What does 2019 hold for the banking industry?
- Frederik Mennes, Senior Manager Market & Security Strategy, Security Competence Centre at OneSpan
- 24.01.2019 10:00 am Banking
2018 has been a turbulent year for banks in the UK. Physical branches are closing, with online and mobile channels becoming increasingly popular. Customers lost £500 millionto fraud in the first half of the year, and in July the Bank of England issued a warning to banks to get ready for future cyber-attacks. But we’ve also seen advances in security methods to tackle these threats, with the emergence of intelligent adaptive authentication, alongside a rise in biometrics and behavioural analytics. Regulations, such as PSD2, are also aiming to foster a more innovative and secure way of carrying out transactions.
So, as we look forward to 2019, here are three trends we can expect to dominate the financial services sector:
Consumers will force banks to up their security standards
Consumers don’t want to see or pay for security anymore; it’s just expected. In 2019, intelligent authentication will become a necessity for financial institutions looking to gain a competitive edge by delivering better experiences, lowering costs, reducing risks and increasing revenue.
We’re already seeing banks and financial institutions looking to simplify their customers’ online and mobile transactions without compromising on security. This begins with the use of adaptive authentication and orchestration within their platforms and infrastructure. What will come next is complete and continuous intelligent authentication. This will prevent missteps, like stopping a user at the front door during login, or asking users to jump through the same hoops regardless of the potential risks (or lack of) associated with the transaction.
Because customer expectations are changing, banks and FIs will have no choice but to reinforce their core systems and technologies. These include everyday banking apps with smart technology that ensures the appropriate level of authentication at the correct time.
Securing the mobile channel will continue to be a wild ride
2019 is likely to bring about an even brighter future for mobile app development. However, 2018 saw several high-profile attacks via mobile, and users are more concerned than ever with privacy. Even though new and old attacks to mobile devices and applications are appearing daily, financial institutions and organisations are still not taking proactive steps to protect the user’s apps on their devices.
This is worrying, given that some of the scariest threats in mobile – overlay attacks, phishing attacks and mobile app threats – will only get more dangerous. Studies show that users are three times more likely to fall for phishing attacks via mobile devices than they are other channels. Ransomware attacks on mobile devices will also continue to increase, along with code-injection attacks. These multi-payload attacks will be one of the scariest threats in 2019 and they will also be easy for anyone to create.
So in 2019 we’ll see some of the best minds in the industry working harder to provide the best protection against hacking and phishing attacks. Application shielding will continue to play a major role in protecting mobile applications, as the technology can detect and mitigate any tampering with a mobile app to stop the malicious code before it can cause damage.
Open Banking will increase innovation
The global adoption of Open Banking will be a dominating trend in 2019, especially for the United Kingdom and European Union.
Open Banking allows third-party payment service providers (TPPs) to obtain consumer data from banks about financial history, and to initiate payments directly through bank accounts. By accessing APIs provided by banks, TPPs will be able to build innovative financial service solutions for consumers and enterprises, such as new payment methods and account aggregation applications. This should give rise to more diverse payment mechanisms, with lower cost and increased convenience for users.
Open Banking will also fuel the on-going conversation around authentication. If a user wants to access a bank account via a TPP, they will have to be authenticated by the bank itself, without being forced to leave the TPP application. Therefore, any authentications needs to be both secure and convenient, if we’re to see the adoption of TPP applications.
There’s still a lot of discussion between financial institutions, TPPs and regulators about how this authentication can happen. A range of approaches have already been suggested, including redirection, embedded, and decoupled. For the EU in particular, this conversation will dominate the first half of 2019, as financial institutions will need to provide Open Banking APIs by September 2019, in line with the timeline set out by the Regulatory Technical Standards of PSD2.
Security will be hot on the agenda for banks and financial institutions. But the pressure won’t just be coming from potential cyber-criminals. It will also be coming from customers and regulators, who will have higher expectations that companies are keeping data secure, especially financial. The mobile channel will be a main target, as customers increasingly turn to their phones to bank. With an increased focus on security will also come further innovations in technology which will shape the way we bank in 2019, and beyond.