Insurance Edge will be bringing you two in-depth Predictions 2020 features later this month, but for now, here’s a little taster with some interesting points made by OneSpan.
The past year has brought dramatic changes to the financial services industry. From the introduction of new regulations like PSD2 in Europe, to disruptive new technologies transforming the way consumers conduct their banking, the landscape is constantly changing. What will 2020 bring?
OneSpan, a leader in anti-fraud and digital identity solutions used by many of the world’s top banks, has created six predictions that will shape the financial services industry in 2020 and beyond.
- Mobile becomes the standard platform for financial interactions. Because of this, the corresponding increase in the attack surface that fraudsters will have access to gets worse. Financial Institutions need to bake security into their mobile apps from the beginning, not bolt it on at the end. App development needs to consider the best security mechanisms to protect the app and importantly the brand. Process flows also need to be streamlined. The ability to make intelligent decisions about applying the right level of security at the precise time is going to be largely driven by machine learning.
2. Hackers will exploit open banking. 2020 will see the introduction and adoption of open banking applications that are used by consumers and enterprises, stimulated by PSD2 in Europe and similar legislations in other regions (e.g. Australia, Singapore, Hong Kong). Open banking will give rise to new security threats and vulnerabilities, such as data breaches at third-party providers using open banking interfaces, as these companies might lack investment in security. Next to it, we may see that vulnerabilities in the IT infrastructure of third-party providers may lead to fraudulent payments.
3. Financial institutions will need help embracing AI to its full potential. Financial institutions are still holding back from providing enough data to use AI in its most complete from in the effort to prevent fraud. Currently a lot of banks have siloed data pools which can’t be pulled, however over the next year, it will be rare to see banks not using AI in an efficient way. When complex fraud detection models are able to be read and understood by people, then we firmly believe the power of AI will shine through across the banking industry.
4. Advanced liveness detection will be a critical part of cybersecurity. The adoption of facial recognition and facial comparison has been hampered until now because it has been easily spoofed using video. Technology in the form of advanced liveness detection has now closed this gap in security. Combining both static and dynamic liveness detection is something that we could also see more of. In more general terms, technologies such as facial recognition and its use of artificial intelligence will come under more scrutiny.
5. Phishing attacks will remain the dominant and preferred method of attacks by cybercriminals. Phishing attacks will only get worse simply because they are successful. Organizations and relying parties need to continue to educate consumers / customers about phishing and not to click on links or attachments in emails or text messages from unknowns. Vendors must advance “phish-resistant” technologies to protect unsuspecting users. A great start is to move away from static passwords login.
The CCPA has caught the attention of policymakers in the other 49 states and the U.S. Congress. As a result, the CCPA has been the catalyst for other privacy bills at the state level and there have been several privacy-related bills introduced in Congress including the “Consumer Online Privacy Rights Act” introduced in late November. As one can imagine, having 50 state consumer privacy laws on the books will create a compliance nightmare for organizations of all sizes. There needs to be a comprehensive federal consumer privacy and data protection law to address the compliance issue and the legislation should also incorporate minimum security requirements for organizations to deploy to protect consumer data.
It would be surprising if the “Consumer Online Privacy Rights Act” becomes federal law in 2020, but it should generate some interesting debates and lawmakers can expect pressure from the business community especially after the CCPA’s enforcement begins in July.