Banking security systems are being severely tested by the growing number of headline-grabbing cyberattacks. Mobile banking security is the front line in securing crucial point-of-access targets, but protecting these access points without compromising convenience and end-user experience is a delicate balancing act.
The notion that cyberattacks have the potential to trigger a global financial crisis by destroying financial markets, collapsing global banking systems and shutting down the flow of money may seem far-fetched. However, a closer look at the mechanics of financial systems exposes numerous arteries that could spawn a systemic breakdown if breached. Financial markets fundamentally revolve around the trust that all counterparties will honor terms in a timely manner. But when trust in the very infrastructure that facilitates transactions is compromised, the repercussions can be devastating.
Targeting Financial Market Infrastructures
Malicious actors looking to profit from data breaches are a major threat, but those intent on causing mayhem may be the most dangerous faction of cybercrimals. These groups target the stability of the global financial system by attacking financial market infrastructures (FMIs) that enable payments, funds, securities, bonds and derivatives to flow freely between institutions and counterparties. Major domestic FMIs include the Depository Trust & Clearing Corporation, which is a central counterparty (CCP) that facilitates all equity and fixed income trade settlements; the Options Clearing Corporation, the CCP for equity derivatives trade settlements; and the Federal Reserve System, which is responsible for funding central banks and auctions, and executing various programs through the United States Treasury. A disruption to these FMIs could trigger bank insolvencies by freezing central bank funding efforts.
ACH Hits Closer to Home
The Automated Clearing House (ACH) network processes domestic electronic payments and fund transfers in the United States, most commonly associated with electronic check payments. ACH volume grew to over 25.5 billion total transactions totaling over $43 trillion in 2016, a 5.26 percent YOY increase in transaction volume. Malicious disruptions to the ACH network can be felt closer to home as payroll direct deposits, debit card transactions, electronic bill payments and social security benefits all get frozen.
Greg Medcraft, head of the Australian Securities and Investments Commission (ASIC), feels companies should be legally required to report cyberattacks. While this type of regulation may improve awareness and boost collaboration initiatives, it can also potentially damage credibility, especially for organizations that rely on the public’s trust for business. Too many disclosures can needlessly shake confidence, spurring the migration of paranoid customers and countparties to “safer” competitors. Financial institutions are especially vulnerable, since operating models depend on maintaining the trust factor with the public, counterparties, investors and customers.
With these new security concerns, banks must find a way to secure their access points — from mobile to desktop and in-bank systems — without inundating consumers with off-putting security measures. In order to do this, some financial service organizations are turning to FinTechs.
This new class of FinTechs is collaborating with banks to integrate blockchain technology innovations that can bolster security while optimizing processes that delight customers, like international P2P/B2B fund transfers completing in seconds not days. Blockchain leverages a decentralized network of individual nodes (users, counterparties and miners) that aggregates all transactions, and changes are collectively embedded with a self-governing/regulating verification mechanism, ensuring data integrity and virtually eliminating the point-of-access threat by spreading it from one central point to millions. For end users, it enables a single reference point for identity management that can securely update, track and protect data, which is a boon to mobile banking security.
Combating Cyberattacks at Access Points
Beyond blockchain, machine learning algorithms monitoring and securing access points are other avenues of defense. As the access points draw closer to the retail end user, vulnerabilities increase exponentially. Mobile banking security is a two-way street where both the financial service organization and end user reciprocally bear responsibilities in protecting access points. With algorithms, firms can track usage patterns and monitor for any possible breaches.
Furthermore, integrating biometric identity authentication systems for on-site and enterprise app access adds an extra layer of security for the organization itself. Additionally, integrating high-grade encrypted secure container technology like Samsung Knox Workspace into connected devices for FSI workers is a prudent safeguard preventing cyberattacks from spreading to the enterprise level.
As banking becomes more digitized, FSIs need to develop a strategy that provides multilayer protection for both the enterprise and end users. In doing so, organizations can work to proactively combat cyberattacks and avoid being left behind.
Stay in tune with the latest digital financial services trends by checking out our complete line of finance technology solutions.