Cybersecurity: The Hidden Risks of Fintech Services

The following is a guest post written by Apoorv Gehlot, founder of Matellio LLC, a software engineering studio based in California.

Fintech has drastically improved the products and the services of the traditional financial services in the past few years. However, even after many financial institutions have readily adopted fintech services, there are still some hidden risks in the aforementioned industry. For instance, the integration of the fintech services in the existing banking solutions raised a severe concern for data security. Also, the rapid growth of digital platforms made the fintech industry and its customers uniquely vulnerable to various breaches in IT security networks.

Hence, it is vital to know about various hidden risks involved in the fintech services. Let’s discuss some of them here.

Trending challenges in fintech

Third-party security risks

Internal security is not always enough, especially when it comes to banks. Hence, much of the time, when banks or other financial institutions leverage a fintech service from a not-so-trusted service provider, they end up losing their data, experiencing service failures, and may even suffer a loss of reputation because of inefficient data. These types of damages occur due to third-party security risks. To eliminate third-party risks involved with fintech services, banks and financial institutions should consider the fintech relationship-related risks in their risk management assessment.

Malware Attacks

Malware attacks and hacking are the most prominent types of security issues that are prevalent in the global market. The hackers are now targeting the Society for Worldwide Interbank Financial Telecommunication (SWIFT) more easily. SWIFT systems are used by almost all the banks and top financial institutions to exchange vital financial information.

However, the recent cyberattack on the SWIFT infrastructure indicated the level sophistication of the hackers and malware attackers. The banks and financial institutions have vulnerabilities in their processes, and the hackers take advantage of these vulnerabilities to launch malware attacks.

Data Breaches

We all know that data plays a crucial role in every industry irrespective of their domain. And when it comes to banks and other financial institutions, data automatically becomes a matter of utmost importance. However, with the introduction of inefficient fintech systems in the finance industry, the problems of data breaches rose to a great extent.

Payment card details and user information are readily available to hackers making online transactions prone to cyber thefts. The financial institution partners with third parties, and then data losses may occur due to their inefficient fintech services.

Application Security Risk

Fintech applications are used by many banks to access the real-time financial information of their customers. They leverage this real-time information to carry out transactions and for performing other banking operations.

However, if a software application does not have foolproof security modules and efficient codes, then it automatically becomes more prone to cyber thefts. The attackers leverage the weak security of the applications to steal the customer data and other vital information. So if a person is planning to develop a fintech software solution they need to be very sure that the application has all the vital security features included in it.

Money Laundering Risk

Fintech-driven banks often use cryptocurrency for carrying out financial transactions. These cryptocurrencies are an integral part of the fintech ecosystem, and they are not formally regulated by any set of standards and global regulations.

Hence, the frequent use of non-regulated currencies results in illegal money laundering and even in terrorist funding. Since identifying the beneficiary in any fintech-enabled transactions is not possible due to fintech’s pseudonymous nature, the money laundering operations get enough support from the fintech services.

Digital Identity Risks

With the introduction of digital tools in the banking and finance industry, the use of mobile-based services that used one-time passwords and security codes increased drastically. These security codes and passwords are not as safe and can be easily accessed by a hacker.

The vital data of the banking customers could be easily accessed due to the faulty fintech system provided by some of the fintech service providers. Hence, financial institutions need to revisit their online security architecture to address these risk factors before planning for fintech implementation.

Legacy Banking Systems

Banks are struggling hard to develop and introduce advanced fintech services in their non-patched core banking systems. These traditional banking systems are very much vulnerable to all sorts of cyber thefts. And the main concern is way more than that.

When the tech-friendly fintech services integrate with the existing non-secured banking systems, there are chances that they will be at the target of attackers too. So, the first duty for any financial institution before implementing fintech in their organization is to refresh their core banking systems. That will help the company eliminate losses due to cyber thefts.

Cloud-based Security Risks

Cloud-based solutions are one of the significant aspects of the fintech industry. From payment gateways and digital wallets to secure online payments, cloud computing services offer everything in the fintech ecosystem. Maintaining the confidentiality and security of financial data is critical to banks and financial institutions.

Even though the cloud-based services are considered a secure means of storing the data, lack of adequate security measures can result in the corruption of your sensitive financial information. There are instances when the company partners with an inefficient, cloud-based solution provider and then deals with significant data losses. Therefore, stay updated and be wise while selecting your cloud-based service partner.

To conclude, we can say that, if hackers are unbeaten in their efforts to access the fintech platform with ease and efficiency, the faith of banking customers in the technology-driven fintech platform will be significantly reduced. All this will result in the slow growth of the fintech industry. Hence, balanced innovation is needed to promote the growth of the fintech industry and mitigate the hidden risks of fintech services.

Apoorv Gehlot takes a keen interest in exploring various aspects of the digital realm, and ideate solutions with his team of innovators. He believes in sharing his experience and knowledge with readers across the world to enlighten the audience through concise and meaningful write-ups.

Data Privacy in the U.S.A. Have We Hit a Stalemate?

This is a guest blog post by Steve Boms, President of Allon Advocacy. Boms, a featured speaker and panelist at FinovateFall 2019 last month, takes a look at the current regulatory landscape in the United States when it comes to data privacy, and why he thinks we’re a long way off from having a one-size-fits-all approach.

Steve Boms, President, Allon Advocacy sits down with David Penn, Research Analyst at Finovate to talk regtech, open banking and the intersection of two within fintech & politics.

Data breaches have dominated the headlines recently, but a federal standard is still a pipe dream in the current political environment.

Why? The answer is as old as the country itself: the tension between state and federal power.

In the current context, it is Republicans, typically strident defenders of states’ rights, who want a national system. House Energy and Commerce Committee Ranking Member Greg Walden (R-Ore.) has said, “Your privacy and security should not change depending on where you live in the United States.” Industry advocates agree with the GOP, arguing for a national standard because they worry compliance across 50 different state frameworks would be impossible.

Though several bills outlining national standards have been introduced in Congress, including some with Democratic support, the two parties still cannot agree. That’s because Democrats, along with consumer groups and privacy advocates, repeatedly have said they will not support federal legislation that supplants current and future state laws that may be stronger than a federal privacy regime.  

Given this ideological argument, federal action could still be years away.

If you want progress fast, better to look to the states.

Data privacy legislation has been introduced or filed in at least 25 states. Maine and Nevada enacted significant legislation this year. Colorado and Massachusetts also did, and proponents of data privacy legislation are active in New York. Connecticut lawmakers failed to consider several data privacy bills, but did pass legislation to establish a task force to examine what businesses operating in the state should have to tell consumers about the data they collect.

This trend – studying the issue – is evident in several states, and while such “study bills” are sometimes viewed as bureaucratic inertia against more powerful legislation, these mandates are quite often precursors to more meaningful statutory changes. That certainly could be the case over the next year.

The gold standard for state legislation is, of course, the California Consumer Privacy Act (CCPA) that is set to go into effect on January 1, 2020. In arguing against a uniform federal standard, it is the CCPA that Democrats are hoping to preserve.

Even though it will take several months, even years, to reach consensus, it is difficult to envision an eventual federal mandate that doesn’t look a lot like the CCPA. The CCPA addresses numerous measures that empower consumers to protect their data privacy, a common theme lawmakers, industry, and consumer advocates all embrace.

Specifically, the CCPA allows consumers to opt out of the sale of their information while embracing their right to know, access, and delete what companies know about them. The law also includes a 45-day grace period for businesses to comply with consumers’ requests and imposes penalties on companies for privacy violations, including the ability for consumers to exercise private rights of action for a security breach.

California lawmakers have introduced numerous bills since CCPA passage to clarify the law’s prior to implementation. Amendments include the removal of certain categories of data – namely employee and contractor information –and the need to protect businesses’ preferred treatment of consumers who are part of loyalty programs.

These changes might not be enacted, but they present debates federal lawmakers should watch.

Even with the CCPA as a guide, federal legislation must strike an appropriate balance between supporting consumer empowerment and supporting strong protection standards for consumers and businesses alike. Additionally, a major question still lingers in Washington over who should have authority over data privacy issues, and whether they should have the authority to establish rules or enforce current practices. A Government Accountability Office (GAO) report points to the Federal Trade Commission (FTC) as the most reasonable choice. Many in the industry agree, citing the agency’s authority to weed out “unfair or deceptive” consumer practices and the FTC’s existing authority to issue and enforce regulations on the collection of data on children under 13 years old.

In its report, however, the GAO does question whether the FTC has the bandwidth to oversee such an enormous issue, or if a new governing arm, similar to the European Union’s European Data Protection Supervisor, should be established.

The most important issue facing federal lawmakers, though, is the need to protect innovation. The GAO urges Congress to consider how to “balance consumers’ need for internet privacy with the industry’s ability to provide services and innovate.” Strict privacy regulations may result in compliance costs that are too cumbersome for businesses, and consumer skepticism increases when privacy protections are too lax. Europe is starting to feel the effects of the General Data Privacy Regulation’s (GDPR) inability to balance the two (many U.S. businesses are not able to comply with the regulation’s excessively high bar or cannot pay the large fees and thus cannot offer their services).

Data privacy is front and center on the global stage. The United States will fall farther behind unless lawmakers focus on the common tenets of data privacy – supporting consumer control, ensuring proper regulatory authority, and embracing innovation – and pass a bipartisan bill.

Embracing Wealthtech Innovation and Avoiding Dreaded Return on Inertia

The following is a guest post by April Rudin, founder and president of The Rudin Group, a firm that designs marketing campaigns for financial services companies.

Rudin will host the Wealthtech and Investech stream at the Summit, which takes place right after FinovateFall on September 26. The event also features an AI stream, which will be hosted by Lindsay Davis of CB Insights. Tickets are available as an add-on to FinovateFall or as a separate event.

Wealth management has entered the digital age. While it might not be readily apparent given the breathless coverage of whether and when the industry will cross the threshold, rest assured, the moment is here. The question is: Are all firms ready to seize the moment?

The financial services industry has been historically reticent to adopt new technology. And for good reason — finance, and wealth management especially — is a client-driven business where discretion is valued as much as — if not more than — financial acumen. In the early days of fintech, financial firms could rest knowing that they were keeping their client’s data and dollars safe rather than chasing the new, shiny tech toy on the block.

But now, financial service firms cannot afford to rest on their laurels and their patchwork of clunky, proprietary, tech solutions. Clients are used to being able to access the world at their fingertips and are no longer willing to let their financial data live elsewhere. And it’s not just Millennials and Generation Z demanding the convenience. Mobile Baby Boomers also want to be able to safely access their financial data with just a few clicks of a mouse whether they’re at home or traveling.

But despite the demand, companies still delay implementing new tech solutions, citing both perceived costs and compliance risks. While these factors shouldn’t be brushed aside, wealth management firms must find intelligent ways to power through.

Whereas firms once had the luxury of relying on the anticipated return on investment when deciding to embark on new technology products, a new ROI has entered the block: return on inertia. Put another way, what is the cost of doing nothing while rival upstarts and incumbents alike find ways to intelligently integrate technology into their firms?

It used to be that technology was housed only in the IT department of financial services firms. These were specialists who mostly loaded computers with new programs and knew how to troubleshoot when things went awry. But in today’s world, IT can no longer be thought of as an ancillary part of the business. Everything from onboarding, performance tracking, to investment recommendations has the ability to be touched by technology — freeing up time advisors can spend doing direct client work. The whole wealth management supply chain is being automated and firms must have tech specialists at all levels.

Does this mean that firms have to jump into tech willy nilly? Not necessarily, but the time of taking a wait and see approach for technology has also passed. The technology is here and clients demand it.

Waiting to implement technological solutions will only lead to otherwise avoidable costs and heightened risk exposure, Ernst & Young noted in a recent report.

Client onboarding is one area where tech is sorely needed. While some clients may appreciate the personal touch of in-office meetings to handle paperwork and account transfers, others may see the analog approach as a red flag. How does a paper-based business ensure the safety of client records, they may wonder. Video conferencing, online ID verification, and e-signatures are just a few of the ways the onboarding process can be made less cumbersome and client friendly while still falling inline with compliance.

From there, wealth management firms can consider implementing robo-advisor-like technology into their practice to facilitate decision making. The human touch will always be important for wealth management but tech-aided portfolio construction and reporting will allow advisors to have more meaningful discussions with clients, freeing up time for more customized solutions.

The ease of making and monitoring recommendations becomes especially important as high net worth families often have their assets spread across multiple investment types and financial institutions. While 10 years ago having a dashboard that can provide real-time data of those assets was once considered a novelty, clients now demand that rapid transparency.

Firms can no longer get away with listing the reasons not to embrace technology. And while risks to data integrity and security should not be minimized, firms will have to think of ways to buttress their controls while also directing their firms into the new era.

The return on investment may at first appear uncertain, but the return on inertia is definite — and bleak.$File/ey-digital-disruption-in-wealth-management.pdf

Enabled by AI, Self-Service Is the Future of Banking

Guest post by Sudharshan Krishnan*, VP New Markets and Solutions, Personetics

Self-service banking is adapting to the digital age – though many customers believe that change isn’t coming fast enough. Here we look at the challenges banks face and how AI can be used to transform self-service banking.

Digital problem resolution is key to satisfaction and loyalty

A survey by Ath power consulting found that four in every five consumers prefer to conduct their banking via digital channels. Yet the firm also found that satisfaction with digital banking dropped significantly in the past year as customers began to expect more from their digital interactions. The latest J.D. Power report shows that unsuccessful problem resolution is highly correlated with this low level of satisfaction and high level of customer attrition. And while the branch has traditionally served as the go-to channel for handling problems, younger customers now prefer to resolve problems online or via social media.

Banks that take a more comprehensive digital approach are well positioned to increase satisfaction and fight off future customer attrition, but the payoff can be even more immediate in terms of reduced costs. According to Bain & Company, the top 25 US banks could save as much as $11.4 billion annually in aggregate by increasing digital interactions to the levels of some of their European counterparts.

Pillars of AI in Self-Service Banking: Conversational. Personal. Predictive.

By allowing customers to interact with the bank through natural language conversations, chatbots provide an intuitive channel for customer inquiries, facilitating user friendly interactions and delivering a better customer experience than the age-old FAQs and the dreaded IVR. While bank chatbots are still few and limited in functionality, over three quarters of all banks have active chatbot projects in place.

While the promise is great, a chatbot, just like a human banker, is only as good as the knowledge it possesses. To be helpful, a banking chatbot must understand the context of the bank’s services. Furthermore, it must understand the particular needs and situation of the customer, and incorporate this understanding into the conversation.

To truly delight customers, how about pre-empting them before a request is made? Better yet, how about alerting the customer in advance to avert potential problems altogether? A robust AI solution is predictive – monitoring a customer’s transactions and forecasting future cashflows to anticipate issues ahead of time – then prompting the customer with information, insight, and tips that can help eliminate fees and avert troublesome situations such as over drafting the account.

AI as an Augmentative Strategy

Implementations of AI-powered self-service at some of the world’s largest banks have shown that as many as 88% of incoming inquiries were resolved without requiring the help of a person.

However, as much as chatbots and AI can revolutionize self-service, they should not be viewed as a complete replacement for human bankers. A smart chatbot would know when the time is right to move the conversation to a human-led channel such as the call center or the branch.

There’s No Time to Waste

With practically every major bank getting ready to launch a chatbot solution, the bar for self-service banking is about to be raised once again. Financial institutions that fall behind in delivering new service capabilities will risk customer loyalty and face a cost disadvantage.

With that in mind, banks cannot afford to sit on the sideline or embark on multiyear transformative projects – the time to act is now.

*Sudharshan Krishnan is responsible for growing new markets and working with leading financial institutions to deliver Cognitive Financial Services Applications that are trusted by millions of customers – providing personalized guidance, conversational self-service, and automated money management programs.

Top Five Trends in Customer Engagement Technology

Guest post by Ian Dunbar, CEO of SuiteBox

Financial services businesses face many pressures – cost reduction, scalability, risk mitigation, compliance, and regulation. Technology is the solution, at least in part, to these pressures. However, technology adds to the friction or customer effort of engaging with the financial service. More effort = customer disengagement.

Cutting across fintech, there are rapid advances being made in technology that drives customer engagement. Here are some of the top themes in CETech – customer engagement technology – that are worth watching.

Social media delivering personalization (and profiling)

Social media, search history, and analytic tools leveraging our digital social footprint will become mainstream in building real time client profiles. This will enable financial services providers to engage with clients through highly-relevant personalized content and to leverage profiles to determine product suitability.

For example, being aware of changes in a client’s family situation (perhaps the death of a loved one or a divorce) may enable the proactive deployment of more effective financial strategies. Product designers can even leverage existing social media data to determine the risks associated with the delivery of a product or service. A life insurer can build an individual’s risk profile more accurately from social media data than from a questionnaire.

Artificial intelligence and cognitive learning

Conversational speech and facial expressions can be analyzed to determine customer emotions. Microsoft’s Emotion API, for example, can detect anger, contempt, disgust, fear, happiness, sadness, and surprise from a voice stream and images.

Financial service providers can use cognitive tools to deliver their products in a more engaging manner. Meeting with a client in person, via video or on the telephone, can be analyzed in real time. Risk assessment for miss-selling, real timing adapting of what and how a product is presented, or even determining if client is misrepresenting information will all be possible.

The power of video

Most surveys continue to tell us that customers prefer meeting personally with their financial providers. However this can be costly and inconvenient. Do you or your clients want to spend time in traffic, battling for a parking spot, and suffering the stress of congested roads, for a personal meeting?

Of course not. So we use the phone as our primary non-physical meeting tool. But the problem with the phone is it doesn’t employ the power of sight. Eye contact is fundamental to human communication. We can tell a lot from a person’s eyes, what mood they are in, and their level of comfort. Avoiding eye contact with strangers is a common strategy to remain private, especially in situations of close proximity. Yet this is what we do in important telephone calls with our clients.

Biometrics gather momentum

Usernames and passwords are an enormous source of consumer frustration and customer effort. Fingerprint recognition of smartphones has led consumers to treat biometrics as mainstream. This will rapidly expand as biometrics allow a convergence between previously incompatible goals of enhanced security without customer effort.

Smarter virtual assistants

Natural language voice recognition combined with smart virtual assistants mean we will increasingly talk to our financial services websites or apps, rather than our fingers doing the work. Love or hate Siri, voice commands will be increasingly accepted as the norm.

Get ready

Embed customer effort reducing measures and customer-centric design into your digital strategies. Embed the customer experience into user journeys using the latest engagement technologies. Create your own “Customer Experience Lab” to test the experience. There is no better time to put your customer back into the centre of your IT strategy.

Ian Dunbar is the CEO of SuiteBox. SuiteBox enables a permanently open digital workspace to be established between a host and participants of a meeting, allowing participants to meet via video or physically, share and collaborate on documents between the parties, digitally sign documents, establish evidence of identify & record the meeting for future reference. Headquartered in Auckland, New Zealand and founded in 2013, the company demonstrated its technology at FinovateEurope 2016.

Enhancing the Customer Experience in Financial Services

Guest post by Sean Daly, Director of Partnerships, SaleMove

Over the last decade, financial technology, or “fintech”, has completely changed the financial services industry. While fintech innovations provide companies with convenience and outreach potential from the perspective of the financial institution, they are only useful if the customer feels comfortable interfacing with its framework (i.e. customer experience). Fintech has felt the challenges of customer experience, and here we’ll quickly go through a couple of those challenges along with some ways you can solve them.

The Differentiation Challenge

In order to understand the differentiation challenge in financial services, let’s point to the auto industry as an example. In the early days of modern manufacturing, the focus was put on mass production. Over the years with more competition, the priority began to shift from mass production to mass customization.

A good example is the Ford Model T; More than 15 million of them were built from 1908-1927. Apart from a few design modifications, Ford produced the same exact car 15 million times. As more and more competitors entered the market, the car became commoditized, which made differentiation extremely difficult. In reaction, automakers began providing a more personalized and customized auto experience. Flash forward to today and think about how many customizations are available on any new automobile. You can even design your own car online and have it delivered to your door. The focus switched from mass production to mass customization and personalization.

With a physical product like a car, the buying experience ends when the physical product is in the customer’s hands and they drive it away. In financial services, where there is no physical product, the customer will reflect back on the buying itself as the product. In financial services, the experience is the product.

The Touchpoint Challenge

Customers place a particularly high priority on trust and convenience. According to a recent survey sponsored by Zendesk, 62% of customers buy more when they have a good buying experience, but even more (64%) stopped buying when they had a bad customer experience. This is even more so in financial services because they are handling your money!

Today’s customer has infinite touch points, and they react badly and quickly to poor experiences. With social media, people can share their negative thoughts about a bad interaction with their circles within minutes (remember the United Airlines incident?), and it’s no secret that customers are much more likely to share bad experiences than good ones.

Let’s look at some ways you can solve these customer experience challenges:

● Map the customer journey to provide a consistent and relevant experience. If you haven’t mapped the customer journey on your website yet, read this HBR article to get started.

● Build personalized online experiences around customer segments to improve relevance. For example, Caribou coffee does this by remembering the customer’s preferences and then displays targeted flavors and products according to past activity. Netflix also serves as a good example with their profile personalization, which allows different profiles to share the same account. Financial services companies can do the same by personalizing experiences with Guided Selling products like SmartAssistant.

● Connect online with offline to build a comprehensive view of your customer. There are two ways financial services businesses can do this, either by heavily tracking their customer through analytics software on and offline, or connecting the two seamlessly. With new technologies like chat, video chat, and CoBrowsing, online interactions can be made to feel personal and authentic, similar to face-to-face experiences. We call this “creating the in-person customer experience online.

If you’re interested in learning more about CoBrowsing or considering to purchase a technology solution like it, check out this article:

Questions to Ask When Choosing a CoBrowsing Solution

Sean Daly is Director of Partnerships at SaleMove. A four-time Finovate Best of Show winner, SaleMove was founded in 2012 and is headquartered in New York City. The company most recently demonstrated its Engagement Platform and OmniBrowse solution at FinovateSpring 2017. Dan Michaeli is CEO.

New Report from AARP Explores the Longevity Economy



Guest post by Theodora Lau*

By 2015, there were more than 1.6 billion people in the world who were part of the 50-plus cohort. By 2050, this number is projected to double to nearly 3.2 billion people. Throughout the world, the growth of this age group is having a transformative impact, economically and socially. The United States alone is home to 111 million in the 50-plus demographic, representatives of a powerful force driving economic growth and value. AARP has branded the group the Longevity Economy, because it represents the sum of all economic activity driven by the needs of Americans aged 50 and older, and includes both products and services they purchase directly and the further economic activity this spending generates.

The difference it makes is substantial. In the first Longevity Economy report released in 2013 by AARP and Oxford Economics, the Longevity Economy fostered $7.1 trillion in annual economic activity. This figure has now been revised to $7.6 trillion in the latest report. The out-sized contribution reflects the changing demographics, wealth, and spending patterns of the 50-plus population as the lifespan increases and the Longevity Economy becomes more pervasive and central to economic and social policies.

Key findings from this report include the following:

  • The 50-plus cohort represented approximately 35% of the U.S. population in 2015 and was responsible for over $7.6 trillion in annual economic activity—roughly 42% of total U.S. gross domestic product (GDP).
  • Direct spending on consumer goods and services, including health care, by those aged 50 and older, amounted to $5.6 trillion in 2015.
  • Approximately $1.8 trillion in federal, state and local taxes were attributable to the Longevity Economy in 2015—about 34% of federal tax revenue and 41% of state and local tax revenue collected in the U.S.

The economic contributions of the Longevity Economy are evident, and the beneficiaries are not limited to those over 50. In fact, the spending of the Longevity Economy supports more than 89.4 million jobs (61% of all U.S. jobs) and over $4.7 trillion in labor income.

As Jody Holtzman, senior vice president of market innovation at AARP, would often say:” Why would you leave money on the table by ignoring the only humongous growth-market that exists?!” So the question for entrepreneurs and VCs is simply this: What is your 50+ strategy?

The Longevity Economy Report is available for download at:

For more information about AARP’s technology innovation initiatives and how AARP sparks innovation in the marketplace for the benefit of people over 50, please visit:

*Theodora Lau is director of enterprise strategy and innovation at AARP. You may contact her for more information at