“Petya” or “NotPetya” Ransomware Attacks Companies Across Globe
June 28, 2017Pakistani government websites hacked on 70th Independence Day
August 14, 2017When you think about the Fintech space, it’s usually young startup companies trying to disrupt some specific financial service problem. Now if you have experience with the startup nature, you know that the way it works for the first 2–4 years is that you have limited amount of money and therefore limited developers “power”.
That makes the code not as secure as wanted. The board of directors and the investors are mainly concerned about increasing sales and traffic, and they have this naive notion that you hire good developers and immediately get secure code! Obviously, that’s not the way it works. Developers need to spend significant time on creating unit testing and dedicate QA people to create less breakable and secure code. As a result we get from an end-user perspective non-100%-secure software which your money is in it and it can be hacked any minute.
When it comes to cyber security, we might feel that this new finance evolution could jeopardize our money. But the truth is that your money is not safe in the bank either. Bank systems are so old that it’s like a child game for attackers.
Fintech is a great ecosystem. It has managed to disrupt the old-fashioned finance bubble while also making people realize that money exchange, investments, insurance, and other financial services are going to be totally different in the next 5–10 years.
The old companies are terrified. They are doing everything they can to slow down this disruption and maybe even take part in it. But to me it seems that they don’t really understand this new game. It’s not about creating a mobile app for remote bank access — this disruption is about doing things differently from scratch. It’s about peer-to-peer payment and landing with no middleman. It’s about purchasing insurance in 3 minutes using chatbots with full transparency. It’s about replacing physical money with virtual digital coins.
Blockchain, Bitcoin and Ethereum
One of the most exciting thing in Fintech right now is blockchain. We finally have the potential to get rid of banks and other middlemen using this amazing distributed model.
Finance is all about trust. If we think about the current model, we have physical money to buy stuff. The trust comes into action where the other person knows that with the same paid money he can buy food for his family. So using the same logic, if the public would have the same trust in digital coins, we can implement the same barter.
When it comes to cyber security, no software or system is bulletproof. Attackers have already started hacking bitcoin end-users and bitcoin exchanges. Right now, we have a few possible common attack vectors:
- Stealing end-users wallet’s private key.
- Stealing bitcoin exchange’s private keys.
- DDOS bitcoin miners and ISPs.
- Mathematics design issues and code flows.
Another bad impact from bitcoin is the ability to ransom users and companies (i.e. computer is encrypted and a ransom is demanded in bitcoin). This attack has proliferated because it’s very hard to trace back the bitcoin wallet source.
We are living in a time where we see so many technological revolutions around us that make our lives better. Fintech is definitely one of them. But we can’t forget that cyber threats will continue to evolve to this new world as well. So we must minimize the impact and think constantly about progress.
Pakistan, 6th largest population in the world, provides an excellent opportunity for FinTechs to grow and operate and contribute to the country’s economic and GDP growth. It is the need of the hour to not only invest and support the local upcoming FinTechs in the country but to create an environment conducive to the growth of FinTechs in Pakistan.
Pakistan is mainly a cash-based economy. There is a lack of awareness about the importance of FinTech in Pakistan. 72% of the organizations do not know which FinTech are out there and looking to collaborate. For economies to transition to a cashless society and increase financial inclusion, new technologies, government programs and customer preferences are primary factors that facilitate this shift.
Digital POS (Point of Sales) systems
Digital POS is a next generation POS device, which combines the speed of a GPRS POS terminal and convenience of mobile POS by offering digital receipt & signature capture. These Digital POS are a standalone device which works through GPRS / Internet network to accept credit/debit card payments anywhere, anytime. POS security, or point-of-sale security, is the prevention of unauthorized access to electronic payment systems by individuals who are typically looking to steal customers’ personal details such as credit card information. POS security aims to create a safe environment for customers to complete their purchases and transactions, and it’s a must-have measure for fostering trust with today’s consumers.
Target – The retail giant fell victim to one of the largest and most publicized data breaches of all time in late 2013 after attackers infected its POS systems with the Trojan.POSRAM malware and stole PII and payment card information on as many as 70 million target customers. Target ended up settling a class action suit from the breach for $39 million and incurring another $19.9 million in associated legal costs. POS security is challenging because of the sheer volume of both known and unknown threats that exist, coupled with the value that POS system data holds for cybercriminals.
Keeping in view of these emerging threats Tier3 has developed FBR POS specifically for Tier-1 retailers in Pakistan to help them carry out their day to day business with ease and security.
Bottom line, though, there’s little substitute for user awareness and caution. Whether in the fintech companies themselves or among the user-communities, espousing rigorous protective behaviors and making the people who might act as accidental entry-points for a cyber-attack aware of the dangers and the mitigating approaches is crucial alongside any technological approaches to the battle.
1 Comment
[…] link. By leveraging a distributed ledger and taking away the risk of a single point of failure, blockchain technology provides end-to-end privacy and encryption while still ensuring convenience for […]