By Kunal Sawhney, CEO, Kalkine.
Cybersecurity in the age of digital banking and technology has had a significant impact. With increased volumes of cashless transactions, debit and credit card payments and introduction of latest technologies, like online, paperless, and branchless digital banking, chatbots, for personalised services, cybersecurity has become very crucial to protect your data and privacy.
Of all sectors, banking is on the top targets of cyber-attacks as the sector is always innovating and experimenting with new ideas and services for its clients. In present times, digital banking activities have witnessed a sudden spike since the Brexit and coronavirus outbreak, according to the leading independent financial advisory firm deVere Group.
The uncertainty over post-Brexit amendments in regulations, climate change concerns and the COVID-19 pandemic has contributed to the rise in demand for cashless banking. Every website and app has safety protocols in their fold, but often there are loopholes in these networks which are accessible to the hackers. A 2019 study highlighted that about 59 per cent of bank customers are using popular platforms such as smartphone apps, tablets and other wearable devices to access financial services. In 2020 alone, the queries for challenger bank apps have experienced a growth of 67 per cent.
The UK is a global visionary and a promoter of innovation in the financial services industries. In fact, London is at the centre for encouraging a new generation of fintech entrepreneurs. In April 2019, a study conducted by the American fintech firm FIS showed that nearly 71 per cent of banking activities and interactions in Britain are digital, while only 6 per cent are taking place physically at the branch.
The major driving force behind the rise in digital banking stems from the fact that many people and companies want to engage in paperless banking. This comes in the backdrop of people wanting a reduction in waste which can protect the climate and bring an end to deforestation.
However, with this, traditional banks must cope up with the changing trends in the banking industry with tech-driven challenger banks and financial technology companies leading the brigade in terms of going paperless.
Also, with the number of banking apps being operational, it becomes convenient for customers to transfer, deposit and exchange cash across the world. It has become popular with the younger generation which believes in simplifying the process rather than making things complex when dealing with banking or financial services.
Another reason is that several banks in the UK could abandon their customers by closing their accounts and will stop providing services across Europe in a couple of months post- Brexit unless they have a legitimate UK address.
In fact, after Brexit, the new rules will not allow UK banks to provide customer services to those residing in other European countries. With this, many individuals, families and businesses have started opting for various e-banking apps.
Cyber Attack Challenge
Britain’s digital fintech sector is booming and has experienced no major shock as such. The venture capital investments in Britain touched about $1.84 billion through 167 transactions in the financial technology space in the first half of 2020. According to Britain’s fintech industry group Innovate Finance, these transactions show a 39 per cent decrease in comparison with the same period in 2019, but greater than $1.5 billion investments recorded during the second half of 2019.
With such high volumes of transactions, financial institutions are exposed to the threat of data breaches. A weak cybersecurity system would mean losing money, data, time and goodwill. Despite efforts, the country’s financial technology and banking sector have been witnessing cybersecurity attacks, with 32 per cent of 1,600 fintech firms saying that they want to develop a proper cybersecurity system to deflect any threat.
Last year in July, a Bank of England policymaker said the British financial institutions are at risk of facing a cyber-attack from Russia and other countries. The central bank has asked banks to pull their socks and set up a safety mechanism to avoid any kind of disruption. Early this year in February, Christine Lagarde, president of European Central Bank, said there is a possibility of cyber-attacks on major banks which can lead to financial instability.
The digital banking industry mostly operates on a cloud computing system and employs artificial intelligence and machine learning devices. Moreover, the industry flourishes on constant product expansion, innovations and cyberspace usage.
For example, the credit score company Loqbox suffered a cyber-attack in which the company lost all the details of its customers, including their payment history in February. Next month, another financial technology firm Finastra witnessed a massive ransomware attack.
Undoubtedly, cyber-attacks pose a massive threat to the digital banking industry, and with that, it is equally important for security managers to devise a strategy to tackle this growing problem.
UK asset management trade body Investment Association launched a cyber threat intelligence program to bolster businesses against rising cyber-crimes in April this year.
Other possibilities, such as strengthening the structure to deflect any threat should be put in place. For example, a superior encrypted model can be used to protect data, which is stored in clouds, which are prone to cyber-attacks.
Also, companies can design multi-layer security protection with many approvals to detect any data, especially for extremely sensitive financial files. Also, the firms should not depend much on the cloud computing platform as it is prone to hacking and phishing. As an alternative, computer chips or enhanced pen drives can be used.
A ‘kill switch’ technology which allows companies to disconnect the data network instantly if it detects any threat can be used. Moreover, a campaign called ‘stay alert’ was launched by the British government during the COVID-19 outbreak can also help the companies for carrying out regular checks about the cyber-attacks.