siliconindia | | August 202119nancial loss and distress. As per a report by the Reserve Bank of India (RBI), around 60,000 cyber frauds took place in the banking sector alone, including the Scheduled Commercial Banks (SCB), during the fiscal year of 2018-19, and resulted in a loss of INR 67, 432 Cr. for the last fiscal. According to a report by CISO, in 2018, the Indian BFSI segment clocked an average B+ OSINT Security score, and was ranked 50 in Security matu-rity and 42 in breach readiness. Some vital platforms which are most vulnerable and need a cyber-security assessment and action, include:1. Solutions by Fintech Start-ups: Over the past few years, a number of technology start-ups specialising in fi-nancial segment have emerged, disrupting the way we make purchases. From app based wallets and adhaar/ UPI linked instant transactions to single window e-commerce apps, fin-tech start-ups need to be mindful of the threats and invest in creating a robust data security framework for the apps. This is generally ignored as these may be boot strapped start-ups and generally avoid hefty investment needed for a more than basic digitally secure ecosystem. This needs to be addressed by collaboration with cyber security firms that provide cus-tomised and value driven services, as against the big budget packages. 2. ATM Security: These have been very common and in-volve a combination of physical breach ­ where finger prints and card details are stolen by imprinting the contact point of the machine, and software breaches. As per a report by Posi-tive Technologies, up to 69 percent of all ATM's are vulnerable to cyber-attacks. Interestingly, ATM attacks have been getting complex and more sophisticated since the first ATM Malware attack of 2018, and it is expected to continue being a looming threat. ATM security assessment, an important exercise, is a recommended mode of addressing these vulnerabilities.3. Mobile Apps and Integration: As per a report by Avaya India, 26 percent of Indian customers regularly avail digital banking services through the bank website and mobile app. With the increased use age of smartphones and the consumer friendly mobile app version for one tap transactions, mobile and digital banking isset to further enhance the vulnerability of the platform. Banks need to pay special attention to these platforms when it comes to cybersecurity.4. Social Engineering: Data has become the new curren-cy now and financial data is even more valuable. While inno-vative and complicated cybercrimes are on a rise, especially for newer platforms, the age old methods of phishing, net-work scanning, viral code, website defacements and intrusion and the conventional malware also continue to grow, mostly unchecked. These require a consistent effort to monitor using advanced detection technology processes to ensure there are no major or minor compromises. While all of the above are important steps to be taken by BFSI players, including banks, service providers, fintech play-ers and their technical support staff, a significant aspect of secure transactions is also consumer awareness. With auto-mated messaging alerting consumers to not share their OTP or CVV numbers over a call or to use secure servers when making financial transactions, most banks, and financial in-stitutes are taking basic steps towards educating their cus-tomers. However, a strategic, technology expert led aware-ness campaign can play a significant role in educating masses about effective and secure use of digital platforms for finan-cial transactions, which is the need of the hour as an increas-ing number of people are now operating from home, through barely secure servers. Over the past few years, a number of technology start-ups specialising in financial segment have emerged, disrupting the way we make purchases
< Page 9 | Page 11 >