Connect with us

Finance

SMART DEVICES: THE CAUSE OF SECURITY HEADACHES FOR THE FINANCE INDUSTRY

Published

on

Tim Dinsmore, Director, Appurity

 

The financial services industry is stepping up the gears as part of its digital transformation journey. And whilst COVID and the associated pandemic has pushed organisations to embrace cloud services and mobile devices, the finance industry has already witnessed a massive increase in the adoption of mobile apps. Both employees and customers of financial services organisations are using tablets and smartphones more frequently for day-to-day operations and transactions. Most mobile devices can access cloud-based services and infrastructure which has facilitated remote working. And with corporate data now going wherever it’s required, organisations need to embrace modern security technologies and strategies to stay secure, competitive, and relevant on these smart devices.

It’s no exaggeration to say that the finance industry oversees valuable monetary assets and highly sensitive data. That makes financial institutions the perfect target for cybercriminals. To put that into context, IBM’s threat intelligence index placed the financial services sector as the number one target of cyberattacks in 2020 among all industries. So, what’s going on here and what strategies are available to those who operate in the finance industry?

Mobile devices and apps have allowed organisations to increase productivity and engagement across the board. Employees are able to stay connected wherever they are, and customers can access their financial data anytime, anywhere. With more and more users accessing cloud services and infrastructure from mobile devices, cyberattackers are deliberately targeting such devices to increase their odds of finding a vulnerable entry point. It only takes one single successful phishing or mobile ransomware attack for cyber thieves to be able to access all of the sensitive data and financial information we have already mentioned – proprietary market research, client financials, investment strategies etc.

Security teams need visibility of individual devices and the entire fleet while balancing end-user privacy and compliance with security requirements. In this way, you create a healthy balance between security and end-user privacy – essential where organisations enable bring-your-own-device (BYOD) in a highly regulated industry like financial services. In addition to securing employee mobile devices, consumer banks have an opportunity to protect their customer base. These days, a majority of banking customers use mobile devices as the primary way to access their accounts. It is critical that customer mobile devices are safe and secure and protected from the likes of phishing attacks, screen overlays and trojanised apps – all aiming to steal login credentials. And it is true that employees and customers can be as productive using smartphones or tablets as they are using desktop or laptop computers. However, if these mobile endpoints are not properly secured, you get the same security gaps as with users who don’t employ endpoint security on a laptop or desktop computer. All of this puts your organisation’s security architecture and compliance posture at risk.

 

Is Mobile Device Management (MDM) the solution?

At the end of the day, both managed and unmanaged mobile devices are at risk – but there has certainly been an increase in the percentage of managed devices in the financial services industry’s mobile fleets. But whilst deploying an MDM solution to try to implement basic controls over apps and devices outside the perimeter is a good start, it doesn’t provide security against mobile cyberthreats. This is especially true when it comes to protecting against phishing attacks. An MDM solution merely enables your administrators to set app and access policies. They do not provide the visibility necessary to monitor the risks that occur when employees are using apps and networks that you don’t control. Not the best scenario when you are trying to visualise the risks your organisation faces.

Many financial services providers have turned to managing devices to mitigate the risks associated with working from smartphones and tablets. And whilst this is a good first step, MDM still leaves employees exposed to more complex phishing, app and device threats that could compromise an entire organisation. The industry must also consider its customers, who prefer the mobile experience and inherently trust their financial services apps to be secure. While some mobile banking apps might implement security techniques into their app, such as app hardening to protect it from being reverse engineered, this isn’t enough to protect customers from threats like trojans and screen overlays.

 

Comprehensive Endpoint Security is Smarter

With mobile as the main driver for digital transformation, security and IT teams need to work together to secure all smartphones and tablets – whether they’re managed / unmanaged or a consumer device. Doing so with end-user privacy in mind will enable financial organisations to build a stronger security posture without violating corporate and international data privacy and compliance laws. Protecting these modern endpoints requires a different approach – one that is built from the ground up for mobile devices and secures the entire data path from the endpoint to the cloud. Only a modern endpoint protection solution can detect mobile threats in apps, device operating systems and network connections while also protecting against credential theft and malware delivery attacks through phishing.

 As a financial organisation, you need to embrace modern security technologies and strategies to stay secure, competitive and relevant on the devices that your employees and customers use the most. With financial services seeing the largest rise in mobile phishing attacks out of any industry, it is clear that you need to think carefully about mobile security. MDM solutions are a start but investing in a comprehensive endpoint security solution provides more robust protection overall.

 

Finance

Crypto’s tipping point

Published

on

By

Chris George, Senior VP of Product at Somo argues that Crypto needs to improve its scalability to be taken seriously

Cryptocurrencies are no longer the exclusive domain of high risk financiers or tech Bitcoin jockeys, willing to ride a niche and volatile asset for good or ill. Today, neobank and mainstream banking apps alike offer crypto banking, helping them trade in Bitcoin or Ethereum from as little as one dollar(https://www.revolut.com/crypto/).

Indeed, in September 2022, Finbold reported that British citizens had invested nearly £32bn in cryptocurrencies, and additional research from HMRC would have it that one in 10 UK adults has bought crypto, double the number from the previous year. 

But even given the legitimacy lent to crypto by the fact that now 50% of UK banks allow customers to interact with these currencies as well as other digital assets, how can the asset management industry turn it into a significant – and mainstream – asset, particularly in today’s turbulent economic climate? With the collapse of FTX, this must be taken into serious consideration. FTX was sold as being a safe and stable way to trade digital currency, alas this has not been the case. It turns out Sam Bankman-Fried seriously over-promised and dramatically under-delivered, gambling away customer assets and ultimately prioritising fraud and malpractice.

First, we need to acknowledge that not all crypto is created equal. Some, such as Bitcoin or Ethereum, do function as a currency, are limited in volume and therefore can increase and (as 2022 amply showed) decrease in value. But other blockchain-based crypto doesn’t behave like what most people commonly accept as currency at all. 

For there to be significant uptake in crypto as an asset, there is going to have to be a far broader and deeper understanding of what it is and what it can do. As Christophe Diserens, chief compliance officer at SwissBorg has suggested: “Value and useability are going to be key. Metcalfe’s Law has been used to value tech and internet stocks so why not crypto?”. That value took a bit of a beating during the recent sell-off and crypto’s perceived volatility will need to be addressed if it is to achieve scale. Because that’s what it’s going to need if it’s ever going to be considered as a legitimate global payment alternative in the future.

 

The role of The Merge

Not the latest B-movie, sci-fi flick, The Merge in September 2022 saw the world’s second-biggest cryptocurrency, Ethereum, move from a ‘proof of work’ to a ‘proof of stake’ protocol. This was nothing short of seismic. 

Proof of work is how the vast majority of crypto has been mined to date. People solving complex equations to validate transactions (the ‘work’) uses masses of computer processing energy, accounting for a significant slice of the world’s electricity consumption. In today’s climate (in both senses of the word), that’s just not on. 

Proof of stake, on the other hand, relies on far fewer ‘miners’, fewer computers and less energy as a result. This so-called ‘Merge’ is not only expected to reduce worldwide energy consumption by 0.2%, but also boost the crypto economy as a whole, creating more opportunities for investors and allow developers to build more products and applications on Ethereum. Ultimately, it could be what drives the decentralised internet of blockchain, crypto and NFT – Web3 – mainstream. 

What does this mean in the ‘real’ world? This could present a real opportunity for the financial services sector as a whole. It will change the way it operates, speeding up transactions, creating new business models and generally just making the whole thing a more efficient way of working. Fully cashless payments for business would be a real boon, given the costs and potential losses involved in transacting in cash. Digitisation also makes transacting an altogether more intuitive experience. 

One thing crypto and its associated technologies and solutions needs to be wary of is becoming a solution in search of a problem. For a truly mainstream breakthrough, the industry needs to make sure it’s bringing the consumer along on the journey. For end users to be truly confident in crypto, it has to benefit from the same levels of governance and regulation that cover the rest of the financial services industry, building and maintaining consumer confidence will be extremely important as trust levels have been shaken by the recent lack of solid administration and “irresponsible lending practices” leading to the FTX implosion . It has to be simple to transact, but with all the protections that investors have come to expect. It can’t afford to take them on another rollercoaster ride like 2022’s. 

While 50% of the UK’s banks may be getting on board with crypto to some degree, there is still a wide open ocean of opportunity for asset management players to realise value for themselves and their clients. It will involve some reshaping and more investment in digitisation to manage the assets of the future, whatever they may be. 

Somo, part of the CI&T family, will be publishing a report titled ‘Assessing the Crypto Conundrum: Will cryptocurrency ever be a significant trading asset and how can digitalisation shape its future?’ in 2023. 

Continue Reading

Finance

Skedadle to change the game for advertising with Currencycloud partnership

Published

on

By

Currencycloud, the experts simplifying business in a multi-currency world, has partnered with Scottish start-up app Skedadle to provide its users an easy, secure and seamless way to transfer money earned in-app while playing games on public transport.

Skedadle rewards travellers for the time they spend playing on-the-go. They can earn £2 per day simply for playing games on the move. That’s an extra £60 in their pocket each month. This can be done thanks to a disruption in the advertising market, by using algorithms to verify and track the users’ engagement with ads, proven to be higher while playing than in traditional online advertising, which increases product and brand recall for advertisers. Thanks to the partnership with Currencycloud, Skedadle users can use the app on public transport and be reassured that all financial transactions and financial data comply with the highest standards of security and validations.

By connecting to Currencycloud’s API technology, Skedadle has been able to integrate in their app a state-of-the-art payments ecosystem that seamlessly bulk settles the money earned from advertisers into a secure account and then processes withdrawals from users fast. At the same time, Currencycloud also sets the infrastructure that will enable them to grow both geographically in the UK and globally, by providing access to 38 currencies and low cost, fast FX rates.

Says Nick Macandrew, CEO and Founder at Skedadle: “Trust and security are crucial, especially when it comes to people’s money. As we rapidly grow our platform, we need a solution that can keep up with our pace and Currencycloud do just that. Our cutting-edge technology requires a secure, stable, and simple way of managing payments, whilst guaranteeing the best user experience possible.”

Nick Cheetham, Chief Revenue Officer at Currencycloud commented: “Backing bold start-ups from day one has always been part of our DNA. Skedadle’s creation of new revenue streams for travellers and advertisers alike is an exciting business endeavour. We are eager to see how the  platform can grow and disrupt the market by integrating our seamless payment capabilities.”

Continue Reading

Magazine

Trending

Business15 hours ago

Ransomware chokes COBRA: How AI-powered data analysis can support financial services’ plight

By Toby Butler, Financial Crime Solutions Manager at Ripjar   Ransomware attacks are on the increase in the United Kingdom....

Banking22 hours ago

How Banks Can Boost App Innovation, Speed and Compliance

Steve Barrett, Senior Vice President of International Operations, Delphix  As new finance and banking applications disrupt the market each day,...

Business22 hours ago

SVEA BANK ACQUIRES AREX’S FINTECH OPERATION IN FINLAND

AREX Markets, the data-driven FinTech company that drives financing costs down for SMEs and enables them to get paid quicker, has...

News22 hours ago

ICICI Lombard and AU Small Finance Bank announce Bancassurance tie-up

ICICI Lombard General Insurance, India’s leading private sector non-life insurance company, is entering into a Bancassurance tie-up with AU Small Finance Bank....

Finance22 hours ago

Crypto’s tipping point

Chris George, Senior VP of Product at Somo argues that Crypto needs to improve its scalability to be taken seriously Cryptocurrencies are...

Business4 days ago

Why Procurement is key in delivering your ESG strategy

By Edward Cox, Principal at Efficio Consulting   Environmental, social, and governance (ESG) has shifted from a niche to a...

Finance4 days ago

Skedadle to change the game for advertising with Currencycloud partnership

Currencycloud, the experts simplifying business in a multi-currency world, has partnered with Scottish start-up app Skedadle to provide its users...

Finance4 days ago

How financial services organisations can harness the power of low-code/no-code

By Joman Kwong, Strategic Solutions Manager, Financial, at Laserfiche   The UK’s erratic economy, and its spiralling cost-of-living crisis, have...

Finance4 days ago

SaaScada Top Five Predictions for 2023

From BNPL for business, to sustainability and financial inclusion, 2023 is going to be a year of change as the...

Business6 days ago

Hidden channel costs: how to find and tackle them

By Mark Wass, Strategic Sales Director, UK and North EMEA at CloudBlue     Growth for businesses will always be a...

Finance6 days ago

Is your business ready for finance automation?

Mari-Frances Bentvelzen, Business Head and General Manager of Global SMB at SAP Concur   As managers continue to drive their...

Top 106 days ago

The power of a proactive customer service

By Delia Pedersoli, COO, MultiPay   2023 is shaping up to be another challenging period for B2C businesses. While the...

Business6 days ago

Automation nation: Liberating workers from desks, data entry and the doldrums

Gert-Jan Wijman, VP of EMEA at Celigo.   Just when businesses thought the tough times were over, even more challenges...

News6 days ago

Protean and Fino Payments Bank tie-up to expand PAN card issuance services in India

Fino Payments Bank has tied up with Protean eGov Technologies (formerly NSDL e-Governance Infrastructure Limited), a market leader in universal,...

Business6 days ago

What is the True Cost of SMS Phishing?

Gemma Staite, Threat Analytics Lead   Cybercriminals will recycle attack strategies for as long as they are effective. In Fraud...

Technology7 days ago

Digital Asset Management (DAM) To Transform Enterprise Brand Management

Alexander Rich, Co-founder and CEO – Desygner    Rapid digital transformation fuelled by the pandemic has undoubtedly proven beneficial to...

Finance7 days ago

Cost of living: How to identify vulnerable customers

Ellie Engley is account director at REaD Group   In the current climate, the cost of living crisis is a...

Banking7 days ago

Is traditional business banking the best option for SME finance squeezes?

Airto Vienola, CEO, AREX Markets  The pressures facing business and personal finances alike have been well documented. Stories are now starting...

Business7 days ago

Breaking down communications silos to streamline the customer experience

Dave Tidwell, Head of Technical Pre-sales, DigitalWell   The pandemic has, without doubt, moved the goalposts when it comes to...

Business7 days ago

How growth can be a big challenge when a business becomes multiple entities

By Paul Sparkes, Commercial Director of award-winning accounting software developer, iplicit. Organisations don’t just grow in size – they also...

Trending