The days of traditional banking are over. The monolithic incumbents that have dominated the financial markets for the past few centuries have awakened with shock to the realities increased digitisation is bringing. Most are embracing the new normal; some had the forethought to see it coming and duly transformed before the 2020 rush.
Data has also become the greatest asset, and, as the IoT expands exponentially, it becomes increasingly under threat from cyber attacks that could reap devastating events if not properly addressed. We spoke to the experts about how the new innovations that are changing the space are also securing the future.
Banks going cloud-native
As part of digital transformation, a major change for most banking institutions has been the shift to the cloud. Gone are on-site technology stacks and purpose-built systems managed by in-house teams, as outsourcing security and data storage becomes ‘de rigour’.
But many institutions remain behind the technology curve, says Simona Covaliu, VP Risk and Compliance at Mambu. “Given that 62% of European customers are interested in switching from physical to digital banks, it’s safe to say that the future of baking is digital. In response to this, many financial institutions are migrating to the cloud in order to future-proof their business and stay ahead of the curve. In the UK alone, 40% of new banks now operate on Mambu’s platform, providing customers with the ability to provide modern financial experiences flexibly and at speed.
“But while the majority of banks are welcoming the move to a more agile business model, legacy systems remain a barrier to progress, with 43% of banks still using COBOL – a programming language dating from 1959 – in the US.”
Sébastien Marotte, President EMEA at Box, agrees and says digitisation is not an option. Rather, it is critical if an institution wishes to survive. He explains: “Financial services organisations can no longer turn a blind eye to the fact that their legacy infrastructure simply does not comply with data and security regulations and, on a whole, they are recognising this by modernising their systems, utilising new technologies to remain compliant. As such, banks are able to offer safer payment processes and faster response times for customers. But, most importantly, they can rely on cloud service providers to protect their customers’ data from cybersecurity threats.”
Marotte says that, in order to maximise time efficiency and ensure compliance, banks should re-evaluate their digital strategies and make the leap to the cloud, as it poses much less of a risk than legacy platforms do. “Cloud-based infrastructure makes compliance reporting less time consuming, too, as banks can monitor who has uploaded, viewed, and shared content, which in turn helps them to remain GDPR compliant and in line with data protection regulations”
He continues: “In addition, cloud-based infrastructure can save banks time when it comes to onboarding, loan origination, and claim management. And, in future, other technologies such as IoT, blockchain, and more will help to substantiate banks’ digital offerings, ultimately providing a better customer experience and further safeguarding their data. That said, cloud-based platforms will continue to underpin all of this – and legacy banks, in particular, must prepare for a digital future.”
Security and cloud-based banking technologies
Identity verification is one area that has excelled since its inception to counteract the problem. However, the technology hasn’t been received well by all parties, as experts on privacy issues have expressed concern regarding the ways in which biometric identification could be exploited. Indeed, China already has a finely-tuned biometric ID system that is plugged into its social credit score platform.
Adam Brown, Managing Security Consultant at the Synopsys Software Integrity Group, does not consider this problematic and points out that, without new forms of better security, customers are at risk of breach from cybercriminals. “While not new, biometrics are a necessity for convenient multifactor authentication and, if done correctly, can be secure, enabling their use in financial technology. Banks must be careful to ensure that any biometric technology implementations they use are secure.”
He continues: “In our experience assessing this technology, new and emerging manufacturers can get this wrong and must be assessed before any authentication decisions are made. For example, biometric data can often be proved to be available outside of trusted execution zones on mobile devices, in other cases, the authentication mechanisms can be spoofed sometimes with trivial methods.”
Covaliu says that, as banking services continue to integrate new technologies, it’s integral that screening approaches continue to evolve to support end-to-end visibility of potential red flags and combat financial crime.
“To deal with this, solid KYC and digital identification procedures must be backed up by comprehensive strategies and organisational understanding of financial protection systems. SaaS platforms are already driving progress in this field; these platforms are built on the concept that change is constant, thus they can swiftly bend and adapt to changes in attackers' approaches to aid in their detection,” she says.
The future of banking technologies
Most experts agree that in an industry undergoing constant change, it’s difficult to say exactly what banking will look like over the next five years, let alone decade.
But Covaliu believes that agility and flexibility will be critical. “It’s clear that demand for financial products outside of traditional ecosystems has changed both where and how consumers engage with financial services. Customers no longer want to be tied to a single bank or financial institution; they want to access products and services anytime and anywhere – with mobile and digital-only options a must. This extends to security and compliance, too; they want their financial information to be safe and secure, but not in a way that’s intrusive or at the cost of the user experience.”
Covaliu points out that banks know all this but are struggling to keep pace with innovation. “According to Mambu research, more than two-thirds (67%) of banks think they will lose market share within two years if they fail to digitally transform. Meanwhile, a further 53% believe that they’re at risk of missing digital transformation targets.”
She adds: “Ultimately, as traditional and legacy banks continue to move towards digital, greater collaboration within the banking community is needed in order for these financial institutions to stay afloat and succeed. Teaming up with players like Mambu can help banks plug gaps and bring about the changes that customers want to see at a speed they wouldn’t be able to achieve on their own.”
Cyber attacks on banks
According to the latest Banking Priorities Survey, cyber attacks are considered one of the biggest threats to banks in 2022. Information gleaned from the survey respondents show that 24% of financial experts cited data theft as their priority, followed by compromised devices (21%), synthetic identity fraud (17%), endpoint security (10%), and denial of service (7%). Some of the most serious threats to bank security in recent years include ransomware attacks, the growth of contactless payments, mobile malware attacks and even data breaches of major banking and finance apps.