By Nic Sarginson, Principal Solutions Engineer at Yubico
This year, consumers have turned to technology in their droves to work, shop, and manage their finances. While online access has always offered convenience, this year it has become close to a necessity as people retreated to their computers and phones, instead of the high street, to access banking services. The significant shift in the way consumers transact and manage money highlights just how much we have all come to depend on our digital identities. Protecting those identities is essential, and that means taking steps for effective and secure authentication.
There has been such an increase in demand for online and mobile banking, that 88% of banking executives reported their organisation has become completely overwhelmed, according to this European survey. This reveals an interesting truth for the banking industry: many former telephone or in-person banking customers will now have to become more familiar and comfortable with their banking service operating online. The benefits they gain, including immediate access to account status and other banking services, are likely going to be the contributing factors that get these new habits of operating online to stick.
The growing shift toward online banking can prove to be positive for financial institutions with a digital agenda, as well as for consumers. However, the move is not necessarily worry-free. For example, while two-thirds of TSB’s mobile banking users say they benefit from the convenience and 24/7 access to their accounts, security is still a concern among older age groups. Despite the rate of mobile banking registrations almost tripling in the three months following lockdown, TSB discovered that 39 percent of people over the age of 55 worry about fraud and 37 percent of them fear losing their phone and as a result, their bank details being compromised.
Lines of defence
The first line of defence in online security is generally a username and password, supplemented with additional measures to help safeguard against a range of threats including:
- Credential stuffing – this is when stolen details are tried against a range of digital services, with the goal of gaining access to as many accounts as possible. This type of attack takes advantage of the ill-advised practice of password reuse, which unfortunately is a common occurrence because it’s challenging to manage a large number of passwords on a day-to-day basis. Therefore, people often reuse the passwords they can remember across several services, leaving many accounts susceptible to being breached. Once a cyberattack has succeeded at gaining access to a password, multiple account takeovers become possible, simply by trying the same password across different accounts through the use of an automated system or program.
- Phishing – involves luring and tricking people into revealing personal information such as their login credentials. This could be through an email from an illegitimate sender disguised as a legitimate service provider, such as their banking service. The illegitimate sender will often include a link in their email that will then take the user to a fake site where the user is asked to enter in their credentials, leaving the illegitimate sender the ability to use those newly phished credentials on the real site and gain access to the user’s account.
- Man-in-the-middle (MiTM) attacks – occur when attackers secretly relay, and possibly alter, communications between two parties who believe they are communicating with each other. Recognising this type of attack is hard, even for those who are very cyber aware, with attackers creating highly personalised messages relevant to targets. Routes in for them can include unprotected Wi-Fi networks and manipulated URLs to look like legitimate sites. Again, the end result is to gain the necessary credential to access an account.
Multi or two-factor authentication (MFA/2FA) boosts traditional username/password authentication, by adding a second layer to help mitigate these common security threats, as well as others. It’s important to note that not all MFA is completely resistant to security threats – for example, mobile-based MFA using one-time codes increases account security but can still be vulnerable to modern MitM and phishing attacks. Additionally, it may not be the most convenient solution, as it relies on your mobile device, which may not be accessible when in locations that are mobile-restricted or do not have cellular reception to receive codes.
Financial service providers can and should take steps to help customers increase their online account protection. This, along with increasing education to help reduce the digital divide for the less security aware, is important in any organisation’s digital transformation. Strong authentication protecting online banking accounts should:
- Prevent account takeovers from phishing and MiTM attacks – by circumventing weak security measures and tricking users via fake links and altered communication methods, cybercriminals have the ability to instigate transactions, gain access to important PII and other activities that can wreak serious havoc on finances.
- Provide a convenient user experience – frictionless security should be simple, seamless, and quick. Typing passcodes can be prone to error and adds time to the process of logging in.
- Integrate into existing systems – enabling strong authentication for customers shouldn’t require a huge overhaul of existing systems or workflows. Instead, it should be simple to integrate for both existing and future products and services.
Strong authentication, through tools such as hardware security keys, bolsters security without inconveniencing customers. By leveraging global authentication standards supported by the leading platforms and browsers, like WebAuthn and FIDO2, developers can integrate a strong authentication solution into their products and services, which provides users with the ability to secure their accounts and devices. Now that we recognise that legacy authentication methods are not always the most secure, online service providers should go beyond basic MFA to provide strong standards-based authentication to stop account takeovers.
Indeed, for financial services organisations, using such technologies as FIDO increases user security and ease of use. It also adds more flexibility to the security options available, from increased user identity assurance, to being able to implement hardware backed Root of Trust procedures, and even transaction signing solutions.
As consumers increasingly go online to manage more aspects of their daily activities, they will seek confidence in the security measures designed to keep their accounts safe. Basic security measures can be vulnerable to a range of security threats and should be enhanced through strong authentication that is simple to deploy and use. Now is the time to meet customer expectations when accessing financial services online by providing the highest level of protection, combined with a seamless user experience.
SoftBank telco unit rotates CEO, Son steps down as chairman
By Sam Nussey
TOKYO (Reuters) – SoftBank Corp, Japan’s third-largest telco, said on Tuesday Chief Technology Officer Junichi Miyakawa would become its chief executive officer, effective April 1.
The change at the top of one of SoftBank Group Corp’s largest assets comes after two years of deliberation, with the telco emphasising the need to “pass on the strengths of its current management system to future generations.”
The rotation is likely to lead to speculation over SoftBank Group CEO Masayoshi Son’s own succession plans. The 63-year-old billionaire abandoned a previous plan to hand over the reins and went on to launch the $100 billion Vision Fund.
The son of a Buddhist priest, 55-year-old Miyakawa is a technical whizz driving projects including the wireless carrier’s 5G build-out. He replaces 71-year-old Ken Miyauchi, a key lieutenant of Son, who took up the post in 2015.
Miyauchi will take the post of board chairman from founder Son, who will remain on the board. A household name in Japan, Son joins business leaders such as former Apple CEO Steve Jobs in being the face of the company he runs.
During Miyauchi’s tenure, the telco had a bumper IPO in December 2018 to feed cash to SoftBank Group as it shifted its focus to investing in tech companies. Son has since further reduced the group’s stake after a series of high-profile stumbles.
Miyakawa takes the helm as the industry faces unprecedented political pressure to cut fees, potentially eating into fat margins in its core business.
Looking to grow sales beyond selling mobile and broadband subscriptions, SoftBank is integrating a hodgepodge of companies including online fashion retailer Zozo and message app operator Line Corp into internet business Z Holdings.
Known for blue sky thinking including flirting with the idea of making cars, Miyakawa’s pet projects include an attempt to deliver broadband via drones. Alphabet Inc said last week it was abandoning its own balloon-based attempt.
(Reporting by Sam Nussey; Editing by Tom Hogue, Shri Navaratnam and Subhranshu Sahu)
Over 60’s turning to digital banking up by 90% during pandemic
More than 90% of people aged over 60 have used online banking for the first time during the Covid-19 pandemic, according to a poll by iResearch Services, highlighting the importance of banks getting digital right in 2021.
In comparison, 17% of people aged under 30 said they were accessing services via an app or web browser for the first time.
The findings show how banks must adapt to help service the influx of new digital users and gain their trust, accelerated by the Coronavirus pandemic. With 97% of 18–24-year-olds trusting their bank with their data, compared to only 33% of people aged over 66.
Commenting on the findings, Gurpreet Purewal, Associate Vice President, Thought Leadership, at iResearch, said: “Our study demonstrates the lasting impact of Coronavirus on how people will access banking services from now on. Banks will be required to refocus on really understanding customer needs in order to engage with the different requirements of each individual customer.
“More than half (54%) of respondents said they are less likely to attend a physical branch after the pandemic. This demonstrates a seismic shift in the way people will access banking services now and into the future.”
In other findings, 63% of respondents said their bank acted in their best interests during the pandemic, but a third said they would consider switching their bank for better, more personalised communication.
Purewal added: “On the whole, High Street banks have emerged with great credit from the pandemic for the way they have supported their customers. As the economy rebuilds, it will be more important than ever that they communicate in the right way to help consumers through 2021 by leveraging digital platforms and understanding their needs fully.”
Asked how banks can improve their communication with customers, ‘connecting on a personal level’ ranked highest, followed by ‘more honest and open dialogue’, a ‘demonstration of how they are helping customers’, ‘more creative campaigns’, ‘consistent messaging across channels’ and finally ‘responsiveness to major events’.
Banking on the cloud to create a crucial advantage in financial services
By Rahul Singh, President of Financial Services, HCL Technologies
Once considered a revolutionary technology, cloud is now at the heart of agile and innovative businesses. The financial services industry is no exception, and has been a major adopter of cloud-based Software-as-a-Service (SaaS) for its non-core applications. Functions such as customer management, human capital management, and financial accounting have progressively shifted to the cloud. Several banks have also warmed up to using cloud for services such as Know your Customer (KYC) verification. IDC analysts say that public cloud spending will grow from $229 billion in 2019 to almost $500 billion by 2023, and a third of this will be spent across three industries: professional services, discrete manufacturing, and banking. The time is ripe for an increasing number of financial services providers to consider moving more of their core services to cloud.
Adoption is already on the rise
Earlier reluctance to move core activities to the cloud has softened, and many banks have put strategies in place to migrate services, including consumer payments, credit scoring, wealth management, and risk analysis. This significant change is driven by factors such as PSD2 and open banking, which require secure and cost-effective data sharing.
Regulators too were once cautious in their approach to cloud technology, but this is also changing. The Australian Prudential Regulation Authority (APRA), for example, whilst acknowledging the risks associated with cloud, also recognised the risk of sticking to the status quo. ARPA trusted the enhanced security offered by the cloud, and updated its cloud-associated risk advice. Wisely, APRA recommended that banks must develop contingency plans that allow cloud services to be provided through alternate means if required.
Rising pressure from new challengers
The other pressure for incumbent banks is from next generation fintech firms. These are cloud-native organisations, and are able to onboard customers remotely in minutes, roll out new services in days, and meet compliance requirements at lower costs.
As a result, the need for traditional banks to upgrade core systems and integrate the latest technologies is stronger than ever. The COVID-19 pandemic has been an additional driver, highlighting the importance of upgrading and migrating core systems to the cloud. Financial services organisations have been forced to rethink their approach to digital transformation, and pay special attention to a cloud-aligned culture. The industry is recognising how the cloud can address new and ongoing regulatory changes, meet different demands from customers, support the roll-out of emerging technologies, and enable incumbent providers to respond to the relentless competition from fintech firms.
New year, new priorities
As we enter 2021, financial services providers will need to reset their priorities, and go beyond using the cloud for scalability and cost efficiency alone. The new areas to focus on will include:
- Creating a robust digital foundation: The cloud market is expanding fast, and there is an ever-increasing number of services on offer. Whilst the big three hyper-scalers are the obvious choice, various other players are also gaining traction, such as IBM, Oracle, and Alibaba Cloud. Organisations will need a robust digital foundation to adopt cloud at scale in a secure and compliant way. A well-architected digital foundation, supported by resilient operations, ensures that organisations have continued access to their systems and data, regardless of where employees are located, or what device they are using.
- Adoption of technology platforms: Enterprises are finding ways to reduce complexity by embracing a platform approach, and increasing the speed of business IT consumption. Physical infrastructure is being abstracted into cloud-based platforms, with data consolidated into data lake platforms. Software products like Apigee are being offered as capability platforms to drive better analytics and intelligence.
- Enhancing IT security: Cloud offers organisations greater security than on-premises servers, if implemented correctly. Financial services organisations have relied on control and compliance-based security for years, but these practices are increasingly vulnerable to cyber threats. Whilst service integrators create robust cybersecurity solutions for financial services organisations, cloud providers are also looking to provision industry-specific security and regulatory measures like end-to-end data encryption – making it easier for financial services organisations to be compliant whilst migrating to cloud.
- Driving innovation: Cloud is the fundamental factor behind the ability of fintechs to innovate rapidly. Using cloud, financial services can leverage new technologies and tools like augmented reality (AR), virtual reality (VR), natural language processing (NLP), machine learning (ML) and the Internet of Things (IoT) to unlock new processes that improve customer interaction and experience with portable real-time services. Whilst fintechs have led the way in cloud-based innovation through open banking platforms, some of the leading banks are also adopting cloud to simplify their business processes, including KYC as a Service, to enhance customer experience.
- Enterprise synchronisation: Effective collaboration, both internally and with external partners, is crucial to success in the ever-expanding financial services ecosystem. Cloud allows businesses to integrate collaboration through shared tools and platforms. This is a critical ability as it leads to faster decisions and improved innovation cycles.
Legacy systems hold banks back from improving revenue generation and restrict their ability to build a responsive and resilient business. Cloud is a key factor in the success of challengers: traditional banks have no time to waste in migrating their core systems to cloud and building a secure future.
Industrial Hose Assemblies Market Top Companies Statistics Analysis, Trends, Challenges, and Opportunities- Forecast To 2028 | Future Market Insights Report
The industrial hose assemblies market is expected to be valued at over US$ 37 billion by 2028, according to a new report...
How are Antioxidants Market Players Aiming to Gain from Sustainability Trends?
The business report depicts the present scenario of the worldwide Antioxidants market in terms of value, production, and consumption. The...
DC Powered Servers Market Players Gain Ground in Fuel Cell and Battery Applications, Says Future Market Insights
DC powered server product manufacturers are pushing for research and development efforts towards minimizing power loss during conversion. The DC powered...
Agricultural Equipment Market to Remain Steady through Contract Farming & Introduction of Appropriate Farm Equipment Technology
Market players are seeking to introduce innovative solutions for small farms such as Rowbot to help farmers in field processes....
What is the Regulatory Impact on Micro Perforated Films Packaging Sales?
Technology upgradation has major contribution towards increasing sales of micro perforated films packaging across the globe. Future Market Insights (FMI) in a...
Agricultural Equipment Market not an Outlier in COVID-19 Crisis, Market to Witness Subdued Momentum
Market players are seeking to introduce innovative solutions for small farms such as Rowbot to help farmers in field processes....
Covid-19 Impact on Sun Care Products Market
Future Market Insights (FMI) in its latest study on the sun care products market has anticipated that the market will witness a...
2-ethylhexyl Market Impacted by COVID-19 Outbreak to Recover by Partial Lift of Lockdown, East Asia is Anticipated to Surpass North America
Growing usage of 2-Ethylhexyl acetate in the automotive & aerospace and automotive refinish coatings sector is pulling huge investments from...
ADAS Calibration Equipment Market is Poised to Expand at 11.4% CAGR Through 2029 – Future Market Insights
Innovations are boosting the adoption of ADAS calibration equipment globally According to FMI, ADAS calibration equipment market is going to witness steady...
Poultry Diagnostics Market Players Look to Capitalize on Low Costs and High Accuracy of ELISA: FMI Study
Market leaders are majorly focusing on the product research with an end goal of launching and developing enhanced testing tools...