Since a few years the banking industry has experienced waves of digital transformations, which re-shaped its activities entirely. Online banking is getting more and more popular. All big players have developed online activities while some newer companies have created 100% online banking services. Online banking enables customers to access their bank account anytime and anywhere, has made processes more transparent, and has simplified the way people keep track and manage their finances.
The development of online banking is indeed a good thing for users who enjoy a customer experience they would have never expected before the digitalization of the industry. However, customers have not been the only ones to profit from this transformation, hackers and fraudsters also found ways to grandly benefit from it.
The number of cyberattacks is constantly increasing every year, for example in 2014 in the UK, online banking fraud increased by 71 percent. Everyday 230,000 sample malwares are created. Globally the estimated annual cost for cybercrime has reached 100 billion dollars. Hackers have found ways to penetrate banks security systems and ways to steal customers’ personal information. This explains, why overcoming this cyberattack challenge has become a number one priority for banks.
So far, banks have created and implemented different systems to improve the security of their processes, from increasing the number of digits of pin codes to implementing mobile transfer security texts or even implementing finger print security checks. Banks could decide to accumulate all of those processes one by one, to push those processes to the extreme (think about a 15-digit pin code) and then ask customers to go through all of them in order to do any transaction. This would certainly result in some kind of “Un-Hackable” system. But do customers really want to have to go through ten different security steps before being able to transfer 50€ to one of their friends? Obviously not. This would lead to decrease the customer experience of the user. Even if a bank claimed to be the most secure of all thanks to its never-ending security processes, customers would be likely to churn and subscribe to a less secure bank which offers easier to use processes.
All in all, bank’s security departments are now trying to solve this problem asking themselves about how much security can be implemented to both provide a positive customer experience and an irreproachable security system. When intending to find an answer to that question, it is good to keep in mind that hackers’ ways of operating constantly evolves and no matter what processes banks implemented those last years, it seems like hackers always find their ways through them. This is why banks like IBM are now focusing on threat protection operations, with systems that can disrupt threats in real-time instead. It is true that with the evolution of hacking activities, focusing in finding what may happen in the future sounds like a better strategy than focusing on what happened in the past.