The protection of citizens' assets and savings is a priority and requires a renewed effort at prevention and new logics of collaboration beyond the financial sphere.
In the face of new techniques and the convergence of attack, hacking and fraud practices, there is an increasing need for financial institutions to adopt innovative approaches based on the ability to collect and analyze heterogeneous data and a revamped organizational set-up under the banner of continuous alertness. Under the banner of a process based on security "by design," as the report "AI Enhanced Business Services" put together by Cetif ofUniversità Cattolica in Milan, Italy, in collaboration with Sas.
Indeed, the trend toward abandoning the branch and resorting to home banking and, even more so, the mobile app appears irreversible. With regard above all to current account operations, which customers are increasingly accessing digitally in a dispositive way, to carry out transactions. While in relation to investments, the request for information still remains prevalent. Although apps and solutions that enable mobile operations are also increasing.
"Ensuring security is a challenge not only for financial operators but for the country system," comments Federico Rajola, director of Cetif. "Government, public administration and businesses also have to deal with growing threats, in terms of severity and impact. In this context, it is necessary to rethink strategies and logics of collaboration and prevention between the different ecosystems and, within these, to organizational structures in which the security, anti-fraud and control functions collaborate in a structured and continuous way, to pursue logics by design, compatible with the most modern user experience."
If the trend is that of an increasing overlap of the scope of cybersecurity with that of fraudulent actions and an unstoppable development of attack techniques, it is clear that the strategy of is increasingly focusing on the weak link in the chain, which is then the end user.
For this, the onboarding and "know your customer" process, reinforced by multi-factor authentication through strong customer authentication, becomes crucial. Let it be accompanied by an advanced platform that is capable of monitoring transactions, analyzing them in real time, governing and managing data, and applying advanced analytics for risk assessment with evolving analytics.
The pandemic environment and smart work "have provided fertile ground for the proliferation of new modes of attack." Likewise, "the level of vulnerability on the customer's device has increased," based on basic transactions such as wire transfers, Mavs, and reloading of prepaid cards, with a 10 percent growth that might seem modest, but over huge volumes.
If Sca is an essential factor, refinement through "continuous authentication" made of behavioral biometrics. That is, by analyzing such elements as the pressure exerted on the smartphone screen, the speed at which text is typed, the tilt of the device, and comparing the data collected with those habitually characteristic of the user, it becomes possible to understand whether it is the same individual and prevent fraudulent attacks that they might suffer.
For this reason, the Cetif report emphasizes the concept of "security by design," running along the various stages, from onboarding to authentication and fruition to control and investigation. Obviously in ways that can combine maximum protection while at the same time not sacrificing the fluidity of processes, which is crucial to the user experience.