VAR Panchayat

Blockchain can Play Financial Middleman

by VARINDIA 2017-03-29

Will FinTech and blockchain banking improve security or introduce new risks to the system?

The emergence of FinTech startups and new disruptive technologies is changing how banking is being done and the way financial services are being delivered. Spurred by competition from FinTech start-ups, which are introducing new consumer initiatives such as peerto-peer and marketplace lending and crowdfunding, banks are increasingly turning to technology to improve their processes and business models in order to redefine the experience for customers.

Growing Risks Faced

With these changes, financial institutions and banks will have to process greater volumes of data. Analysts have predicted that data used by banks will increase seven-fold between now and 2020.

A lot of the data being generated includes customer financials, account information, cardholder data and transactions and personal information, all of which are regulated and potentially sensitive or private.

As digital (and mobile) transactions become commonplace, banks moving to embrace and enable the new digital economy will inevitably face increased security and data risks. They are likely to face new strains of malware and innovative phishing attacks aimed at exploiting loopholes as banks start to share more customer data between branches, mobile users, and even through the cloud.

Rising cybercrime, hacking attacks and data leaks have boosted the importance of sophisticated security programs. The availability of more mobile smartphone platforms will also continue to expose banks to increased danger of security attacks. And Big Data breaches can also lead to serious reputational damage and legal repercussions.

In 2015, JP Morgan suffered the largest banking corporate hack ever when 83 million records were stolen. In this attack, the stolen data wasn’t credit card numbers or banking information, but emails. The hackers then used the stolen email data to manipulate the stock market.

Will Blockchain Technology be Safe?

Financial firms, faced with the need to lower costs, improve customer service, and meet regulatory and compliance requirements are constantly on the lookout for new financial tools.

Many are keeping up with innovation by experimenting with new technologies such as Blockchain – the software behind Bitcoin – and streamlining their IT operations.

Many digital transactions today still depend on legacy processes, and can be exposed due to inefficient oversight, untrained management, and inadequate certifications of trust.

At the same time, a key trend impacting the financial industry is that payment options is still developing and becomes more diversified, and many banks are still looking for a way to develop a resilient processing infrastructure.

Blockchain technology looks promising, as it offers a distributed file system where banks can keep copies of a file and agree on changes by consensus. The file is composed of blocks where each block includes a cryptographic signature of the previous block.

Blockchain transactions promise settlements that are instantaneous, cryptographically secure, and publicly

verified – all without the need for a trusted financial institution intermediary. Blockchain is also inherently more secure, as the distributed nature of the transaction actually verifies the integrity of the transactions. Plus, the transaction is transparent and cannot be changed, thus making an attack extremely difficult – if not impossible.

This means that Blockchain technology can play the part of a “financial middleman”, thereby significantly reducing the execution timeframe of a transaction and making it more secure. Banks are hopeful that Blockchain will be useful in securely trading anything, from remittances to securities exchanges, and become a standard for international trade.

Blockchain, however, is still largely unproven, and will take time to evolve to meet some of the more sophisticated requirements of modern banking instruments. There is also a lack of regulation, and issues of compliance, regulations and enforcement will likewise need to be addressed.

Bitcoin, which uses Blockchain technology, has been popular with peerto-peer systems for years. But it has been exploited by criminals, with many users losing millions of dollars to theft. So although Blockchain can help eliminate many outdated and inefficient manual trading processes, the technology, rightly or wrongly, poses many security worries for banks.

Additionally, transaction confidentiality remains a top concern for banks. If a Blockchain is used to store confidential contract information or payment data, for example, then replicating the file could potentially offer cybercriminals more opportunities to exploit and steal data.

Financial Institutions to stay Vigilant

FinTech is starting to fill some of the traditional roles played by banks and new mobile banking and payment technologies are making it easier to improve the customer’s experience.

Financial and banking institutions cannot let their guard down when adopting new technologies and solutions, and the need to continually safeguard their data from breaches, and continually invest in revamping their security postures as external attacks evolve. They also have to develop the right defence engines designed with the capabilities to counter those attacks. With technology being the core of transformation, many financial institutions will simply need to dedicate more resources to improve both security capabilities and awareness.

Banks today must be able to respond to customer’s demands relatively quickly, and be nimble enough to adopt new technologies and implement new tools and processes when they become available. There is a need to understand how regulation and compliance needs to

evolve to allow for new innovation and timely change. At the same time, they have to be able to constantly screen new technologies, decide which make the cut and which do not, and then integrate these pieces into their IT architecture.

Planning Right Security Strategy

With the emergence of FinTech, security will become an increasingly critical concern to banks, and can only work if data is properly secured and protected. It is, therefore, crucial for financial institutions to develop a holistic security strategy, and be prepared in advance for emerging technologies and their security threats. They need to be able to identify the risks that threaten customer information, and develop a plan that includes policies and procedures to manage and control these risks.

They must also be able to implement appropriate and commensurate security controls, and to continually adjust plans to account for changes in technology, the sensitivity of customer information, and internal or external threats to information

security. And as security threats evolve, they need to be able to upgrade their defence against attacks in real time, while simultaneously ensuring data protection and regulatory compliance.

It is unrealistic to expect that financial institutions can do all this on their own. When planning their security strategies, banks need to partner with an external security provider with the ability to secure their applications, while also providing the necessary training and support to make sure the staff behind the applications understands the ins and outs of the technology.

Finally, they need to have confidence that their IT department and the external provider they work with have the experience needed to migrate security policies and devices from the existing legacy infrastructure to their new technologies and solutions.