How Is Digital Security Affecting Financial Services?

Share article

While the benefits of new technologies in the digital age are innumerable, they’ve also exposed financial services companies to new and increasingly dangerous threats, presenting the industry with perhaps its most unique challenge in decades. Trust in the security of systems and data is fundamental to the financial services industry; at the same time, customers in this sector expect speed and convenience in addition to security — and they don’t want to sacrifice one for the other. A balance must be struck.

Let’s looks at a few of the technology trends in financial services and see how this balance is struck.

Migration from Private to Public Clouds

While the financial services industry was initially slow to adopt the cloud, cloud-based services are now common throughout the industry. Paperless statements and on-the-go banking enabled by apps are increasingly the norm, for upstart banks and more traditional financial institutions alike. But as reliance on the cloud becomes ubiquitous, securing information against hacks and leaks has become an even greater challenge. As a result, many financial services companies have migrated data from private to public clouds.

A private cloud might seem like the more secure option, because access is restricted to one organization. But public cloud services such as Amazon Web Services [2], Google Cloud Platform [3] and Microsoft Azure [4] are owned and operated by tech giants; digital is their bread and butter, so their expertise is hard to match. Besides, as a recent report by McAfee [5] revealed, public clouds often have larger and more experienced security teams on hand to resolve issues (and prevent security breaches in the first place).

Of course, nobody expects every financial institution to migrate all of their information from private to public clouds — or even to use clouds for data storage exclusively. Because the popularity of both private and public clouds make them preferred targets for hackers and cyberattackers, they’ll be difficult to secure completely for some time; given the difficulties, many companies will opt to keep their most sensitive data as close to hand as possible.

Shifting to Open Source APIs

Like public clouds, open source APIs offer surprising benefits to financial institutions and their customers, despite seeming less secure. Open source software development benefits from a larger number of experts pooling diverse skills and resources; as such, many problems can be fixed as they arise, which allows users to judge more efficiently how secure a program is. In addition, security coding is built into the open source programs in early stages and throughout development — a proactive rather than reactive approach to potential security threats.

Multi-Layered Defense Solutions

People now expect to be able to access their information and perform key tasks instantly whenever and wherever they need. But while depositing a check or transferring money between accounts on your phone is undoubtedly convenient, the question remains whether or not that device is secure enough to protect the sensitive data being handled.

A chain is only as strong as its weakest link. As security watchdog CSO [7] notes, malware infections, targeted, in-house spear phishing, and DDoS attacks are on the rise precisely due to this increase in access from unsecured devices. DDoS attacks are a particular pain point for many institutions — and financial services is one of the top five [8] most commonly targeted industries.

The answer to this growing problem lies in a more multi-layered approach. Network perimeters are increasingly being deployed in connection with cloud-based DDoS protection; these can predict and prevent attacks, while cloud-based DDoS protection can be deployed automatically in the case of more severe threats. The result is consistent, effective protection with little or no downtime.

The Rise of Biometrics

Biometrics is perhaps the most promising trend when it comes to securing financial services applications without compromising speed and efficiency. And, you may not know it, but they’ve already been with us for a while: Apple Wallet, Android Pay, and third-party financial transaction services like Venmo use fingerprint technology to authenticate payments. Now, the quality of this technology is improving by leaps and bounds.

For example, MasterCard [9] is deploying fingerprint technology embedded in debit and credit cards to make payments easier and more secure. The company is also testing a facial recognition [10] app with the help of smartphone technology. The idea behind this shift is that people should be identified for “who they are, not what they remember” — a less-than-subtle dig at password protection, a cybersecurity standard for decades that might be on its way out.

Meanwhile, companies like BehavioSec [11] are pushing this trend even further, using advanced machine learning technology to provide security continuously and in real time. Once this technology becomes mainstream, it will likely lead to another fundamental shift in the way financial institutions and their customers interact with each other.

The Bottom Line

Balancing security and convenience is an issue in any industry, but it’s particularly intense in financial services. However, the challenge is being met, even in financial services.