Security is the heart of the matter for FinTech
December 15, 2016
Yesterday, Yahoo released an announcement stating that, due to a security breach, the details of over one billion accounts had been stolen.
The company issued assurances that it is separate from the hack which took place in September of this year and appears to have happened in 2013. The hack itself was uncovered when Yahoo were investigating another hack that took place in 2014.
Data breaches are a fact of modern digital business. This year alone household names such as Tesco, EE and KFC have suffered from them, causing headaches and worry for business and consumers alike.
PwC issued a report earlier this year examining data breaches in 2015. Nine out of the ten large organisations it surveyed reported some form of data breach suggesting that they were to be considered a “near certainty” for business.
The harm caused by data breaches is already being quantified. FFA UK, the UK banking industry’s fraud-fighting organisation, in its report into payment industry fraud in 2015 said: “financial fraud losses across payment cards, remote banking and cheques totalled £755.0 million in 2015, an increase of 26 per cent compared to 2014.”
When it came to the leading driver of this increase, FFA UK was in little doubt: “The rise across all fraud loss types during 2015 owes much to the growth of impersonation and deception scams, as well as sophisticated online attacks such as malware and data breaches.”
This is going to make people ask “Are businesses playing fast and loose with our personal details? Do they just not care?”. I would suggest that this isn’t the case. The huge amount of financial and reputational damage done by data breaches means that every reputable company will take security seriously.
The answer is more likely to be that there are an increasing number of bad guys out there who have the time, resources and, most critically, the skills to find the vulnerable link in security chains.
The universal accessibility of goods, services and information has allowed commerce and information exchange on an unprecedented scale but it has also allowed fraudsters access to companies on an equally unprecedented scale.
Customer information, especially payment details, are hot currency on the dark web and can be quickly sold to criminal gangs for a quick profit.
What does this mean for the FinTech world? I would suggest that the New Year’s Resolution must be about putting security first. We focus on user interface and user experience but we need to look beyond this and ask whether the solution we are creating is sufficient to guard the data customers have entrusted with us.
It’s not glamorous but it is critical. Security needs to come first. It must be the foundation on which rest of the architecture is built.
There will always be criminals who will be trying to hack our data. Our job is to make their task harder.
Share this article: