December 5, 2018
November 29, 2018
Posted June 14, 2018
It’s no secret that the global banking sector is undergoing a massive amount of technological change as incumbents and new challengers alike seek to seize new opportunities and gain a competitive edge in a rapidly changing marketplace.
But big ambitions often come with equally large challenges. Chief among them: Financially savvy cybercriminals out to monetize stolen identity data, provided to them from an endless stream of corporate data breaches, to open or takeover user accounts or make fraudulent payments. Astonishingly, by the end of the year, worldwide losses from cyberattacks are likely to top $1.6 trillion, a figure that’s projected to reach as high as $6 trillion by 2021.
Think about that number…if cybercrime represented a country, it would fall just behind Spain and Australia in terms of GDP!
If new data from ThreatMetrix is any indication, three key trendlines are forming on that front, and could have enormous implications on growth strategies through the second half of the year and beyond.
According to the Q1 2018 Cybercrime Report from ThreatMetrix, there were 210 million cyberattacks worldwide in just the first three months of the year—a 62 percent increase over 2017.
A key driver behind these numbers: the dissemination of and easy access to the pilfered identity credentials around the globe. There’s even a tempo to it—sharp spikes in attacks after major data breaches, followed by sustained assaults that wind their way around the planet.
Exacerbating the problem is the growing pool of consumers and businesses seeking access to goods and services from around the world. And thanks to identity- and location-spoofing cyberthieves are eagerly waiting rendering cross-border transactions that are now 5.4 times more likely to be fraudulent than those made domestically.
Look for attack origins—and their targets—to shift with each new quarter. For example, the EMEA region, in Q1 had elevated attack rates and is the source of 65 percent of all login attacks targeting banks and fintechs worldwide. In India, financial services transactions are four times more likely to be attacked than transactions in other nations.
Other hotspots include Brazil, Vietnam and Singapore.
According to Information Age, there are already 3.8 billion Internet users worldwide. By the end of the year, there could be a billion more—propelled by the adoption of mobile technologies and business models.
In fact, ThreatMetrix data shows that 55 percent of global financial services transactions now originate from a mobile device, highlighting the fact that mobile is increasingly driving engagement throughout the customer journey.
There’s a flipside to this, of course. In emerging markets with large numbers of unbanked and underbanked customers, people who’ve never even owned a bank account are rapidly finding themselves managing their entire financial lives on mobile devices. Many may lack familiarity with fraud risks and easily fall prey to social engineering attacks.
Even in advanced economies, there are growing pains. As consumers embrace peer-to-pear mobile payments platforms, for instance, cybercrime is “flourishing.” According to the New York Times, one bank offering P2P payments recently experienced fraud rates of up to 90 percent.
Over the next 24 months, look for open banking initiatives such as PSD2 in the EU, as well as the accelerating transition to cloud or mobile-only banking, to bring exciting new possibilities to global banking.
But be warned: They’ll also expand the overall cybercrime attack surface as kinks and vulnerabilities are worked out.
The cost of mobile and online fraud on banks and fintechs is adding up fast.
According to the 2017 True Cost of Fraud Study from LexisNexis® Risk Solutions, financial services companies earning at least half of their revenues through digital channels incur up to $3.04 in costs for every dollar lost to cyber-fraud. Think chargebacks, fees and labor. For online lenders, it can be even worse.
But it’s not all doom and gloom. According to the same study, global banks that employ a multi-layered approach to cybersecurity that includes modern, digital identity-based authentication technologies can experience total fraud costs that are less than 50 percent of the sector average.
Just as the cybercriminals are always on the look-out for new ways to attack, financial institutions and fintech are increasingly embracing technology innovations and new data sources to ensure they stay one step ahead.
Top innovations that our FI customers are currently embracing include:
Today, corporate boards and executive teams in financial services should view cybersecurity as more than just a critical component of mitigating losses from fraud. According to Forrester, savvy companies are starting to see it as a way to generate new business growth by delivering a fast, friendly and fraud-free customer experience.
What kind of pay-off is possible? According to Bain & Company, businesses that excel in customer experience grow revenues 4 to 8 percent above the average for their market by attracting new customers, earning stronger customer loyalty and boosting lifetime values.
In global banking’s race to the future… it’s exciting to imagine 1 billion new internet users hungry for financial products; its daunting to consider the cyberthreats that await; and it’s comforting to know that with digital identity-based authentication solutions, the upside is definitely worth the risk!
Frank Teruel spoke on the topic of the ‘Future of Global Finance this week at the NACD Future Trends Conference, 13 June 2018.
To learn more about cybersecurity trends affecting global banking, download our Q1 2018 Cybercrime Report.