burning issues such as wash trading and security breaches. For over 400 cryptocurrency exchanges in the world, being able to constantly improve on aspects around user experience and fund security is the only way to be sustainable. However, only a handful have real trading volume and technical expertise to build strong trust in the community. For instance, global wash trading has been the hottest topic of discussion in 2019 but new rankings on CoinMarketCap clearly indicate that the industry is working towards eliminating market manipulation.
Looking back at 2019
In 2019, digital asset organisations have constantly innovated to attract users but at the same time, the trading process has become increasingly fragmented, spiking the time gap between new users becoming long-term users.
Holding & Lending Funds
Since 2014, the Bitcoin margin trading market has expanded from $10 million to $100 billion. Margin trading has been a great use case in the cryptocurrency space. Many exchanges launched the feature to provide diversity to the trading experience and attracting a huge amount of users to the platforms. It allows traders to multiply their profits on successful trades, providing a range of possibilities for both profits and losses.
Staking is a process where users can buy digital assets and earn interest by keeping (holding) them in a cryptocurrency wallet for a particular period of time. It has proved to be a strong use case for digital asset companies as it encourages user participation. In 2019, staking programs brought stable earnings for cryptocurrency investments made by the users. For instance, HODL & Earn launched by Gate.io in August 2019 has been bringing stable earnings for cryptocurrency investments made by its users. The competitive advantage for HODL & Earn is its annual interest rate, which is as high as 32%.
Crowdfunding as an approach to build and grow products has seen a lot of traction over the last decade or so. One of the highlights this year was the emergence of “Initial Exchanges Offerings”, more commonly termed as IEOs, an alternative to traditional IPOs where companies can raise funds by selling a quantity of digital assets to investors, supervised by cryptocurrency exchanges. With over 1.5 Billion funds raised, IEOs shook the entire cryptocurrency space in 2019.
Owing to the richness and variability that we have seen so far, there has been no one clear winner to pick, but there’s also no ignoring the leaders; Gate.io has the second best average IEO returns, raising over 80 million dollars in its first 5 projects and has similar offerings panned out for 2020.
Deals and Discounts
Discount deals are being increasingly leveraged by digital asset companies, encouraging users to maximize their capital. Holiday seasons such as Black Friday are packed with jaw-dropping discounts. However, as an industry, we should aim to integrate discounts in digital currencies into the mainstream world, which would bring price stability.
Dynamic User Relationship
Cryptocurrencies are being taken seriously and companies are designing consumer-specific strategies. It is a great indication of the fact that more and more people are interested in trading digital assets. However, we have a long way to go when it comes to tackling the industry challenges and unlocking value for the entire ecosystem.
Regulation, Security, and Mass Adoption
Central banks of the US, Europe, China, and Ghana are looking at creating their own central bank digital currencies, putting a structure to the adoption of the blockchain technology across finance and other industry verticals. Japan’s recent regulation amendments, China’s new crypto law have laid the right frameworks for mainstream crypto adoption.
While we have major countries pushing for the mainstream adoption, security remains a major concern. Cryptocurrency thefts and frauds in Q3, 2019 annual stand at USD 4.4 billion and this will only increase if fund safety mechanisms aren’t strengthened. Therefore, the strongest will survive as far as digital asset security is concerned.
Nonetheless, blockchain technology is helping to create an innovative and accessible financial system around the world and its mainstream adoption is closer than we can fathom.
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv Financial services firms are increasingly being told to embrace disruption in order...
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank Myanmar’s economy is one of the fastest growing in Asia...
WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION
Chris McLaughlin is chief product and marketing officer at Nuxeo Few would argue against the notion that the UK...
WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?
By Roberts Lasovskis, Investment Platform Lead, TWINO It’s a new year; time for resolutions and forward planning, positivity and...
WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK
Aaron Brooks, Co-Founder of Vamp For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...
DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET
Graham Glass, CEO of Cypher Learning What has enabled Cypher to continue to grow in an increasingly saturated market?...
WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?
By Ken Timsit, ConsenSys Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...
FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS
Rahul Singh, president of financial services at HCL Technologies We’ve just finished a very exciting decade in financial services, with new...
COMBATING INSURANCE FRAUD WITH MACHINE LEARNING
By Georgios Kapetanvasileiou, Analytical Consultant at SAS Most insurance companies depend on human expertise and business rules-based software to...
DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS
By Mike Smith, Executive Director, Virgin Media Business (Direct) Is there anything more frustrating than finding out your bank account...
BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND
battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...
VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES
HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach Leading customer onboarding and KYC technology...
WHY NEOBANKS ARE ON THE RISE IN THE UK
New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...
RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020
Marie Tatibouet is the CMO at Gate.io It has been a bold and progressive year for the digital asset...
WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?
Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....
HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?
By Steve Georgiou, Business Consultant at Xpedition Charities are under constant scrutiny for how they handle their finances. Budgets...
RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS
By Alex Balcombe, Partner at Harris Balcombe John Lewis, Tesco, and Hotpoint have all been in the news in...
THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN
Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...
MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION
New online portal leverages low-code’s speed and flexibility Mendix, a Siemens business and the global leader in low-code and...
RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED
By Gerard Visser, Financial Planning Consultant at Alexander Forbes There are a number of ways to save and a...