LondonLondonKenyaNigeriaZimbabwe Mon - Fri 10:00-18:00 +44 (0) 20 3142 7009 Mon - Fri 10:00-18:00 +254 (0) 713 073 604 Mon - Fri 09:00-17:00 +234 (0) 90 558 72252 Mon - Fri 10:00-18:00 +263 867 711 4458

Optimizing Security in Financial Services

> Blog > Optimizing Security in Financial Services

IBM IBV recently surveyed 500 bank executives and found that only 16% respondents said their infrastructure can detect security breach as they occur while 81% can only detect new patterns after 4 weeks, implying that many financial institutions are struggling to adjust to the changing threat landscape. Additionally, the capacity to connect criminal activities across multiple channels and products remain the key concern of 51% of the executives. 

Similarly, a recent experian study found that top user activities on mobile devices are: Online Shopping – 90% and Personal Banking – 88%. It further revealed that fraud is an increasing concern for businesses over the past 12 months with 67% of fraudulent transactions undetected, costing businesses billions of dollars in losses.

As more users increase their reliance on mobile devices, cybercriminals’ mobile malware exploits are on the rise. Kaspersky recently revealed that attacks on mobile devices have increased drastically from 66.4 million in 2017 to 116.5 million in 2018 with Trojan-Droppers being the most common malware; designed to compromise security and execute ransomwares or banking trojans. Other attacks experienced included DNS hijacking and SMS spamming. There is, therefore, a need for FIs to have an up-to-date efficient security solution in place.

Financial institutions’ security infrastructures would need to be more resilient to reduce the rate of fraud. 75% of businesses want advanced authentication and security measures that have little or no impact on the digital customer experience, experian states. It is important to ensure identity verification not only during customer access at the front end but also during staff access at the back end. Apart from Login-password pair, 2 factor authentication restricts access and prevents funds from being stolen. Like JETHRO’s jPrivacy.

Furthermore, Private Key Infrastructure uses encryption technology known only to the user, Gomedici states. Currently, some banks such as Danske Bank, European System of Central Banks (ESCB), and Lloyds Bank have effectively implemented PKI.

Cyber fraud & digital impersonation, phishing attacks, geopolitical disruptions, supply chain risk and insider attacks are prevailing risk factors facing financial services. It is commonplace to expect more attacks from cybercriminals. A robust solution uses machine learning to combat financial crime, reducing human errors and detecting not only known fraud types but also unknown patterns via multiple layers of security in real-time. There is need for financial institutions to have vulnerability prevention mechanisms in place and response strategies at the instance of an attack.  A good strategy will consider a robust cyber infrastructure that allows continuous testing and update of security controls, consistent policy update and partnership with law enforcement agencies.

Bitcoin Watch
One in ten people have made purchases using cryptocurrencies. Exchangers and investors are becoming targets of cybercriminals, a recent consumer report from Kaspersky states. Hackers continue to lunch advanced skims aimed at accessing funds of unsuspected victims. For instance, Kapaski highlighted an incidence where up to $530 million worth of digital tokens was stolen. “Despite a fall in cryptocurrency prices, there is still a strong desire for digital transactions amongst consumers,” says Vitaly Mzokov, Head of Verification, Growth Center at Kaspersky Lab.

The huge potential of cryptocurrencies and blockchain technology is enabling partnershipsbetween banks and technology vendors. For instance Wells Fargo, JP Morgan partnered with IBM, Intel and Cisco resulting in the Open Ledger project  with the goal of developing Distributed Ledger Technology.

Jamie Dimon, CEO of JP Morgan a major US bank, earlier stated in 2017 that bitcoin was a fraud. However, JP Morgan recently announced the completion of tests carried out on its own cryptocurrency; JPM coin, designed for business-to-business money movement  having a value tied to the US dollar. “When one client sends money to another over the blockchain, JPM Coins are transferred and instantaneously redeemed for the equivalent amount of US dollars, reducing the typical settlement time,” The bank has an expansion plan later in the year and it intends to extend to other currencies.