Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

How mobile payments prompt banks to adapt to cyber security threats

Marc Mathenz, Senior Vice President and head of First Data Asia Pacific | Dec. 17, 2014
Cash is out, mobility is in. So how should banks adapt security to the new world of mobile payments?

Secondly, the arrival of smartphones and tablets has enabled cyber criminals to find more ways to steal directly from a financial institution's customer.  Malicious programmes targeting mobile devicesare designed to steal online banking credentials,intercept one-time passwords used for online banking, or record the characters entered by the user on the device's on-screen keyboard.

With this, comes an increased level of concern amongst the banking public as to the safety of their data. Whilefinancial institutions face monetary losses — including customer reimbursement, audit and consulting services, reputational damage and deployment of IT and security policies — banks are clamping down onsecurity to minimise cyber-crime.

The high cost of cyber crime
The average cost of a stolen record is US$277. Since 2004, over 1.1 billion records have been compromised globally. Now, more than ever before, it is critical for financial institutions to secure their customers' financial data.

But how do financial institutions keep up with the speed of technological change? And what should they do to protect themselves — and their customers — from these ever-growing cyber security risks?

Financial institutions bear a significant responsibility to safeguard customer details.  They must be able to demonstrate to customers that they have safeguards in place to protect confidential information. 

In-house cyber protection
The first step is to bolster their own internal cyber security efforts by including up-to-date software, developing in-house intelligence-gathering capabilities and ensuring that their cyber security programme is designed to combat the increasing sophistication of threats.

Regular reviews of a bank's cyber security incident response and crisis management, access controls, network security, vendor management, and disaster recovery procedures need to be carried out to evaluate the bank's overall safety and soundness.

However, they also need to play a role in driving awareness about cyber threats with their customers. 

Advanced payment technologies such as chip-and-pin cards, tokenisation and end-to-end encryption are quite effective at stopping card fraud. However, they need to be used as part of a comprehensive security strategy.

Educate and collaborate to combat threats
Many consumers don't fully understand the new landscape of electronic and mobile payments threats. Despite the general fear among the public of cyber-crime, there is limited awareness about how to mitigate the risks.

Financial institutions need to educate their customers about these threats, and collaborate more with industry partners about addressing them.

Warning customers about regularly updating software and operating systems, choosing strong passwords unique for each service, and exercising caution when using public wi-fi networks will go a long way to reducing the risks that new technology brings.

[1] Insights from McKinsey's Asia-Pacific Payments Map - McKinsey on Payments; September 2012


Previous Page  1  2  3  Next Page 

Sign up for Computerworld eNewsletters.