The proliferation of digital banking technology has sparked digital transformation throughout the industry. But with so many connection points and emerging players come cybersecurity risks. Data breaches and fraud are common news stories, and each contributes to heavy, though preventable, losses for financial institutions (FIs). PwC reports $42 billion in losses attributed to fraud between 2018 and 2020. In a recent survey, Aite found 17% of U.S. FIs incur more than $5 million annually in demand deposit account application fraud losses, and 16% incur between $1 and $5 million in losses (Application Fraud: Fighting an Uphill Battle, Aite Group).
With a future-focused digital banking platform, FIs can mitigate fraud and cybersecurity threats. In this blog, we’ll cover what to look for in a technology partner and their digital banking solutions to ensure a digital transformation that’s as secure as it is successful.
Developing security from the start
As we’ve previously touched on, the most secure technology providers practice 3D security: security in design, development, and deployment. Employing security measures before products are built, developing vulnerability-free code, and securing in-production deployment is crucial.
FIs should hear these terms when learning about prospective digital banking providers’ security methodology:
- Manual Application Penetration Testing (MAPT): offensive testing to uncover vulnerabilities
- Static Application Security Testing (SAST): code analysis for OWASP Top-10 and SANS Top-25 vulnerabilities
- Dynamic Application Security Testing (DAST): analysis of code while in execution
Secure business banking capabilities
When digital banking providers talk about a secure experience, it usually relates to retail banking. But small business banking has a unique set of security needs that must be addressed. Small businesses need extensibility. A recent Aite Group survey revealed 75% of small businesses need more products and services than their primary FI provides. Looking outside of their FI’s digital banking ecosystem for solutions introduces new entry points and vulnerabilities for threat actors to exploit.
FIs will need a platform capable of extensive fraud prevention across all business banking solutions and integrations. These capabilities should include dual authorizations for business administrators, wire and ACH payments, and account transfers authorizations, all with the ability to set authorization limits. Business limits should also be manageable from the platform, including sub-user management for account permissions, limits, and roles.
The anti-fraud industry is moving towards a holistic view of users as it realizes that no single solution is strong enough on its own.
Data-driven fraud protection
FIs are becoming increasingly aware of ways to engage users with data and analytics, but these same tools can be used to secure retail and business users as well. As we’ve covered before in our Gold Standard Series event, Securing Digital Banking Users, a secure platform must have the capability to utilize data that comes from user behavior to learn and identify routine use. From there, FIs can reduce risk by regularly reviewing and acting on data that illustrates fraud not caught in real-time.
Managing security requires a complete view of data, where it is, how it is stored, who has access to it, and how it is handled in transit. Fraud extract capabilities in a digital banking platform will help efforts to monitor for fraud on a regular basis using an FI’s data. This provides rich behind-the-scenes detail across all users for actionable insights that enhance platform security proactively. A platform with reports and dashboards capabilities can clearly make sense of all the data that makes such insights possible. With security dashboards, FIs can distill and visualize data by security events, date, and failure, among other attributes. These tools and more can help FIs lower fraud losses and give users peace of mind knowing their account activity is reviewed daily.
Solutions digital banking providers should be investing in
FIs can identify how secure digital banking providers are by their investments in industry-leading secure access solutions. The types of solutions that reflect such investments can include:
- Advanced machine learning that allows FIs to detect and stop anomalous transactions, credential stuffing, and bots in real time
- Multi-layered architecture that deploys individual layers of real-time security to provide complete, resilient protection against zero-day attacks and other advanced threats
- Infrastructure security, or “front door protection,” that blocks hackers from getting into systems
- Digital ID, which allows FIs to authenticate users through a push notification to their mobile app, reducing friction for call center interactions that would otherwise need to verify transaction information
- Next-gen login experience utilizing intuitive UX features like IP-geolocation and device authentication. Users can also log in with face or touch ID or the most secure multi-factor authentication method, time-based one time passwords (TOTP) that generate a new code every 30 seconds directly on a user’s device so it cannot be intercepted or accessed
Alkami helps banks and credit unions mitigate potential impacts of fraud events by providing several security layers. Starting with cloud solutions that prevent suspicious traffic from reaching financial institutions, Alkami then adds additional solutions that stop or limit attackers from gaining access to an account. In addition, enhanced reports help the FI quickly gather needed data to identify fraudulent actions while our partner solution provides real-time threat assessments to reduce overall risk. Financial institutions need this type of holistic security strategy to defend against both existing and emerging threats.