By Sarah Maber, Managing Consultant at World Wide Technology
Our world today is entirely unlike the fantasy world of Harry Potter, where a goblin-controlled cart takes you through miles of tunnels under the City of London to your personal vault. No, we’re in a far more complex place now.
The banking system is now based around services and digital connections. Recognising this, our laws are also changing. Open Banking and the Second Payment Services Directive (PSD2) are upending the culture of financial services. While consumer choice in banking has never been better, traditional banks are scrambling to keep pace. Established banks operating with legacy infrastructure must essentially transform into software-based service providers. It’s no small task for the banks, and one which is leading to some uneasy alliances with their challengers.
The Open Banking opportunity
Open Banking compels banks to make customers’ financial data shareable with trusted third parties via secure application programming interfaces (APIs). While it’s easy for fintechs to realise the benefits of Open Banking on their businesses, there’s a tendency for more established banks to view it as an inconvenience – yet another regulation to comply with. However, rather than posing a threat to traditional banking, PSD2 is an opportunity for longer-established banks to provide customers a wider portfolio of complimentary services, opening up partnership opportunities with fintechs like Yolt and Viber.
In order to make this a reality, bank needs to set themselves up to be tapped into as and when consumers want to access their financial data.
The fintech advantage
Consumers desire to adopt challenger banks and apps usually comes down to three simple reasons: functionality, a focus on mobile and branchless banking, and a certain ineffable cool factor. The way fintechs are able to operate free from the weight of legacy systems is the key to delivering such in-demand features, building new processes and products by rapidly iterating on their APIs. Open Banking has enabled a proliferation of apps, start-up banks, insurance policies, mortgages and more throughout the established financial ecosystem.
For example, digital-first banks have leveraged open APIs to build their products and are growing rapidly. Monzo built its own architecture from the ground up and is able to develop platform updates at a rapid pace. Ultimately the fleet-footedness of these fintechs allows them to quickly adapt to customer demand, pushing out more regular product feature updates and slicker user experiences.
However, relatively few people are completely switching over from their larger, legacy banks. Consumers still recognise the value of mainstream banks and still keep most of their funds out of the challenger banks. With greater resources, trust built over decades, a broader range of services and higher-tiered banking licenses, the established banks offer a sense of security and stability which fintechs do not.
Instead, most consumers run multiple bank accounts alongside each other, attempting to have the best of both worlds. This is an opportunity for both cohorts: for agile platforms to rapidly deliver new features and tools based on what consumers want, and for established institutions to deliver longer-term, higher-value financial products such as mortgages and investments.
With Open Banking it is not necessary to see these businesses as in direct competition with each other, but rather forming part of a larger, more collaborative ecosystem.
For example, a new app called VibePay allows friends to pay each other in a simple way rather than dealing with complex payee details. This leverages APIs across multiple banks, but it is not in direct competition with banks, and the app facilitates the easier flow of money.
A clash of cultures
Collaboration and close working relationships between banks and fintechs is clearly the future, but with their divergent operating models, it is no surprise there is a culture clash. Frictions can arise when changes that may take fintechs a week take incumbents six to eight months.
New working cultures cannot be created overnight, and tensions are likely to crop up while banks transform internally. Consumers’ expectations are also now heightened, piling more pressure on the banks struggling to keep up.
The introduction of Open Banking was intended to increase collaboration, competition and innovation. Ultimately, this way of working will allow fintechs to tap into traditional banks’ loyal customer bases, while traditional banks will be equipped to provide better customer experiences.
The way forward
With Open Banking and PSD2, banks are becoming software-based service providers. To truly ensure that the legislation is a success, banks’ employee culture must become more like fintechs’ – agile and collaborative. It is essential that banks, financial institutions, and fintechs invest in the right people, development teams, and partnerships.
Moreover, all legacy applications need to be refactored to fit with the new agile API infrastructure. Many banks currently use private APIs to improve internal communications between legacy systems, so they already have experience of this kind of development work. But the technology and security implications of open APIs are far greater, and they must meet the highest standards of consumer and developer trust.
This confidence and trust is a foundational part of the banks’ appeal, so they must be more cautious than their challengers, and ensure that all technology that they deploy is done so securely, seamlessly, and in a way that doesn’t negatively impact their customers.
Established banks are unlikely to become as nimble as a start-up, and nor should they seek to be. However, leaders should look to set tangible objectives which will be achieved as a result of compliance with PSD2, such as increasing their customer base of 24-35 year-olds. This will help banking CIOs create a real business case for adopting new technology, which will ultimately foster the gradual cultural and technological change needed to ensure a successful, collaborative future.
What banks need to know about observability
By Abdi Essa, Regional Vice President, UK&I, Dynatrace
More aspects of our everyday lives are taking place online – from how we work, to how we socialise and, crucially, how we bank. To keep pace, financial organisations have stepped up their digital transformation efforts, supported by a shift to dynamic multicloud environments and cloud-native architectures. However, traditional monitoring solutions and manual approaches cannot keep up with these vast, highly complex environments. As a result, many banks are turning to new, observability-based approaches to understand what is happening in their digital ecosystems. These approaches, however, bring new challenges to overcome.
Here are six things banks need to know about observability to ensure they can gain true value, combat the complexities of their modern multicloud environments, and drive digital success in 2021 and beyond.
- Most banks have very limited observability
The scale, complexity, and constant change that characterises hybrid, multicloud environments presents a real challenge to banks’ IT teams. Our research found that, on average, banking digital teams have full observability into just 11 percent of their application and infrastructure environments – not nearly enough to understand what is happening, and why, across the digital ecosystem. Additionally, 87 percent said there are barriers preventing them from monitoring a greater proportion of their applications – including limited time and resources. Without improving observability across the entire cloud environment – by drawing in metrics, logs, and traces from every application – banks’ IT teams are limited in the success they can have driving initiatives to deliver the new banking products and quality user experience customers want.
- You can’t bank on manual approaches
With many banks beginning to rely on more dynamic, distributed multicloud architectures to deliver new services, IT teams are stretched further than ever. More than a third of financial services organisations say their IT environment changes at least once per second, and 65 percent say it changes every minute or less. This rate of change creates a volume, velocity, and variety of data that has gone beyond banks’ IT teams’ ability to handle with traditional approaches – there’s no time to manually script, configure, and instrument observability and set up monitoring capabilities. The need for automation is therefore critical. By harnessing continuous automation assisted by AI in place of manual processes, teams can drastically improve observability to automatically discover, instrument, and baseline every component in their bank’s cloud ecosystem as it changes, in real-time.
- Cloud native adoption is obfuscating observability
To remain agile and keep up with the rapid pace of digital transformation, banks are increasingly turning to cloud-native architectures. Our research found 81 percent of them are using cloud-native technologies and platforms such as Kubernetes, microservices and containers. However, the complexity of managing these ecosystems has made it even harder for banks’ IT teams to maintain observability across their environments. Nearly three-quarters of banking CIOs say the rise of Kubernetes has resulted in too many moving parts for IT to manage, and that a radically different approach to IT and cloud operations management is needed. Such an approach should be based on a solution that is purpose-built to auto-discover and scale with cloud-native architectures.
- Data silos result in tunnel vision
To boost observability, many banks have simply thrown more tools at the problem. Our research found that most organisations use an average of 11 monitoring solutions across the technology stack. However, more isn’t always better, and multiple sources of monitoring data can result in fragmented insights. This fragmentation makes it harder to understand the full context of the impact that digital service performance has on user experience and unravel the nearly infinite web of interdependencies between banks’ applications, clouds, and infrastructure. Instead, financial organisations should seek a single platform with a unified data model to unlock a single source of truth. This will be integral to ensuring that all digital teams are on the same page, speaking the same language, and collaborating effectively across silos to achieve business goals.
- Observability alone is not enough
Simply having observability doesn’t help banks achieve tangible benefits or reach their business goals. To get true value, the data processed must be actionable in real-time. As such, observability is most effective when paired with AI and automation. This observability enables teams to instantly eliminate false positives, prioritise problems based on the impact it will have on the wider organisation, and understand the root cause of any problems or anomalies so they can resolve them quickly. The alternative is to manually trawl through dashboards and data to find insights, which is incredibly time-consuming and makes it almost impossible to act in real-time. Our research found that 94 percent of CIOs think AI-assistance will be critical to IT’s ability to cope with increasing workloads and deliver maximum value to the organisation. AI is clearly no longer just a ‘nice to have,’ but a business imperative.
- Observability isn’t just for the back end
Far from just having observability of their multicloud environments, banking IT teams also need to be able to see how the code they push into production impacts the end-user experience, and how that in turn affects outcomes for the business. This is a major goal for many CIOs, with 58 percent citing the ability to be more proactive and continuously optimise user experience as a benefit they hoped to achieve from increased use of automation in cloud and IT operations. By harnessing automatic and intelligent observability, banks’ digital teams can unlock code-level insights and precise answers to their questions about user experience and behaviour, so they can continuously optimise their banking services.
Observability is key for modern financial organisations looking to accelerate their digital transformation. By understanding these six key things about observability, IT teams will be better placed to master dynamic, multicloud ecosystems, and drive better digital banking services for the business and its customers.
Hackers can now empty out ATMs remotely – what can banks do to stop this?
By Elida Policastro, Regional Vice President for Cybersecurity, Auriga
In 2010, the late Barnaby Jack famously exploited an ATM into dispensing dollar bills, without withdrawing it from a bank account using a debit card. Fast forward to the present day, and this technique that is now known as jackpotting, is emerging as a threat and is growing as an attack on financial services. Recently, a hacking group called BeagleBoyz in North Korea have caught the attention of several U.S. agencies, as they have been allegedly stealing money from international banks by using remote hacking methods such as jackpotting.
The reality behind jackpotting
Jackpotting is when cybercriminals will use malware to trick their targeted ATM machine into distributing cash. As this criminal method is relatively easy to commit, it is becoming a popular tool for cybercriminals, and this trend will sure continue in 2021, unless financial organisations implement policies to prevent this and protect consumers.
During this difficult time, when access to cash has never been more important to banking customers, it is imperative that banks give their customers reliable ATMs that work, 24/7, 365 days a year. However, due to the sensitive data that ATMs possess, such as credit card or PIN numbers, they have now become a profitable object for cybercriminals to manipulate. As cybercriminals have been evolving in their efforts of attacking the IP in ATM machines, we will definitely see more jackpotting stories emerge in the coming months, especially with the large return on investment.
How criminals exploit the vulnerabilities found in ATMs
Since ATMs are both physically accessible and found in remote locations with little to no surveillance, this gives an opportunity for criminals to carry out jackpotting, especially with the software vulnerabilities that may exist in many ATMs.
ATM machines have been easily manipulated due to the outdated and unpatched operating systems that they run on. If banks wanted to resolve this issue and update these systems, it would take large amounts of time and money to do so. However, some banks do not have such resource and because of this, cybercriminals take advantage by penetrating the software layers in ATMs and exploiting the hardware to dispense cash.
How can banks tackle this?
As the sector has a complex technical architecture, banking organisations will have to make sure that they have control over the transactions that take place, and this includes the management of security when it comes to communication between various actors. When financial organisations are reviewing their ATM infrastructure, they will also need to protect their most vulnerable capabilities within their cybersecurity. Banks, for example, can encrypt the channels on the message authentication, in the event bad actors try to tamper with their communications.
Because ATM networks need to be available 24/7, banks not only, need to implement greater protection over their systems, but they need to do so with a holistic approach. One action that banks can take is to implement a centralised security solution that protects, monitors and controls their various ATM networks. This way banks can control their entire infrastructure from one location, stopping fraudulent activities or malware attempts on vulnerable ATMs.
Another way for banks to reduce the risk of jackpotting attacks is to update their ATM hardware and software. To do this, they will need to closely monitor and regularly review their machines in order to spot any emerging risks.
What the future holds for the banking industry
As confirmed by the warnings from the U.S. agencies, jackpotting remains a very serious threat for financial organisations. Evidence has also emerged, which shows hackers are becoming more innovative in their tactics. It was reported last year, for example, that hackers stole details of propriety operating systems for ATMs that can be used to form new jackpotting methods.
The emergence of jackpotting highlights the need for banks to actively work to protect their customers’ personal information and critical systems now and for the foreseeable future. In order to stay secure and reduce the risk of attacks, they will need to put in place the aforementioned solutions, which include updating their ATM hardware and software as well as closely monitoring and regularly reviewing their ATMs. As cybercriminals continue to become more innovative in their ways of attacking the machines, the issues mentioned will only continue to rise if they are not addressed. Although the method of jackpotting requires little action from cybercriminals, if financial organisations can implement a layered defence to their ATM security, they can stop themselves from becoming another victim to this type of attack in the future.
SoftBank Vision Fund set for new portfolio champion with Coupang IPO
By Sam Nussey and Joyce Lee
TOKYO/SEOUL (Reuters) – SoftBank’s $100 billion Vision Fund is poised to have a new number-one asset in its portfolio with the upcoming floatation of top South Korean e-tailer Coupang, furthering a turnaround that has seen the fund yo-yo from huge losses to record profit.
The $50 billion target valuation that Reuters reported this month would likely see the decade-old firm surpass recently listed U.S. food deliverer DoorDash Inc on a roster of assets that also includes stakes in TikTok parent ByteDance and ride-hailers Grab and Didi.
The Vision Fund built up its 37% stake in Coupang for $2.7 billion, mostly at an $8.7 billion post-money valuation, a person familiar with the matter said. The fund is not expected to sell shares in the initial public offering (IPO) that Coupang filed for in New York, the person said, declining to be identified as the information was not public.
SoftBank Group Corp and Coupang declined to comment.
Achieving a $50 billion valuation would add to good news for the fund which is bouncing back from an annual loss in March. This month, it announced record quarterly profit, driven by the listings of DoorDash and home seller Opendoor Technologies Inc and share price rise of ride-hailer Uber Technologies Inc.
The fund has written big cheques for late-stage startups to fuel rapid growth, with two-thirds of the value of its portfolio concentrated in 10 assets including Coupang.
The 10 include 25% of British chip designer Arm – to be sold to Nvidia Corp pending regulatory approval – but not stakes in high-profile stumbles like office-sharing firm WeWork.
The fund’s largest assets include its 22% stake in DoorDash, whose share price has doubled since the firm’s December IPO, sending its market capitalisation to $65 billion.
FACTBOX: Vision Fund’s investment hit parade
SoftBank initially invested in Coupang in 2015, adding it to a stable of e-commerce hits that included 25% of China’s Alibaba Group Holding Ltd, before placing it under the fund.
The e-tailer has grown rapidly during stay-home policies while the COVID-19 pandemic has forced other portfolio firms like Indian hotel chain Oyo to scramble to preserve cash.
Analysts see Coupang’s $50 billion valuation as feasible given its first-mover status and as it expands beyond replacing brick-and-mortar retail with a rising number of online channels.
It is the biggest e-tailer in South Korea that directly handles inventory, with 2020 purchases at about 21.7 trillion won ($19.62 billion), showed data from WiseApp.
“The market’s assessment isn’t exaggerated,” said analyst Park Eun-kyung at Samsung Securities. “Coupang’s market leadership is a premium factor.”
($1 = 1,106.1800 won)
(Reporting by Sam Nussey in Tokyo and Joyce Lee in Seoul; Editing by Christopher Cushing)
Analysis: Bubbles, bubbles bound for trouble?
By Marc Jones and Thyagaraju Adinarayan LONDON (Reuters) – The $6.2 billion-an-hour rise in the value of world stocks since...
Exclusive: AstraZeneca to miss second-quarter EU vaccine supply target by half – EU official
By Francesco Guarascio BRUSSELS (Reuters) – AstraZeneca expects to deliver less than half the COVID-19 vaccines it was contracted to...
Northern Irish Brexit issue is two-way street, says EU’s Sefcovic
BRUSSELS (Reuters) – Britain must show it is fully using the avenues available under the Brexit divorce deal to minimise...
Oil holds near year-long highs as COVID lockdowns seen easing
By Bozorgmehr Sharafedin LONDON (Reuters) – Oil prices were steady on Tuesday, trading close to more than year-long highs on...
Thomson Reuters to stress AI, machine learning in a post-pandemic world
By Kenneth Li and Nick Zieminski NEW YORK (Reuters) – Thomson Reuters Corp will streamline technology, close offices and rely...
Dollar mixed after Powell, pound hits three-year high
By Kate Duguid NEW YORK (Reuters) – The dollar reversed earlier gains on Tuesday morning after a dovish speech from...
Tesla shares in the red for 2021 as bitcoin selloff weighs
By Julien Ponthus LONDON (Reuters) – Shares in Tesla were set to plunge into the red for the year on...
Facebook ‘refriends’ Australia after changes to media laws
By Byron Kaye and Colin Packham CANBERRA (Reuters) – Facebook will restore Australian news pages, ending an unprecedented week-long blackout...
Calabrio charts record year-on-year UK growth as demand for cloud technology soars during lockdown
Digital transformation acceleration drives cloud contact centre adoption of Calabrio workforce engagement management technology Calabrio, the workforce engagement management (WEM)...
Gastric Electric Stimulators Market Size Worth US$ 188.4 Mn by 2026 – Future Market Insights
The worldwide uptake of gastric electric stimulators is anticipated to witness hefty demand in 2019, representing a rigorous 6.6% y-o-y...