January 28, 2016
Cybersecurity is one of the most relevant and sensitive topics across FinTech sectors. Recent stories of data breaches across industries that have occurred with major players have left a bad aftertaste and made users extra cautious about sharing personal information. If previously we used to automatically hit the Accept button with long lines of data points we give access to, now is the time to take an extra minute to actually read what you are giving away.
The most sensitive and important data users are especially cautious giving away is financial data. Credit/debit card information, alternative payment options—our mobile phones have become payment tokens themselves. Endless opportunities are in hands of savvy cybercriminals if they just have our smartphones for a couple of minutes.
Cybersecurity, hence, has become one of the areas where heavy investments are made and no number of dollars will be too high in comparison to the possible outcome of damage.
The European financial industry has already realized the potential of the threat and in December last year, the Internet Corporation for Assigned Names and Numbers, a nonprofit organization that has the responsibility of managing the domains and Web addresses across the Internet, has created a new domain name—.bank—to help fight off increasing cybercrime. This domain name is only available for verified banks, credit unions and other qualifying financial institutions.
The .bank domain will be managed by a financial industry advocacy group, ensuring that all websites ending with .bank are owned by real banks conducting real business with consumers around the world.
According to the domain name group CentralNic, 550 European financial institutions, including Royal Bank of Scotland and Santander have registered to obtain .bank top-level domains (TLDs) since US Internet regulators launched it in June 2015.
Prior to that, on the other continent, another evidence of the systematic problem occurred when The American Bankers Association, a major financial industry trade group that lobbies for stronger data protection standards, reported a data breach within their systems. At least 6,400 email addresses and passwords that were used to make purchases or register for events through ABA.com’s shopping cart application had been compromised in the breach.
Many more cases of cybercrime had occurred during 2015 and certainly, more are to be expected this year. Due to massive financial damage, global attention to the segment is growing at an outstanding pace.
According to RT, the global cybersecurity market will grow to an estimated $170 billion by 2020 from $77 billion in 2015 with the Asia-Pacific region quickly emerging as a major market for cybersecurity interests and North America & Europe remaining the top cybersecurity markets. In fact, the European cybersecurity market is expected to hit $35.53 billion by 2019 while cybersecurity markets in the Asia-Pacific region and Latin America will increase to $32.95 billion and $11.91 billion, respectively.
Cyberattacks are costing global businesses around $500 billion per year, according to RT. In the last five years, the financial industry has been the top target for cybercriminals with IT and telecom, defense, and the oil & gas sectors following behind. Security analytics, threat intelligence, mobile security and cloud security are expected to see the most significant growth.
Being at the forefront of both cybercrimes and funds poured into cybersecurity, four banking industry giants—JPMorgan Chase & Co. ($500 million), Bank of America ($400 million), Citigroup ($300 million) and Wells Fargo ($250 million)—will collectively spend $1.5 billion on cybersecurity annually.
Following the scale of damage made by cyber-smugglers is the cyber-insurance market, the most developed in the US, with damages from $1 billion to $2.5 billion in the past two years.
The year 2016 will be a dramatic year for the segment. Aside from pouring mind-blowing funds into cybersecurity systems, companies spend over $1 billion every year on security awareness training within the teams.
Turning to particular markets, it is worth paying attention to Israel which is the largest exporter of cyber products after the US. Israeli companies exported $6 billion (USD) in cyber-related products and services in 2014. The latest data from Israel's National Cyber Bureau (NCB) shows a surge in cyber exports from US $3 billion in 2013 to $6 billion in 2014. According to NCB, this figure constitutes about 10% percent of the estimated $60 billion global cyber market.
The Asia-Pacific mobile security market is expected to garner $7.5+ billion by 2020, registering a CAGR of nearly 43% during 2015 to 2020, according to Forbes.
Owing to more and more people sharing sensitive financial data for buying and selling online, hackers and online identity thieves are constantly on the prowl to steal and misuse funds whenever possible. The mobile revolution has made the mobile security sector one of the fastest-growing spaces in the cybersecurity industry. As hackers become more and more imaginative in the ways to get to users’ financial data through loopholes, FinTech is also looking for advanced ways to change the way traditional cyber defense systems work.
One of the examples is the Israeli BioCatch that developed a device-based patent working with the use of touch and the phone’s accelerometer to authenticate mobile device users. The company’s focus is to equip the online business industry with a product that helps to fight against advanced cyberthreats. The privately owned and rapidly growing BioCatch is pushing biometrics technology to the next level through a unique approach.
Another example is BehavioSec, one of the hottest FinTech startups from the Nordic countries. The Sweden-based BehavioSec Inc. represents an interesting combination of behavioral science, math and technology. The company transforms behavior into a transparent additional level of security by monitoring the way users interact with their devices in real time. The interaction pattern is contextualized. Technology can recognize if a conflicting user is operating a device by monitoring the environment, rhythms and interactions patterns that are unique to a particular user. The technology is currently deployed at over 20 retail banks protecting over 11 million users and over 500 million transactions per year. The level of accuracy is 99.7%. Until now, the company has raised $8.19 million.
There are more examples of FinTech startups looking to fight modern fraudsters with imaginative solutions. However, cybercriminals are not going to pause the development of innovative malware either and 2016 may still not be the year when cybercrime will be pushed back once and for all.