Authored by Mr. Raj Sivaraju, President, APAC, Arete
The world today is moving towards digitization at an accelerated rate. Almost every company across the spectrum has its files stored on the cloud. The data stored in this form lends itself easily to analysis, thus allowing intelligent and accurate predictions and meta-operations. As cyberspace increases, the risk of threats also rises proportionately.
As a result, industries are garnering towards strengthening their cyber security systems. The common belief among professionals is that cyber incidents are almost inevitable, and companies must be ready to deal with such breaches and bounce back. The focus thus has shifted from cybersecurity and defence to cyber resilience.
The banking sector is no exception to this changing scenario. A growing number of Fintech companies inspired the traditional sector to engage in self-study and adopt new technologies. The industry, therefore, relies heavily on technology to make the banking experience faster and more engaging for customers. Unfortunately, the assimilation of technology and enhanced utilization of digital spaces makes this sector vulnerable to cyber risks.
The Banking Systems and accruing benefits of cyberspace utilization
Customer verification and authentication
The increased popularity of e-Aadhaar and e-pan cards enabled online KYC verification. Customer onboarding is done via video calling and stored in cloud spaces. This makes the process faster and more cost-effective.
Data collection is automatic, and validation at the source reduces the need for multiple bank visits. Additionally, large chunks of data can be processed simultaneously and more accurately, reducing the chances of error and waste.
More efficient loan underwriting processes
The traditional banking system estimates an individual’s creditworthiness based on past interactions, credit card bills, present and expected salary, and financial transactions. However, this means that many people, especially students, find it challenging to procure easy loans and may be left out of the ambit of education and development.
The integration of technology and utilization of digital spaces allow Fintech companies and traditional banks to rely on data about the salary potential of various courses and the parameters indicating financial discipline to generate credit scores. AI and ML are employed widely and can predict creditworthiness comprehensively without errors. Individuals can thus secure collateral-free loans without their parents becoming signatories.
Automation of processes
The traditional banking system was infamous for long waiting periods and delays in disbursement. This can be attributed to the time taken to process the documents and manually underwrite loans. AI and Ml have helped in the automation of these functions. Customers can fill out loan applications online, and reminders about EMI due dates, interest rates, and transaction alerts can be sent directly to their e-mail addresses. Detection of fraud is prompt, making the system fast and secure. Additionally, direct payments to the recipient’s account add to the efficiency of the financial transactions.
Cyber threats to the banking system
Estimates suggest that the Indian banking sector recorded approximately 250 incidents of cyber breaches from June 2018 to March 2022. This means that we lost crores of money to cyber criminals while the sector came to a halt to recover operations.
Data breaches, data scraping, web injection commands, and malware attacks at vulnerable endpoints were among the risks. The strategies used by threat actors are constantly evolving and becoming more advanced with time. Therefore, the need of the hour is to stay prepared, anticipate attacks and have mechanisms in place to respond effectively.
Here are some tactics used by threat actors to target the banking sector.
The use of fake domain names remains the most common method of attack. Cloned websites and fraudulent calls entice consumers to give their banking details. In addition, incidents of phishing stay on the rise. A significant reason for this is the need for more cyber awareness and vigilance among individuals.
Reverse tunnel attacks on the BFSI sector through shortened URLs are also common. These tunnel services allow applications to open up portals with malicious content. Fake login pages are used, and the information thus collected is used for phishing.
Countering cyber threats
A cyber breach in the banking sector can have disastrous implications for individual customers and the economy as a whole. This industry is the nation’s backbone, and its collapse can compromise national security. Cyber resilience and reparative action are equally important. The firms that offer cybersecurity as a service are vital to helping banks tackle the problem and succeed.
It is also essential to educate and train employees about cyber risks. A zero-trust policy with multiple levels of authentication can go a long way in protecting cyberspaces. Identifying threat sources and eliminating vulnerabilities are essential for preventing attacks and recovering from such incidents.
Bottom line
The banking industry in India is undergoing significant transformations. It is opening itself to the digitization and automation of processes and technological advancements like AI and ML. This increases the scope of cyber threats, and cybersecurity as a service is more crucial than ever to ensure safety and seamlessness to the banking sector, allowing it to scale further by making the most of digital innovations in the country.
