Blog article
See all stories »

DIGITAL BANKING Tips - Tip 9: Digital Banking Security

One of the main challenges Digital Banking professionals face is to find the equilibrium point between security and functionality. At the end of the day we all want to provide the best digital banking experience in the most secure way. So is this possible? I think it is, I like “functional security” expression which means security enabling the business, rather than disabling.

When I started my career as internet security professional back in 1998, before we started to work on online banking project, the very first task given by the bank to me was to monitor erotic web site visiting employees! For the last 17 years, I have not met single “porn site visitor bank employee attack” so far then this made me think that some risks are real, some are not.

This is the short version of the post. 

Starting from Tip 2 to Tip 30 only short versions of my posts are available at Finextra. From Tip 31, full (long) versions of my posts can be read here.




Comments: (2)

A Finextra member
A Finextra member 17 May, 2015, 08:31Be the first to give this comment the thumbs up 0 likes

Very interesting post Tolga. I agree that in all the payment services I launched over the past 15 years getting the balance right between security and consumer experience was the hardest thing.

It has therefore been interesting to hear from FIDO about the many implementations of a Passwordless Experience .

Is this somthing your bank and others in Europe are considering?

A Finextra member
A Finextra member 17 May, 2015, 10:50Be the first to give this comment the thumbs up 0 likes

Thanks a lot Charmaine. I heard about FIDO, you also wrote an excellent article about it - that I enjoyed a lot. Currently, we work intensively on Biometric (not necessarily only Apple fingerprint) solutions and EBA guideline's compliance - that would be started to be enforced starting from August 2015.

In my opinion FIDO still needs some time, the main challenge is device dependency (either in the form of biometric reader featured smart phone or another stand alone device) - plus some demographic issues too. In Europe, not all countries and not all customers have the same level of access to the prequisites of FIDO. Even so, it is where we should go as I mentioned in my blog -our devices will be our IDs.

Also please note that sophisticated attacks start with getting control of clients' PC - that may mean that regardless of security tool used in the PC, they are vulnerable. As you know, EBA (European Banking Authority) Guidelines on internet payments security - would not like browser related security tools. 


Member since




More from member

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all

Now hiring