How fintech and banking technology protect data
The days of traditional banking are over. The monolithic established players that have dominated the financial markets for the last few centuries have woken up with a shock to the realities that increased digitization brings with them. Most embrace the new normal; some thought to see it come and transform before the 2020 rush.
Data has also become the largest resource, and as the IoT expands exponentially, it is increasingly threatened by cyber attacks that can reap devastating events if not addressed properly. We spoke to the experts about how the new innovations that are changing the room also secure the future.
Banks are becoming cloud-based
As part of digital transformation, a major change for most banking institutions has been the shift to the cloud. Gone are on-premises technology stacks and purpose-built systems managed by in-house teams, as the outsourcing of security and data storage becomes ‘de rigour’.
But many institutions remain behind the technology curve, says Simona Covaliu, VP Risk and Compliance on Mambu. “Provided that 62% of European customers are interested in switching from brick-and-mortar to digital banks, it’s safe to say that the future of baking is digital. In response, many financial institutions are migrating to the cloud to future-proof their business and stay ahead of the curve. In the UK alone, 40% of new banks now operate on Mambu’s platform, giving customers the ability to offer modern financial experiences flexibly and quickly.
“However, while the majority of banks welcome the move to a more agile business model, legacy systems remain a barrier to progress, with 43% of banks still use COBOL – a programming language from 1959 – in the United States.”
Sebastien Marottepresident EMEA at Box, agrees and says digitization is not an option. Rather, it is decisive if an institution wants to survive. He explains: “Financial services organizations can no longer turn a blind eye to the fact that their legacy infrastructure simply does not comply with data and security regulations, and are generally recognizing this by modernizing their systems, using new technology to remain compliant . As such, banks can offer more secure payment processes and faster response times for customers. But most importantly, they can trust cloud service providers to protect their customers’ data from cyber security threats.”
Marotte says that to maximize time efficiency and ensure compliance, banks should rethink their digital strategies and make the leap to the cloud, as it poses much less risk than legacy platforms do. “Cloud-based infrastructure also makes compliance reporting less time-consuming, as banks can monitor who has uploaded, viewed and shared content, which in turn helps them remain GDPR compliant and in line with data protection regulations.”
He continues: “In addition, cloud-based infrastructure can save banks time when it comes to onboarding, loan origination and claim management. And in the future, other technologies such as IoT, blockchain and more will help underpin banks’ digital offerings, ultimately providing a better customer experience and further safeguarding their data. That said, cloud-based platforms will continue to underpin all of this – and legacy banks in particular need to prepare for a digital future.”
Security and cloud-based banking technologies
Identity verification is one area that has excelled since its inception to counter the problem. However, the technology has not been well received by all parties, as privacy experts have expressed concern about the ways in which biometric identification can be exploited. In fact, China already has a fine-tuned biometric ID system that is connected to its social credit scoring platform.
Adam Brown, Managing security consultant at Synopsys Software Integrity Group, does not consider this problematic and points out that without new forms of better security, customers risk breaches from cybercriminals. “While not new, biometrics is a necessity for practical multi-factor authentication and, if done right, can be secure enough to be used in financial technology. Banks must be careful to ensure that any biometric technology implementations they use are ensure.”
He continues: “In our experience evaluating this technology, new and emerging manufacturers can get this wrong and need to be considered before any authentication decisions are made. For example, biometric data can often be proven to be accessible outside trusted execution zones on mobile devices, in other cases the authentication mechanisms can sometimes be forged using trivial methods.”
Covaliu says that as banking continues to integrate new technologies, it is integral that screening approaches continue to evolve to support end-to-end visibility of potential red flags and fight financial crime.
“To deal with this, robust KYC and digital identification procedures must be supported by comprehensive strategies and organizational understanding of financial protection systems. SaaS platforms are already driving progress in this field; these platforms are built on the concept that change is constant, and thus they can quickly bend and adapt to changes in attackers’ approaches to help detect them, she says.
The future of banking technologies
Most experts agree that in an industry that is constantly changing, it is difficult to say exactly what banking will look like in the next five years, let alone decades.
But Covaliu believes that agility and flexibility will be crucial. “It is clear that the demand for financial products outside of traditional ecosystems has changed both where and how consumers engage with financial services. Customers no longer want to be tied to a single bank or financial institution; they want to access products and services whenever anytime, anywhere – with mobile and digital options a must. This also includes security and compliance; they want their financial information to be safe and secure, but not in a way that’s intrusive or at the expense of user experience.”
Covaliu points out that the banks know all this, but are struggling to keep up with the innovation. “According to Mambu research, more than two-thirds (67%) of banks believe they will lose market share within two years if they fail to digitally transform. Meanwhile, a further 53% believe they are at risk of missing out on digital transformation goals.”
She adds: “Ultimately, as traditional and legacy banks continue to move towards digitalisation, greater collaboration within the banking community is required for these financial institutions to stay afloat and succeed. Teaming up with players like Mambu can help banks close gaps and bring about the changes that customers want to see at a speed they would not be able to achieve on their own.”
Cyber attacks against banks
According to the last Bank priority survey, cyber attacks are considered one of the biggest threats to banks in 2022. Information obtained from survey respondents shows that 24% of finance professionals cited data theft as their priority, followed by compromised devices (21%), synthetic identity fraud (17%), endpoint security (10%) and denial of service (7%). Some of the most serious threats to banking security in recent years include ransomware attacks, the growth of contactless payments, mobile malware attacks and even data breaches of major banking and financial apps.
