Cyber Threats to the Fintech Industry a Growing Concern
By 2025, the total global cost of cybercrime is expected to reach US$15tr, the approximate GDP of China and the United Kingdom combined. The hours spent navigating ransomware, hefty asset recovery costs, and operational stagnation can mean financial and reputational ruin for organisations across industries. For some, high-impact digital breaches have eroded consumer trust in the business, leading to an exodus of customers toward industry competitors.
These rising costs track with the failure of legacy identity authentication solutions to keep pace with increasingly sophisticated cybercriminals. By 2023, Gartner predicts that 80% of organisations will fail to meet security, privacy, usability and scale requirements – unless senior leaders properly tend to their business’s identity and access management needs. In short, as legacy IT security tools lag, and as enterprises fail to deploy newer alternatives, fraud is becoming substantially more sophisticated and expensive. And in the realm of corporate reputation, regaining customer and employee trust after exposure is virtually impossible.
Here’s the hard truth: Often, hackers succeed due to individual and enterprise behaviours that leave users vulnerable to exposure. Despite the prevalence of phishing, smishing, password spraying, and other common cyber infiltration techniques, consumers and organisations continue to engage in risky password behaviour. Using “password” or “12345” as your password will unfortunately no longer suffice. Likewise, many organisations have jeopardised employee and customer data – and their own digital assets – by relying on outdated identity authentication solutions to keep them safe. Two identity authentication mainstays, one-time SMS pin codes (OTPs) and knowledge-based authentication (KBA), can no longer outsmart digital bad actors. The former can be rerouted, and even the most novice hacker can easily surface the answer to “What’s your mother’s maiden name?”
Out with the old, in with the new
Next-generation identity authentication technology likely would have prevented these breaches, but hope is not lost for those who have not changed their security strategy. There is growing interest among fintech and banking decision-makers in revisiting their digital security infrastructure, and these leaders have recognised that modernising their IT security is now a business imperative. They are voicing their concerns about legacy solutions and their critical need for alternatives. authID.ai’s 2021 Fintech Security Report, which polled fintech and banking leaders, found that 84% of respondents expect to increase investment in IT security, including identity authentication, in the next year. Of course, that growing investment bodes well for consumer privacy and organisational data security, but legacy solutions like passwords and one-time pin codes have proven themselves ineffective guardians against cybercrime.
Fortunately, decision-makers recognise that those legacy tools are overdue for replacement: 75% of executives surveyed harbour concern about the risks associated with legacy identity protection options like OTPs and KBA. While respondents’ familiarity with facial biometric identity authentication is high (88%), only 22% currently use this technology. So, despite misgivings about the older solutions they have had to rely on, many have not yet made the leap to the new and the next in IT security. Perhaps most crucially, though, 70% are also somewhat or highly likely to consider facial biometric identity authentication, the cloud-based mapping of one’s facial topography, as an alternative during the next year. Eliminating the need for passwords, facial biometrics is poised to shake up the enterprise security industry and meet the needs of organisations searching for more secure digital infrastructure.
Change starts now
Looking into 2022, cyber threats are a growing cause for concern for leaders, and they are listening to calls for change. They recognise that identity security has grown from a nice-to-have to a critical business need, and they are curious about alternatives. Fortunately, a range of new identity solutions have been put to market to obviate the need for additional authentication hardware or applications, and global interest in cloud-native identity management products has nurtured a more digital-first IT security industry overall.
As tech companies strive to meet critical security needs in the new year, the message is loud and clear: Cyber threats, and the investments in security required to overcome them, are top of mind, yet solutions cannot compromise ease-of-use and efficiency. Facial biometrics has already proven to be the worthy rival that can prevent hackers from wreaking havoc, and the market is making its excitement known. The future of cybersecurity is already here, and it’s password-less.
About the Author: Tom Thimot is the CEO of authID.ai, a provider of secure, mobile, biometric identity verification software products through an easy-to-integrate Identity as a Service (IDaaS) platform. authID.ai’s suite of self-service biometric identity proofing and authentication solutions aims to frictionlessly eliminate all usernames and passwords through a consent-based facial matching system. Powered by sophisticated biometric and artificial intelligence technologies, authID.ai aims to strengthen security and trust between businesses and their customers by helping to protect sensitive personal data.
- Magic raises $52m in funding led by PayPal VenturesFinancial Services (FinServ)
- BPC partners with Ellipse to bolster transaction securityFinancial Services (FinServ)
- Top 10 cross-border payment fintechs by total fundingFinancial Services (FinServ)
- Ebury to strengthen international payments offering in LatAmFinancial Services (FinServ)