Advances in financial technology are transforming banking as we know it and this spark innovation is changing the approach of this historically traditional sector. How can the industry ensure their cybersecurity strategy matches the rest of their next-gen business?
Long gone is the age of weekly visits to your friendly neighborhood banker, as the industry has evolved significantly over the last decade. At the heart of the shifting finance sector are innovative companies, many from outside the banking ecosystem boasting ultimate convenience, next-level agility and the ability to adapt to an increasingly mobile, on-the-go lifestyle for a friction-less society, who are already overhauling even the most traditional aspects – payments, lending, insurance and more. Regulations like PSD/PSD2, SEPA and IFR have only added fuel to that fire. Thus, a race began between the traditional payment providers and the non-bank competition disrupting the status quo.
It’s imperative that cutting edge cybersecurity is not buried by efforts to create innovative and revolutionary financial technology. Apathy towards security can have detrimental results, as highlighted by the recent Bitcoin hack on South Korean cryptocurrency exchange, Coinrail, which caused a 5.6 percent drop to the value. Beyond offering a buzz-worthy new payments app or automating exhausting mortgage applications, for example, traditional payment providers and FinTechs need to ensure that their business is resilient against increasingly sophisticated cybercrime and ready for a hyperconnected world.
For traditional payment providers and FinTechs to be able to tout complete agility and advancement today, they must be able to accommodate the very serious security threats of tomorrow. To help streamline their imminent arrival into the market, many FinTechs partner with established, trusted firms to help bring their ideas to life. These are often mutually beneficial relationships and are effectively levelling the playing field for banks and payments companies, creating an environment where embracing technology and innovation can help them emerge in a crowded market, secure new customers and stay compliant with changing regulations.
In our hyperconnected world of the near future, consumers may never have to take out their wallets to hand over cash or swipe a card. When you leave a store, the cost of the items in your basket will be automatically charged to your bank account. Amazon has already successfully tested this out. The same goes for: buying gas, paying for parking, paying bridge tolls etc. as your connected vehicle communicates with your bank account, as well as the city infrastructure surrounding it. However, with each new endpoint is a new opportunity to compromise security – and there will be millions. How can you ensure your FinTech is implementing cybersecurity that can support our future of digital payments?
Here are a few constants to keep in mind:
At the core of these security “constants” is a reliable robust technology: cryptography. Even in the face of a rapidly evolving market, FinTechs can look to more traditional, established banks who’ve historically – and successfully — relied on this security to accomplish critical tasks like holding highly sensitive key material, processing transactions and generating, issuing and validating identities and payment cards, which will be even more crucial as our cities, cars and infrastructures become increasingly smart.
So – your FinTech is fully compliant with industry regulations like GDPR and PCI DSS, and your entire data and communications are secured with the latest NIST standards using the highest AES 256 algorithms, FIPS 140-2 Level 3 compliant protection and more. Are you safe?
Not necessarily. With the advent of the quantum computer, current encryption algorithms stand to be broken, and all of our data vulnerable as a result. Some security experts predict this can happen in the next decade, maybe even sooner than we think.
It’s imperative that the products and platforms being developed today must be ready to handle the post-quantum computer (PQC) era of tomorrow.
Traditional payment providers and FinTechs who are making moves to bring new, innovative solutions to the industry must adopt a crypto agility stance — in line with the rest of their culture of innovation — to better prepare for a post-quantum future.
Here are a few strategies for getting started:
Innovation-centric banks and FinTechs are in a unique position to embrace crypto agility and prepare for smart cities, as they are likely already in the process of transforming their apps, platforms and infrastructures in other ways. And the benefits of preparing for tomorrow are clear even today – overall stronger cybersecurity posture, easier compliance with industry regulations and strategic implementations that maximize ROI. As these organizations shift and adapt to the rapidly evolving payments space, it’s crucial that cutting edge and future-forward cybersecurity is not buried by efforts to create innovative and revolutionary financial technology.
First published on:
We will keep you posted with news from Utimaco and the industries we protect, as well as information on upcoming events and webinars.
Subscribe now