PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Practicing Proper Cyber Hygiene in the Digital Payments World

PaymentsJournal by PaymentsJournal
March 8, 2021
in Featured Content, Security, The PaymentsJournal Podcast
0
Practicing Proper Cyber Hygiene in the Digital Payments World

Practicing Proper Cyber Hygiene in the Digital Payments World

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
https://media.blubrry.com/paymentsjournal/paymentsjournal.com/wp-content/uploads/2021/03/Capco001001_mixdown.mp3

Podcast: Play in new window | Download

Wash your face. Brush your teeth. Secure your digital payments.

Maybe the last one wasn’t taught in health class, but as the world becomes an increasingly digital space, cyber hygiene is a critical practice that nearly all Americans should implement into their daily routine (perhaps after your mindfulness practices, but before your green smoothie).

In a recent study by Capco, experts discuss disinfecting fraud, where these cyber threats are coming from, and specific examples of some notorious cyberattacks. To further discuss the cyber hygiene PDF, PaymentsJournal sat down with Julien Bonnay, Partner, US Head of Technology and Cybersecurity at Capco, Daniela Hawkins, Managing Principal at Capco, and Tim Sloane, VP of Payments Innovation and the Director of the Emerging Technologies Advisory Service at Mercator Advisory Group.

PaymentsJournal
Practicing Proper Cyber Hygiene in the Digital Payments World
PaymentsJournal Practicing Proper Cyber Hygiene in the Digital Payments World
PaymentsJournal

The path towards cybersecurity for payments

With the current trends and expected arrival of more threats, it is more important now than ever to strengthen cybersecurity for payments. There are a lot of ways to increase these defences, especially in the cloud, which is rather new to some FIs. “Encourage consumer education, and go through campaigns to really make sure both consumers as well as employees are well aware [of] what they could be subject to,” instructed Bonnay.

Strengthening security, increasing defences, and educating consumers and employees about ongoing threats are the “three pillars [in] the foundation of cyber hygiene steps to [help] build a more resilient payments your future.”

Most institutions have taken the “we’ll cross that bridge when we come to it” approach. That is, they will find a vector of risk, seal it up, and move on to finding the next weak point. “There [are] so many vectors now that I don’t know they’ve even catalogued them all,” said Sloane. “Getting a handle on [cybercrime] and understanding all those different areas is really critical.”

Where are new threats coming from?

The answer to this can get a bit complicated. The first place cybersecurity experts look to when seeking out the source of cyberattacks are the artificial intelligence and machine learning space. “Threat actors using this new technology and its sophistication to try to breach the firewalls and protocols that financial institutions and other large companies have in place,” explained Hawkins.

The second kind of attacks are malware attacks. “We see this with phishing, even spear phishing, really targeting very specific people, and getting them to give up information,” continued Hawkins. There are also IT misconfigurations, which can sometimes leave information vulnerable through holes in the software or firewall misconfiguration.

Lastly, there is the infamous Nation-state sponsored cyberattacks. “We’ve even seen this in the news most recently with the solar winds issue where the malware was installed in test code that was just waiting to be installed,” elaborated Hawkins. “With the with the Nation-state attacks, sometimes [cyber hacking is] maybe not that sophisticated in some ways.”

Cybercriminals are going to attempt these attacks any way they can, including things like ATMs, which happened recently where North Korea was suspected of stealing millions of dollars from ATMs in Africa and Asia. “It’s coming from all fronts, and you have to have a multi-pronged approach to fight it.”

Recent case studies on cybersecurity breaches

From the consumer side of risk management, there is always concern of an attacker leveraging an AI solution. They may do this by imitating the voice of the CEO to wire money, or maybe compromising email systems to achieve the same results.

This is exactly what happened to a firm recently, where Chubb Insurance had to pay for nearly $5,000,000 for the fraudulent transaction.

“You can see that with all the big banks:. You receive a text message asking you to connect to your bank for a problem or statement, [and] you need retrieve your transaction to finalize [it],” said Bonnay. “This type of attack leads you to a very similar website, but just aims at collecting your credentials.”

While this scenario doesn’t necessarily put the banks at fault, many people fall for these types of cybersecurity attacks, and then the hackers proceed to the legitimate banking site and process further transactions.

Financial institutions address the challenges of the new day

The payments industry has been working toward the digitalization of its platforms, and COVID-19 certainly accelerated the outcome. While there are huge conveniences that come with online services, there are even more opportunities for fraudulent activity and other cyberattacks. Therefore, the approach to combat such attacks “has to be multifaceted because the attacks are multifaceted,” said Hawkins. 

One of the biggest complications that must be addressed is human error and controls. “The first thing we have to do is [provide] training and education for everyone and do what we can to reduce the human error, because we do see human error as a pretty major component of this,” continued Hawkins.

Next, there is the continuation of education, but this time for the consumer. Many consumers are not yet using their mobile wallets, but Hawkins believes that they should be. Consumers are concerned that their mobile wallet payments won’t be accepted by a merchant, or they believe that the card or chip is more secure than the tokenized number on their phone. This is not the case, and educating these consumers will aid in getting merchants to start using these more technologically advanced terminals.

The third and final challenge to address is that companies will have to invest in this technology, and along with it, the cybersecurity to secure their systems. As cybersecurity is not a revenue driving space, it often gets overlooked by leadership and executive teams. But “this is a place where [businesses are] spending money in order to save money, and to prevent reputational risk,” advised Hawkins. Though business owners may not visibly see the revenue coming from these precautions, they can assume that they’re saving millions of dollars in lost fraudulent charges.

“That really is the three prong approach: human error and the controls to stop that, consumer education—got to get that tokenization—and spending money [on] building Red teams and investing in the technology to fight cyberattacks.”

Tags: CapcoCovid-19CybersecurityDigitalFraud PreventionMachine LearningMobile Wallets
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    eCommerce On Social Media, social commerce

    The Rise of Social Commerce and Social Payments

    February 3, 2023
    Electroneum AnyTask; ETN Crypto, sales enablement

    Ethical Financial Selling: The Role of Compliance Technology and Sales Enablement

    February 2, 2023
    direct deposit

    Nacha Launches Campaign to Reach Millennials on the Benefits of Direct Deposit

    February 1, 2023
    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    Equinix Helps UK-Based Payments Provider Enable Faster, More Reliable Payments Processing

    January 31, 2023
    credit card tumbling

    How to Detect, and Prevent, Credit Card Tumbling

    January 30, 2023
    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    Why Businesses Need to Adopt Real-Time Payments as a Competitive Differentiator

    January 27, 2023
    faster payments

    Faster Payments Are Set to Revolutionize Modern Digital Payments

    January 26, 2023
    How AI can Help Manage Payments Risk in 2023

    How AI can Help Manage Payments Risk in 2023

    January 25, 2023

    • Advertise With Us
    • About Us
    • Terms of Use
    • Privacy Policy
    • Subscribe
    ADVERTISEMENT
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • News
    • Resources

    © 2022 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result