The FinTech sector is booming. With the Covid-19 pandemic triggering changes in how people shop and accelerating the development of e-commerce services, the use of FinTech applications continues to rise in tandem. However, this rising trend calls for a growth in cybersecurity maturity, not only for financial and technology firms, but for every organization.
“Over two-thirds of senior business leaders expect their companies’ investments in FinTech to increase in 2021-2022”
As an ESET survey discovered, 45% of senior business leaders across the U.K., U.S., Australia, Japan, Mexico and Brazil believe that online payment processors – one form of financial technology, or FinTech – could help drive profitability and thus help companies get back on their feet after the Covid-19 pandemic. Similarly, consumers predict that they will shop online more frequently post-pandemic, meaning that retailers will be processing more online transactions and will need adequate and secure technology to do so.
The survey also revealed that 51% of consumers use between one and five FinTech apps, including digital wallets, budgeting apps and online-only banks. Just one-third (33%) stated that their banking habits had not changed during Covid-19 lockdowns. With the convenience of electronic payment solutions steadily growing in attraction over the years, a lot of attention is now focused on mobile payment apps, such as Apple Pay, Google Pay, PayPal, Venmo or WeChat Pay.
Why should companies care more about cybersecurity?
Consumers may not yet appreciate the level of risk that the FinTech sector poses toward cybersecurity. Despite the use of multiple FinTech applications, only half of consumers surveyed had security software installed on all their devices, leaving the other half open to cyberattacks on their finances. In addition, consumers continue to engage in risky behavior, such as carrying out financial transactions while connected to public Wi-Fi hotspots.
Nor are businesses taking the appropriate measures, as almost a third (28%) are not actively investing in new technologies to help secure finances. However, the vast majority (81%) of businesses agree that the Covid-19 pandemic has increased the need for improved security of finances.
“Over half of businesses are already using online payment processors and online accounting to manage their finances. A third are considering using regulatory technology (RegTech), branchless banks, and insurance technology (InsurTech).”
What cyberthreats can be expected?
The FinTech sector is particularly attractive to attackers because of the vast trove of sensitive information it collects from customers. In the event of a data breach, the stolen data can easily lead to reputational and monetary damages, both to the company that was breached and to affected customers.
According to ESET Security Writer Amer Owaida, organizations can expect that cybercriminals will employ credential-stuffing attacks, social engineering attacks, fraud, DDoS attacks, and malware.
Due to the skyrocketing interest in day trading, for example, there are rising concerns about keeping the systems of major stock exchanges and brokerages up and running. In case of a hypothetical massive DDoS scenario, bad actors could attempt to overload the infrastructure of brokerages and stock exchanges by sending massive amounts of data. Would they be resilient enough to repel these attacks and keep operating normally? If trading should come to a standstill, these attacks would undoubtedly put users’ finances and personal data at risk.