Connect with us


Why Zero Trust and securing the supply chain is key to post-pandemic recovery



Zero Trust & Securing The Supply Chain Is Key To Post-pandemic Recovery

Jim Hietala, Vice President, Business Development and Security at The Open Group


Banking and finance have grown to provide a vast range of services to people, touching every part of our lives from splitting dinner bills with friends to buying your first home. At heart, though, the value they provide might be boiled down to a very simple statement: they offer security and interoperability.

Which is to say that, when we use money, whether that is to pay for the bus or establish a pension, we need to be certain that it will reach the right destination, regardless of which systems it passes through, without being intercepted along the way. Interoperability ensures that desired actions happen; security ensures that undesired actions do not happen. Between them, these two key capabilities give us vital freedom in how we financially interact with people and businesses.


Roads and walls

That simple statement, however, is not simple to implement. The industry has long relied on open standards in order to achieve interoperability: from basic identification needs performed through standards like the International Bank Account Number system, to complex interactions like those managed through the Open Banking Standard which is currently transforming the British banking experience, fairly managed rules which everyone understands are essential to modern finance.

These standards, of course, are not static, and need to keep evolving in order to meet new needs. The same can be said of security – banks might still be associated with huge metal safes and vault doors in the popular imagination, but we all know that that’s not what keeps our money safe today. The question of security is now a digital one. From multi-factor authentication, to Transport Layer Security encryption, to automatically blocking access from unfamiliar devices and locations, the industry has been an early adopter of a wide range of technologies which manage or control access.

The need to develop and improve security approaches is still present, though. As is always the case with cybersecurity, risks need to be continually reassessed as the operating context changes – and, indeed, innovations in how people interact with banks always need to be made with security implications in mind. At the same time, new methods and strategies for cyberattacks are always developing, and there are good reasons to believe that now is the time for a fundamental shift in how we think about the topic.


The new weak link

Banking and finance, it is needless to say, are among the highest-value targets for attackers, and that means that if one route to compromising the industry becomes too difficult, they will look elsewhere for their opportunity. This is precisely what we’ve witnessed happening in some of the highest-profile breaches of recent times as organisations in other industries have dealt with the realities of supply-chain attacks.

In late 2020, for example, the security consultancy FireEye discovered that it had, alongside many other organizations, fallen victim to a sophisticated intrusion which took an obscure and convoluted path to its target. The victims were users of software offered by the company SolarWinds, which was successfully infected with a trojan. As the SolarWinds tool was an approved piece of software, FireEye and others happily brought that malicious code inside the gates (so to speak) of their own networks. This gave the attackers a route to manipulate FireEye’s own software and ultimately give them access to sensitive and otherwise highly secure environments.

What’s important to understand about this attack is that no amount of network-focused security would have prevented it: rather than trying to pass as an authorised user, the attackers worked a situation where the actual point of infiltration was carried out by genuinely authorised users.

It’s a scary situation, and a tactic that becomes more viable for attackers as our digital infrastructure becomes more complex. As businesses in the sector offer their customers richer online experiences – often in ways which, as with Open Banking, seek to enhance interoperability – they also become more dependent on a whole stack of platforms and tools. Rather than build a new back-end system from scratch, for instance, a bank might bring in a fintech platform from a vendor, who will themselves use development and operational tools from other vendors, who themselves will have further dependencies on other vendors.

This supply chain, in other words, is starting to look like a vast new attack surface which requires a new approach to secure.


The end of trust

If securing networks is no longer enough, we need to look to models which secure the data and assets which those networks are there to carry. This is what the Zero Trust model offers: rather than assuming that any device on a network must have passed a security checkpoint and is therefore trustworthy, Zero Trust assumes that every action is potentially malicious, and performs security on an ongoing, case-by-case basis.

While the principles of Zero Trust are not new, the need to put them into action has never been greater. Few industries have gone untouched by the societal changes which the pandemic triggered, never mind the economic impact, and successfully bouncing back from those economic consequences will require innovating towards a position which reflects the expectations of modern consumers. For banking and finance, that means digital tools which work from anywhere, securely and intuitively.

Which brings us back, of course, to the other half of the value which this industry offers: just as new systems for interoperability need to be designed with regards to maintaining security, new security models cannot jeopardise interoperability if they are going to successfully preserve the freedom with which people expect to deal with their finances.

That’s why the industry’s adoption of Zero Trust has to happen from a position of open standards. Just as shared understanding powers institutions’ abilities to accurately communicate their customers’ intentions to one another, it is needed to enable mutual understanding about what needs to be kept secure and how. In a challenging and rapidly evolving environment, that’s a priority for all of us.



Rivery Raises $30M B Round of Venture Funding from Tiger Global




With data needs growing and data talent scarcity, there is huge demand for Rivery’s 100% SaaS solution to create an efficient scalable data stack.

Rivery, the SaaS ELT today announced a new funding round of venture capital led by Tiger Global Management alongside existing investors State Of Mind Ventures and Entrée Capital. This financing follows from last year’s A round, bringing the total venture capital raised to date to $48 million. Rivery’s product-led growth has significantly accelerated since the launch of the Pay As You Go program in December 2021, which is growing at a rate of 50% month over month. This new pricing model complements the existing Self-Service experience plan, which opens the door to any type of company that would like to immediately get started with Rivery.

Rivery provides a single end-to-end ELT solution which covers key processes to create the optimal data stack: Ingestion, Transformation, Orchestration and Reverse ETL. Teams can choose from the different modules to build their ideal data infrastructure. Before Rivery, companies had to rely on legacy ETL platforms that were not built for cloud, and lacked the flexibility to scale. By streamlining and unifying how data stacks are built, maintained and automated, Rivery helps companies to unlock data value with a complete SaaS solution suitable for companies that need to scale fast. Besides helping data teams remain lean and agile to grow, it avoids the costly and complex issues that come with managing fragmented data stacks that rely on multiple disjointed tools.

Used by over 300 customers globally, Rivery’s approach to data management is a generational technology leap that incorporates automation and actionable logic into the traditional data ETL/ELT (extract, transform, and load) processes. Some of the world’s fastest-growing cloud-native companies including EMAAR, Bayer, Webedia, BuzzFeed, Papaya Global, American Cancer Society, NEXT, and WalkMe use Rivery as the core engine to power their data stack.

The new funds will help expedite the growth of the company across all teams in New York and Tel Aviv HQ including R&D, Product, and Sales, as well as expanding on EMEA where a London office has been launched to focus on the regional market. In addition, Thibaut Ceyrolle, who founded Snowflake EMEA Division, has joined Rivery’s Board of Executives to lead and define the company’s growth strategy across EMEA.

Itamar Ben Hemo, CEO of Rivery said: “Companies have to scale faster than ever before, which means data teams need to achieve more with less. By offering a fully SaaS end-to-end solution as the core to their data stack, Rivery plays a pivotal role to provide unlimited scalability. This funding is a great milestone that will help us grow our global presence, making Rivery a de-facto tool that empowers businesses to unlock the unlimited power of their data.”

Continue Reading


How to reignite your store with streamlined operations and a distinctive customer experience




Colin Neil, MD, Adyen UK


Retailers know that prioritising customer experience is vital to success today. This, amongst the management of complex supply chains and the cost of living crisis is a lot to oversee.

Further, the pandemic has accelerated technology’s role in building a relationship between store and customer. Consumer adoption of digital, cashless payments has accelerated. PwC’s ‘Payments 2025 and Beyond’ report predicted that cashless transactions could triple in volume by 2030. This trend aligns with our own experience of 2021, in which we’ve witnessed a 70% jump in transaction volumes. It demonstrates the rapid digital transformation of retail as pandemic trends amplified the role of ecommerce in online and offline sales.

Operationally, there’s a lot for retailers to think about. The question is: Which are the technologies that will allow them to truly transform the customer experience?

Consider Android mPOS

Traditional mobile POS (mPOS) terminals are a great way to unshackle sales from a static cash-desk, helping to reduce queues and improve the overall shopping experience. However, they’ve also presented some operational challenges. These devices only take payments; they’re unable to scan barcodes or check stock, meaning that sales teams become burdened with a utility-belt’s worth of additional devices to fulfil these needs.

But recently, the entrance of the new Android mPOS terminal has caused a stir since it’s an all-in-one solution that can manage a multitude of functions, via installed apps. This includes: checking a customer’s previous orders and eliminating the need for separate cash registers, barcode scanners, and even customer facing displays.

These devices represent a fundamental change in the role of the payment terminal. Thanks to its app management system, retailers can manage the functions they use every day in a single hand-held device, from inventory management, to loyalty programmes, returns and more.

Palisis, a provider of sales and operations solutions for tourism and transportation businesses, and Immfly, an in-flight digital services provider, are among the first of our customers to roll out the terminals. In doing so, they’re simplifying the management of their business and freeing up staff to focus on the customer experience. Here’s how:

  1. Streamlining operations

Android mPOS terminals let you consolidate your store’s business functions into one device. This is a big benefit for your bottom line, since managing multiple systems and hardware can lead to high costs, from set up to ongoing maintenance. Furthermore, customisation from a centralised location gives an overview of all a retailer’s terminals. Adyen’s Terminal Fleet Manager, for example, is capable of multiple configurations – including terminal location, logo, refunds, receipts etc – remotely.

Consolidating these systems reduces cost of ownership, helping you free up budget for other investments and innovations. It’s also simpler for staff to use the one system, making their jobs much easier, especially during busy periods.

  1. Flexibility to grow

When systems are consolidated on a single device, it’s easier to update and scale technology as your business evolves. For example, if you process payments on a centralised platform, like Adyen, the same software and end-to-end encryption can be quickly rolled out across all your stores, anywhere in the world. You can also cater to customers’ preferred local payment methods, as well as the major global ones, without needing additional terminals or worrying about local acquiring headaches.

On top of that, if all customer-facing channels and backend systems are connected via one platform, you can monitor online and in-person payments in one place. You can recognise and reward loyal customers in real-time, future-proofing the customer experience with invaluable data insights. 

  1. Convenience for customers

Mobile devices allow customers to make purchases from anywhere. This has led some retailers to consider doing away with the till area completely. Tesco’s entered this space last year, and Sainsbury’s partnered with Amazon to introduce the experience too. With no cash desks, the store is given over completely to product and service.

Getting your roll out right

Take a look at what our customers Immfly and Palisis have been able to achieve with their roll out. Immfly needed to be able to create and process drinks and snack orders during flights, without involving any extra hardware for air stewards to handle and manage. Its Android S1F2 devices integrate cash register systems directly onto WiFi-enabled terminals via an app, which sync stock levels throughout the flight. Payments can also be taken while offline on both long and short haul flights. These capabilities also mean leading ticketing and reservation tech provider Palisis can use them in many different weather conditions, from ski slopes to tour buses in the world’s biggest cities.

The best customer experiences are convenient and modern payment terminals can help retailers deliver this. Just remember, when you’re looking to roll out any new in-store tech, it’s important to research and pilot the scheme thoroughly. In that way, you’ll be sure to have the best possible impact on your customer experience and ultimately your revenue.


Continue Reading



News6 hours ago

Rivery Raises $30M B Round of Venture Funding from Tiger Global

With data needs growing and data talent scarcity, there is huge demand for Rivery’s 100% SaaS solution to create an...

Banking2 days ago

Wealth Managers and the Future of Trust: Insights from CFA Institute’s 2022 Investor Trust Study

Author: Rhodri Preece, CFA, Senior Head of Research, CFA Institute   Corporate responsibility is more important than ever. Today, many...

Interviews2 days ago

Q&A with Andréa Jacquemin, founder and CEO of Beamy

Beamy is a fast-growing scale-up that focuses on pioneering a new approach to SaaS management for large companies. Founded in...

News4 days ago

How to reignite your store with streamlined operations and a distinctive customer experience

Colin Neil, MD, Adyen UK   Retailers know that prioritising customer experience is vital to success today. This, amongst the...

Business4 days ago

5 tips to ensure CSR efforts come across as genuine

By Mick Clark, Managing Director, WePack Ltd   Corporate social responsibility – or CSR – is playing an increasingly pivotal role...

Business4 days ago

How to Build Your Credit Up Safely

by Taylor McKnight, Author for Compare Credit   What Is Credit? Credit is money owed by a person that allows...

News4 days ago

PCI DSS Compliance in the Cloud – Everything you should know

Introduction PCI DSS 4.0 is the latest and updated version of PCI DSS that was introduced on March 31st, 2022....

Banking5 days ago

2022 ESG Investment Trends

Jay Mukhey, Senior Director, ESG at Finastra   Environmental, Social and Governance (ESG) themes have been front and center throughout...

Business5 days ago


Planning for the next financial year? Former Bank Manager and successful whisky investor, Roger Parfitt, tells us why cask ownership is...

Technology5 days ago

UK Organisations turn to artificial intelligence to fight sophisticated cyberattacks

New research by cybersecurity expert Mimecast finds that email attacks are becoming more frequent and sophisticated More and more companies...

Finance5 days ago

The power of diversity: The need for female role models in FinTech

By Isavella Frangou, VP of Sales and Marketing, payabl.   As our world is constantly evolving, it’s easy to believe...

Business5 days ago

Securing BNPL Platforms for Merchants

By: James Hunt, Payments SME at Feedzai   The buy now, pay later (BNPL) market has boomed because it offers...

Technology5 days ago

Addressing the talent gap within cybersecurity

By Merlin Piscitelli, Chief Revenue Officer, EMEA at Datasite   Rising geopolitical tensions and increasingly sophisticated cyberwarfare tactics have meant...

Uncategorized5 days ago

Biometric payment card FAQs with Michel Roig, Fingerprints’ President of Payments & Access

We sat down with Michel Roig to answer your frequently asked questions regarding biometric payment cards – their benefits, current...

Banking5 days ago

Opportunities for UK Challenger Banks to address AML Compliance

Author: Gabriel Hopkins, Chief Product Officer, Ripjar   UK challenger banks have revolutionised the banking sector with innovative products and...

Finance5 days ago


By Shaf Mansour, not for profit solutions specialist at The Access Group.    The topic of inflation and its impact...

Business5 days ago

How to manage transformational change successfully

Adrian Odds, Marketing and Innovation Director, CDS 2020 accelerated change in the business landscape significantly. Many were already considering –...

Finance5 days ago

Why the pandemic has put the pressure back on fintechs

Ben Walker, Partner & CTO, Airwalk Traditionally, the only genuine threats to the incumbent banking giants were macroeconomic instability and...

News5 days ago

Neobank Fi launches new feature ‘Connected Accounts’ allowing users to sync multiple bank accounts on a single app.

Neobanking app Fi launched its ‘Connected Accounts’ feature to become one of the first fintechs to build a product on...

Finance5 days ago

Accounts Payable fraud: Do you know who’s accessing your finances?

Mark Blakemore, CFO at Compleat Software   The use of social engineering and phishing attacks on accounts payable (AP) departments...