Cyber security in Banking Sector
I.T revolution has brought significant changes in banking sector, be it online transactions, fund
transfers, mobile wallets, electronic clearing services are some of the key developments which we
are experiencing today. As the banks are getting digitized so are the customers, they are getting
cashless as they no more want paper work or standing in the long queue. But, now all the critical
information of customers which were on papers are now available online which requires immense
security. The “Internet of things” has created lot of business opportunities but also has invited
vulnerabilities in terms of cyber threats.
Some facts and figures
- The rate of breaches in financial sector has increased by 300% over last 5 years.
- The hackers have attacked banks 300 times more than any other industry.
- The cost to recover from cybercrimes in banks is much more than businesses of any other
- Cybercrime can cost banks around $1 trillion per year.
Banks need to be very vigilant and invest in security management to keep away from bad guys
(Hackers). Some of the measures which should be taken by bank are:-
- Banking emails should be highly protected from outsiders and so they should undergo
various checks like proper verification of sender and domain from which it has been sent.
- Any business transaction especially which involves huge money should be brought to notice
and should be approved by higher authorities to check its authenticity,
- Proper training programs should be designed for internal employees on cyber security to
educate them on the ways in which hackers play pranks and steal money and important
- Automatic log out facility can be included in sites and applications to prevent hackers from
barging into already logged in page and use important information for their own benefit.
- Usage of updated version of Anti-Malware applications can play a pivotal role in catching
hold of any threat on the systems.
- Doing security audit can identify loopholes in the system and can alert the banks in finding
solutions to upgrade to better version of security software.
- A cybercrime in one bank can affect the operations of many banks in the industry therefore
it is necessary to work in the ecosystem so that the crime doesn’t snowball to big losses.
Some insiders can also be manipulative and intentionally cause damage to the banks for their own
greed. Therefore, banks must ensure security professionals are hired who work 24*7 to monitor and
respond immediately to the authorities in case of any unusual activity.
Security in different banking avenues (Customer point of view)
- Mobile Banking :-
- End to end encryption of sensitive data being exchanged online while doing any
transaction is one such solution to stay away from threats.
- Fingerprinting devices can help do verification of individual doing financial transaction,
thereby making it less likely to fall in the hands of hackers.
- Email or SMS notification about any transaction to customer can help any transaction
not done by customer.
- Consumers should be made aware of social engineering tricks made by the goons who
ask customers their personal information.
- Mobile Wallets :-
- Mandatory digital signature to authorise any payment made by the user.
- Establishment of proper firewall to restrict unauthorised entry from outsiders.
- Installation of updated version of malware detection software to make the payment
processing more secure.
- Man-in-the middle and phishing attack can be done to steal payment information from
the browser and user login details respectively.
Looking at the high end frauds happening in the banking sector it is of utmost importance to
continuously strengthen the banking systems and software to protect customers from losses, adhere
to government and data security compliance standards, facilitate security auditing and prevent loss
of integrity due to data breaches.