Any suggestion a bank’s security is shaky is met with a strong response.
“Reports suggesting we are stepping back from cyber security are incorrect,” the bank said.
Data security was “part of our responsibility to our customers and communities” it continued, adding “We remain committed to being at the forefront”.
Time and transparency
Speaking on a panel at the AustCyber (formerly the Australian Cyber Security Growth Network) National Fintech Cyber Security Summit in Sydney yesterday, fintech leaders argued they need time to earn the public’s trust, and that being transparent was a good way to do so.
“It’s a matter of being as transparent as possible; it’s also a matter of time. Everything with trust is always a matter of time,” said George Lucas, CEO of micro-investing app Acorns Grow Australia.
“Number one is definitely transparency,” said Damir Cuca, founder and CEO of Basiq, a Westpac and NAB backed aggregation platform for banking data.
“Making sure you’re clear about the measures you’re taking to protect data. Two is by having strong authentication and policies and engaging the customer on that – giving them control so they can revoke access as well.”
Cuca went on to suggest that the technology architecture of fintechs could help them match the banks for cyber security.
"One of the things with fintech – we have at our disposal is these great cloud providers that are investing so much in security. And there are a lot of great architectural models that fintechs can adopt where they don’t have to host their own servers, they don’t have to host their own databases. Therefore they minimise their security exposure," he said.
"And I think that there's a lot of that they can already leverage that I would argue is probably better than some banks."
Lucas agreed, adding: "In the world of cloud, there are so many services that are affordable that small fintechs can buy that actually help protect [them]."
Australian banks have so far (mostly) avoided a major data breach. The same can’t be said about established financial institutions elsewhere in the world.
The ‘mammoth’ Equifax breach revealed this month potentially exposed the personal details of 143 million people in the US. Banks in Italy and Canada, the US, and a payday lender in the UK have all suffered loss of customer data within the last year.
The passing of mandatory data breach notification legislation in Australia could see more bank breaches being revealed, and trust eroded.
As ANZ’s Bullock, paraphrasing Warren Buffet, wrote: “It takes 20 years to build a reputation and five minutes to ruin it.”
Sign up for Computerworld eNewsletters.