17 December 2017

44975

Retired Member

3,251Posts 11,858,043Views 3,524Comments
Innovation in Financial Services

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

DIGITAL BANKING Tips - Tip 9: Digital Banking Security

16 May 2015  |  4047 views  |  0

One of the main challenges Digital Banking professionals face is to find the equilibrium point between security and functionality. At the end of the day we all want to provide the best digital banking experience in the most secure way. So is this possible? I think it is, I like “functional security” expression which means security enabling the business, rather than disabling.

When I started my career as internet security professional back in 1998, before we started to work on online banking project, the very first task given by the bank to me was to monitor erotic web site visiting employees! For the last 17 years, I have not met single “porn site visitor bank employee attack” so far then this made me think that some risks are real, some are not.

This is the short version of the post. 

Starting from Tip 2 to Tip 30 only short versions of my posts are available at Finextra. From Tip 31, full (long) versions of my posts can be read here.

 

 

TagsSecurityMobile & online

Comments: (2)

A Finextra member
A Finextra member | 17 May, 2015, 08:31

Very interesting post Tolga. I agree that in all the payment services I launched over the past 15 years getting the balance right between security and consumer experience was the hardest thing.

It has therefore been interesting to hear from FIDO about the many implementations of a Passwordless Experience http://www.finextra.com/blogs/fullblog.aspx?blogid=10476 .

Is this somthing your bank and others in Europe are considering?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 17 May, 2015, 10:50

Thanks a lot Charmaine. I heard about FIDO, you also wrote an excellent article about it - that I enjoyed a lot. Currently, we work intensively on Biometric (not necessarily only Apple fingerprint) solutions and EBA guideline's compliance - that would be started to be enforced starting from August 2015.

In my opinion FIDO still needs some time, the main challenge is device dependency (either in the form of biometric reader featured smart phone or another stand alone device) - plus some demographic issues too. In Europe, not all countries and not all customers have the same level of access to the prequisites of FIDO. Even so, it is where we should go as I mentioned in my blog -our devices will be our IDs.

Also please note that sophisticated attacks start with getting control of clients' PC - that may mean that regardless of security tool used in the PC, they are vulnerable. As you know, EBA (European Banking Authority) Guidelines on internet payments security - would not like browser related security tools. 

 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Retired's profile

job title
location
member since 2014
Summary profile See full profile »

Retired's expertise

Member since 2009
3181 posts3,524 comments
What Retired reads

Who's commenting on Retired's posts

Ketharaman Swaminathan
Raymond Lee
James Andrew
Dharmesh Mistry
David Andrzejek
Ralf Ohlhausen
Tom Hay
Nicola Cowburn
Michael Wright
Charmaine Oak
Francis Chlarie