Elly Yates-Roberts |
This article was originally published in the Winter 2018 issue of The Record. Subscribe for FREE here to get the next issue delivered directly to your inbox.
Security is always top of the agenda for financial services firms – but as technology empowers banks to create increasingly digital, mobile and customer-centric experiences, it also brings an evolving array of cybersecurity threats. In its ‘Financial services technology 2020 and beyond: Embracing disruption’ report, PwC lists cybersecurity as one of the top risks facing financial institutions. Among the forces behind that risk, the report says, are the use of third-party vendors; rapidly evolving and complex technologies; cross-border data exchanges, increased use of mobile and the rapid growth of the internet of things; and heightened cross-border information security threats.
“The financial crime ecosystem is rapidly evolving, and traditional prevention methodologies are falling short in protecting consumers against increasingly frequent and sophisticated financial crimes,” says André Burrell, strategy leader Banking and Capital Markets at Microsoft, in a Microsoft Industry blog. “As consumers demand a digital, mobile banking experience, new security challenges are emerging too quickly for traditional cybersecurity approaches to keep pace.”
Banks face the two-pronged dilemma of ensuring unparalleled security without compromising the customer experience. It’s a challenge that many are struggling to meet, says Burrell. “Most cybersecurity techniques employed today are point-in-time solutions. However, a new wave of fraudulent schemes bypass login authentication and endpoint security altogether. In an attempt to plug existing security gaps, banks are layering additional security solutions on top of customer-facing systems which generally harms the customer experience and provides only minimal improvement to security.”
Microsoft’s Azure cloud platform enables banks to take advantage of Microsoft’s economies of scale, which allow it to rapidly develop best-in-class security measures and keep them up to date. In addition, high levels of service availability across multiple geographies enable services that are much more resilient against failures than an on-premises environment.
Microsoft invests significantly in the stringent security and compliance standards of Azure, enabling banks to leverage artificial intelligence (AI), customer biometrics and technology such as blockchain to provide robust and unique security solutions that augment the customer experience. For example, says Burrell, “BioCatch Behavioral Biometrics, an alternative cloud-based solution, develops behavioural biometric profiles of online users to recognise a wide range of human and non-human cybersecurity threats. Instead of relying on point-in-time detection technology, BioCatch utilises these biometric profiles to continuously verify the identity of the user throughout a session – not just at the initial login. Implementing this pioneering technology helps financial institutions stay ahead of cyberthreats while reducing friction in the user experience.”
Andrew Dapre, EMEA lead Financial Services, Azure Engineering at Microsoft, says in a separate blog that banks and insurers are using Azure to implement a spectrum of AI-powered cybersecurity, blockchain and payments solutions. “Financial institutions around the world recognise Azure as the leading platform to develop new services, ensure compliance, manage risk and combat financial crime,” he says, pointing to TD Bank and UBS as examples of this trend. “TD Bank relies on Azure to safely store sensitive financial data and generate insights for advisors and customers. Azure’s advanced capabilities empower them to effectively manage over 100 million digital records daily. UBS deployed Azure to drive its risk-management platform, saving 40% in infrastructure costs.”
While cyber-risk is inevitable, says the PwC report, technologies like the cloud can support a robust defensive strategy. “Cybersecurity is a large problem and it is not going away,” the report says. “Despite prevention and authentication efforts, we can virtually guarantee that anomalous and unauthorised activity will continue to occur. But with the right tools in place, you can see it when it happens and remediate it quickly. With a structured approach to cybersecurity, financial institutions will also be more prepared as threats evolve.
“Cloud-based cybersecurity can improve intelligence gathering and threat modelling, block attacks more effectively, help different teams (or organisations) collaborate and learn more effectively, reduce the lag time between detection and mediation and create secure communication channels. When you factor in potential cost reductions, cloud-enabled cybersecurity becomes all the more compelling.”