Due to the pandemic, more people than ever before are accessing financial services online and more white-collar workers are working from home. These twin trends have therefore resulted in record levels of cybercrime, creating an environment of greater risk for the global FinTech industry.
Over three quarters of the UK uses online banking, with almost half of London’s population using digital-only bank accounts. Additionally, in the US it is predicted that digital banking users will surpass 200 million in 2022. Challenger banks like Revolut are as well-known as Barclays and HSBC, and do not just replace high-street banks, but provide a host of niche services which are not on offer elsewhere.
With over 40% of the professional and technical sector working from home last year, it is likely that many people in the FinTech industry are out of their offices. Remote working is set to continue, with 36.2 million Americans estimated to be working remotely by 2025. Therefore, the traditional model of operating your own or using co-located data centres to house hardware and applications is likely to become more challenging with a remote and global workforce. And physically attending multiple data centres for key ceremonies can prove costly and time consuming.
Cloud services in the ‘new normal’
Typically, a financial services company that handles large amounts of sensitive customer data flowing in and out will deploy Payment Hardware Security Modules (HSMs) which secure payment data during a transaction. If however, a company experiences a surge in transaction volumes, then their only choice is to deploy more HSMs which can involve a lengthy implementation process. With more transactions, heightened security is also necessary, as each transaction cannot feasibly be checked by an employee.
It was only in the early 2000’s when Amazon began rolling out what would become Amazon Web Services, which now has a 34% market share of the cloud services market and powers 9 million live websites, that cloud computing started to become a serious alternative to on-premises installations for companies and for private users.
Nowadays cloud based services are behind everything, from our emails (Gmail), our work lives (Microsoft Teams and Slack) to entertainment (Netflix, Spotify). The cloud can also provide a solution for FinTechs: since they scale much easier than on-site servers there’s no large expense for buying more server capacity or downtime while it is installed. If a company sees a sudden surge of customers, around holidays like Black Friday for instance, then their cloud service provider will easily be able to provide extra capacity and scale it down when less capacity is needed.
Platform-as-a-service (PaaS) and Infrastructure-as-a-service (IaaS) models are particularly valuable for smaller and start-up FinTech companies. IaaS replaces the storage and networking functionality which would typically be hosted in an on-site data centre and PaaS includes development environments, allowing companies to create and deploy apps, websites and software. Using these models, small companies can create solutions that can scale to any size.
Storing everything on the cloud does however come with its security implications, but it is generally safer to store customer data with a cloud service than on your own company’s server, especially if you lack the in-house expertise to manage specialised components required to comply with regulations for financial services.
Strengthening payment security through the cloud
However, with cybercrime at an all-time high, being able to develop, deploy and scale new payment solutions is not enough. In FinTech, using and transferring highly sensitive data like bank account details is vital to doing business, and data being passed between clients and their FinTech provider needs to be secured and encrypted to a very high standard.
While HSMs do the important job of carrying out all the vital security tasks a payments company would need, by validating PINs, processing transactions, issuing payment cards and managing cryptographic keys, they require specialist knowledge to operate effectively. However, cloud-based ‘Payment HSMs as a service’ benefit from being able to be deployed quickly and are paid for on a subscription basis. They can be accessed and monitored remotely and are easily scalable to accommodate sudden peaks in transaction volumes. With the majority of people using cloud-based services in their day-to-day lives, it only seems like the sensible decision for FinTechs to trust cloud-based systems for their development, scaling and security.