About Us Contact Us
Home About Services Solutions Industries Knowledge Blog Contact
Hit enter to search

Cyber security in Banking Sector

25/Feb/2020

I.T revolution has brought significant changes in banking sector, be it online transactions, fund transfers, mobile wallets, electronic clearing services are some of the key developments which we are experiencing today. As the banks are getting digitized so are the customers, they are getting cashless as they no more want paper work or standing in the long queue. But, now all the critical information of customers which were on papers are now available online which requires immense security. The “Internet of things” has created lot of business opportunities but also has invited vulnerabilities in terms of cyber threats.

Some facts and figures

  • The rate of breaches in financial sector has increased by 300% over last 5 years.
  • The hackers have attacked banks 300 times more than any other industry.
  • The cost to recover from cybercrimes in banks is much more than businesses of any other industry.
  • Cybercrime can cost banks around $1 trillion per year.

Banks need to be very vigilant and invest in security management to keep away from bad guys (Hackers). Some of the measures which should be taken by bank are:-

  • Banking emails should be highly protected from outsiders and so they should undergo various checks like proper verification of sender and domain from which it has been sent.
  • Any business transaction especially which involves huge money should be brought to notice and should be approved by higher authorities to check its authenticity,
  • Proper training programs should be designed for internal employees on cyber security to educate them on the ways in which hackers play pranks and steal money and important information.
  • Automatic log out facility can be included in sites and applications to prevent hackers from barging into already logged in page and use important information for their own benefit.
  • Usage of updated version of Anti-Malware applications can play a pivotal role in catching hold of any threat on the systems.
  • Doing security audit can identify loopholes in the system and can alert the banks in finding solutions to upgrade to better version of security software.
  • A cybercrime in one bank can affect the operations of many banks in the industry therefore it is necessary to work in the ecosystem so that the crime doesn’t snowball to big losses.

Inside Security

Some insiders can also be manipulative and intentionally cause damage to the banks for their own greed. Therefore, banks must ensure security professionals are hired who work 24*7 to monitor and respond immediately to the authorities in case of any unusual activity.

Security in different banking avenues (Customer point of view)

  • Mobile Banking :-
    1. End to end encryption of sensitive data being exchanged online while doing any transaction is one such solution to stay away from threats.
    2. Fingerprinting devices can help do verification of individual doing financial transaction, thereby making it less likely to fall in the hands of hackers.
    3. Email or SMS notification about any transaction to customer can help any transaction not done by customer.
    4. Consumers should be made aware of social engineering tricks made by the goons who ask customers their personal information.
  • Mobile Wallets :-
    1. Mandatory digital signature to authorise any payment made by the user.
    2. Establishment of proper firewall to restrict unauthorised entry from outsiders.
    3. Installation of updated version of malware detection software to make the payment processing more secure.
    4. Man-in-the middle and phishing attack can be done to steal payment information from the browser and user login details respectively.

Looking at the high end frauds happening in the banking sector it is of utmost importance to continuously strengthen the banking systems and software to protect customers from losses, adhere to government and data security compliance standards, facilitate security auditing and prevent loss of integrity due to data breaches.