siliconindia | | OCTOBER 202219jor financial loss and distress. As per a report by the Reserve Bank of India (RBI), around 60,000 cyber frauds took place in the banking sector alone, including the Scheduled Com-mercial Banks (SCB), during the fiscal year of 2018-19, and resulted in a loss of Rs 67, 432 Cr. for the last fiscal. Ac-cording to a report by CISO, in 2018, the Indian BFSI seg-ment clocked an average B+ OSINT Security score, and was ranked 50 in Security maturity and 42 in breach readiness. Some vital platforms which are most vulnerable and need a cyber-security assessment and action, include:1. Solutions by Fintech Startups: Over the past few years, a number of technology start-ups specialising in fi-nancial segment have emerged, disrupting the way we make purchases. From app based wallets and adhaar/UPI linked instant transactions to single window e-Commerce apps, fin-tech startups need to be mindful of the threats and invest in creating a robust data security framework for the apps. This is generally ignored as these may be boot strapped start-ups and generally avoid hefty investment needed for a more than basic digitally secure ecosystem. This needs to be addressed by collaboration with cyber security firms that provide cus-tomised and value driven services, as against the big budget packages. 2. ATM Security: These have been very common and involve a combination of physical breach ­ where finger prints and card details are stolen by imprinting the contact point of the machine, and software breaches. As per a report by Positive Technologies, up to 69 percent of all ATMs are vulnerable to cyber-attacks. Interestingly, ATM attacks have been getting complex and more sophisticated since the first ATM Malware attack of 2018, and it is expected to continue being a looming threat. ATM security assessment, an import-ant exercise, is a recommended mode of addressing these vulnerabilities.3. Mobile Apps & Integration: As per a report by Ava-ya India, 26 percent of Indian customers regularly avail digital banking services through the bank website and mobile app. With the increased use age of smartphones and the consumer friendly mobile app version for one tap transactions, mobile and digital banking isset to further enhance the vulnerability of the platform. Banks need to pay special attention to these platforms when it comes to cybersecurity.4. Social Engineering: Data has become the new currency now and financial data is even more valuable. While innova-tive and complicated cybercrimes are on a rise, especially for newer platforms, the age old methods of phishing, network scanning, viral code, website defacements and intrusion and the conventional malware also continue to grow, mostly un-checked. These require a consistent effort to monitor using advanced detection technology processes to ensure there are no major or minor compromises. While all of the above are important steps to be taken by BFSI players, including banks, service providers, fintech players and their technical support staff, a significant aspect of secure transactions is also consumer awareness. With automated messaging alerting consumers to not share their OTP or CVV numbers over a call or to use secure servers when making financial transactions, most banks, and fi-nancial institutes are taking basic steps towards educating their customers. However, a strategic, technology expert led awareness campaign can play a significant role in educating masses about effective and secure use of digital platforms for financial transactions, which is the need of the hour as an increasing number of people are now operating from home, through barely secure servers. Over the past few years, a number of technology start-ups specialising in financial segment have emerged, disrupting the way we make purchases
< Page 9 | Page 11 >