Financial institutions have always been attractive targets for thieves, and now there is more to steal than diamonds and cash. Thanks to the advancement of fintech technology and the proliferation of modern digital banking, most bank robbers can now sit behind the comfort of a desk and siphon of millions of dollars’ worth of data. Fintech security is now more important than ever before.
By now, most people will have heard about the Equifax hack, which compromised that data of 143 million Americans. What’s worse, as a one of the big three credit reporting agencies, the hackers made away with not only account and personal information, but social security numbers as well. Those impacted by the breach aren’t just faced with a few months or years of vigilance. Unless we radically over-haul our nation’s identity management system, they are looking at a lifetime of wariness against unauthorized use of their identity.
The Growth of Fintech
Despite all this, consumers are embracing fintech more than ever, with convenient mobile banking and payment apps limiting the need to visit a physical bank branch. Coupled with 24-hour availability as well as convenient content and features, its not wonder that a 2014 research study by the Federal Reserve discovered that over half of smartphone owners had used mobile banking within the previous year. It is therefore incumbent on both consumers and financial institutions to be proactive about fintech security.
Proactive Fintech Security in Financial Institutions
For banks and other financial institutions, a proactive approach that seeks to prevent attacks will go a long way in anticipating any potential attacks. It is recommended to utilize a combination of the following:
- Comprehensive risk assessments
- Regular internal audits
- Penetration testing
- Staff education of cybersecurity best practices
It is also essential that preventative security measures be built directly into websites and fintech apps.
- Preventing customer credentials from automatically being stored on devices
- Ample warnings about activity on unsecured networks
- Time outs after periods of inactivity
More importantly, mitigating human error is a big part of a sound security strategy. Equifax claims to have traced the breach to an error by one employee, who forgot to install a security patch. The patch would have prevented hackers from exploiting a vulnerability in their system.
Many other hacks have been the result of successful social engineering. Hackers trick employees into inadvertently allowing them into their system either through giving up their credentials or opening malware applications. The best defense against social engineering is to build a strong culture of security awareness within your organization.
- Regular employee training sessions
- Strict authentication protocols
- Policies for reporting suspicious persons or activities are some of the best methods
Consumers Share Responsibility
Consumers should also take an active approach to their own cybersecurity. This means financial institutions should take an active role in educating their customers. Good habits to reinforce include:
- Creating and regularly updating strong passwords
- Staying clear of unsecured networks
- Never responding to solicitations for emails or passwords
- Maintaining awareness of popular scams that emerge
- Locking and keeping a close eye of their devices in public places
Just like all other areas of technology that amasses large amounts of user data, fintech services will continue to be an attractive target to hackers. Consumers and institutions must both play their part in fintech security to ensure that attempts to steal this attractive data is stopped at every turn.