SlideShare a Scribd company logo

Cybersecurity for Banking & Payments Systems

T
Tony Chew

Cybersecurity for Banking & Payments Systems

Technology
1 of 22
Download to read offline
CYBERSECURITY FOR BANKING AND PAYMENT SYSTEMS Tony Chew Industry Consultant tonychew8@me.com
The cybersecurity threat landscape has become more menacing, malignant and malevolent. Security strategy: identify, protect, detect and respond. Cyber-crime is escalating and no industry, business or institution is immune 2
CYBER CRIME ESTIMATE (hype, sensationalism & bluster) 2009 $1 TRILLION 2015 $3 TRILLION 2021 $6 TRILLION Feb 2016 – June 2018 SWIFT Payment Systems 3
HACKING SWIFT PAYMENT SYSTEMS 4
Bangladesh, Canada, Chile, Ecuador, India, Malaysia, Mexico, Nepal, Russia, Taiwan, Ukraine, Vietnam C Y B E R S E C U R I T Y $81 million stolen from Central Bank of Bangladesh HACKING SWIFT PAYMENT SYSTEMS 5
Union Bank of India Swift Payment System was hacked in July 2016 $171 Million SWIFT SYSTEM VULNERABILITIES: DEFICIENT 2FA; DEFECTIVE PAYMENT ENVIRONMENTS Far Eastern International Bank Taiwan, October 2017 $81 million - February 2016 6
security 7
8
9
The chip cannot be cloned The magstripe is easily cloned 10
11
Smart token Hard token MOBILE & 12
13
Eye Deployment of Biometrics in Banking What is biometrics? 14
I D E N T I T Y V E R I F I C A T I O N PATTERN / VEIN / 15 15
https://www.anz.com.au/promo /personal/ways-bank/Voice-ID/ https://www.permata bank.com/ FACE AND VOICE BIOMETRICS IMPLEMENTED BY BANKS AROUND THE WORLD 16
V-KEY Mobile Device Security 17 Device Binding Jailbreak and Root Detection HSM Emulation Push Notification / Secure Messaging Geolocation Security Face Authentication Voice Authentication One-Time Password Transaction Signing Eye Authentication Fingerprint Authentication MOBILE BANKING & PAYMENTS 17
18 BANKING APP
19
within 1hour of incident discovery Notify MAS Submit Root Cause Analysis 14 Days from incident discovery Implementation of IT Controls Data Protection MAS Notice 644 (effective 1 July 2014) 20 Critical Systems High Availability Recovery Time Objective RTO 4 hours
Identify internal and external threats. Adopt protect-detect-respond security strategy. Establish strong access and identity management controls. Deploy business continuity and rapid recovery capabilities. Enforce data governance and customer data privacy policies. Fulfill all regulatory compliance and reporting requirements. CYBERSECURITY POLICY FRAMEWORK 21 Make the Chairman, CEO and EXCO jointly and severally responsible for cybersecurity and risk management 21
22 Any questions? Any Questions? A R T I F I C I A L I N T E L L I G E N C E & B I O M E T R I C S IS THE F U T U R E OF D I G I T A L B A N K I N G WWW.V-KEY.COM

Recommended

Biometrics & AI (Artificial Intelligence) is the future of Authentication
Biometrics & AI (Artificial Intelligence) is the future of AuthenticationBiometrics & AI (Artificial Intelligence) is the future of Authentication
Biometrics & AI (Artificial Intelligence) is the future of Authentication
Tony Chew
 
Biometrics - Future of Authentication
Biometrics - Future of AuthenticationBiometrics - Future of Authentication
Biometrics - Future of Authentication
Tony Chew
 
Biometrics Accuracy - Realities and Fallacies
Biometrics Accuracy - Realities and FallaciesBiometrics Accuracy - Realities and Fallacies
Biometrics Accuracy - Realities and Fallacies
Tony Chew
 
Biometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryBiometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking Industry
Tony Chew
 
Biometric Technology
Biometric TechnologyBiometric Technology
Biometric Technology
Tony Chew
 
Bitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityBitdefender Android/Mobile Security
Bitdefender Android/Mobile Security
Kazi Sarwar Hossain
 
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
TransUnion
 
Creating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online FraudCreating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online Fraud
TransUnion
 

Recommended

Biometrics & AI (Artificial Intelligence) is the future of Authentication
Biometrics & AI (Artificial Intelligence) is the future of AuthenticationBiometrics & AI (Artificial Intelligence) is the future of Authentication
Biometrics & AI (Artificial Intelligence) is the future of Authentication
Tony Chew
 
Biometrics - Future of Authentication
Biometrics - Future of AuthenticationBiometrics - Future of Authentication
Biometrics - Future of Authentication
Tony Chew
 
Biometrics Accuracy - Realities and Fallacies
Biometrics Accuracy - Realities and FallaciesBiometrics Accuracy - Realities and Fallacies
Biometrics Accuracy - Realities and Fallacies
Tony Chew
 
Biometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking IndustryBiometrics - The Future of Authentication in the Banking Industry
Biometrics - The Future of Authentication in the Banking Industry
Tony Chew
 
Biometric Technology
Biometric TechnologyBiometric Technology
Biometric Technology
Tony Chew
 
Bitdefender Android/Mobile Security
Bitdefender Android/Mobile SecurityBitdefender Android/Mobile Security
Bitdefender Android/Mobile Security
Kazi Sarwar Hossain
 
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
The Mobile Device: The New Center of the Fraud Prevention Universe with Aite ...
TransUnion
 
Creating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online FraudCreating a Winning Experience While Battling Online Fraud
Creating a Winning Experience While Battling Online Fraud
TransUnion
 
Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android Devices
Quick Heal Technologies Ltd.
 
Building Cloud Applications Based On Zero Trust
Building Cloud Applications Based On Zero TrustBuilding Cloud Applications Based On Zero Trust
Building Cloud Applications Based On Zero Trust
Mahesh Patil
 
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy EnhancementsAndroid Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
NowSecure
 
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
NowSecure
 
Auth on the web: better authentication
Auth on the web: better authenticationAuth on the web: better authentication
Auth on the web: better authentication
Kelley Robinson
 
2FA in 2020 and Beyond
2FA in 2020 and Beyond2FA in 2020 and Beyond
2FA in 2020 and Beyond
Kelley Robinson
 
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
ID-Based Security イニシアティブ
 
Hacking Android - How a BYOD device can take down your entire network
Hacking Android - How a BYOD device can take down your entire networkHacking Android - How a BYOD device can take down your entire network
Hacking Android - How a BYOD device can take down your entire network
Matt Boddy
 
2020 i gaming report webinar
2020 i gaming report webinar 2020 i gaming report webinar
2020 i gaming report webinar
TransUnion
 
WebAuthn
WebAuthnWebAuthn
WebAuthn
Kelley Robinson
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
Tajwar khan
 
Diverseccon keynote: My 2 Paisa's on Infosec World
Diverseccon keynote: My 2 Paisa's on Infosec WorldDiverseccon keynote: My 2 Paisa's on Infosec World
Diverseccon keynote: My 2 Paisa's on Infosec World
Anant Shrivastava
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019
NowSecure
 
You can wear it!
You can wear it!You can wear it!
You can wear it!
Proofpoint
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScan
MicroWorld Software Services Pvt Ltd
 
Your Pathway to Cybersecurity Careers
Your Pathway to Cybersecurity CareersYour Pathway to Cybersecurity Careers
Your Pathway to Cybersecurity Careers
Heba Hamdy Farahat
 
Black Friday Kicks Off Holiday Cyber-Crime Season
Black Friday Kicks Off Holiday Cyber-Crime SeasonBlack Friday Kicks Off Holiday Cyber-Crime Season
Black Friday Kicks Off Holiday Cyber-Crime Season
Tenable Network Security
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Vikalp Sharma
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Knowledge Group
 
Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)
Rhys A. Mossom
 
Cyber-Defenders-2020
Cyber-Defenders-2020Cyber-Defenders-2020
Cyber-Defenders-2020
Takayuki Yamazaki
 
Nxtd
NxtdNxtd
Nxtd
RedChip Companies, Inc.
 

More Related Content

What's hot

Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019
NowSecure
 

What's hot (16)

Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android Devices
 
Building Cloud Applications Based On Zero Trust
Building Cloud Applications Based On Zero TrustBuilding Cloud Applications Based On Zero Trust
Building Cloud Applications Based On Zero Trust
 
Android Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy EnhancementsAndroid Q & iOS 13 Privacy Enhancements
Android Q & iOS 13 Privacy Enhancements
 
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDATop OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
Top OSS for Mobile AppSec Testing: The Latest on R2 and FRIDA
 
Auth on the web: better authentication
Auth on the web: better authenticationAuth on the web: better authentication
Auth on the web: better authentication
 
2FA in 2020 and Beyond
2FA in 2020 and Beyond2FA in 2020 and Beyond
2FA in 2020 and Beyond
 
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
Intune/AADとLookout連携によるモバイル端末の管理と脅威対策
 
Hacking Android - How a BYOD device can take down your entire network
Hacking Android - How a BYOD device can take down your entire networkHacking Android - How a BYOD device can take down your entire network
Hacking Android - How a BYOD device can take down your entire network
 
2020 i gaming report webinar
2020 i gaming report webinar 2020 i gaming report webinar
2020 i gaming report webinar
 
WebAuthn
WebAuthnWebAuthn
WebAuthn
 
Mobile security by Tajwar khan
Mobile security by Tajwar khanMobile security by Tajwar khan
Mobile security by Tajwar khan
 
Diverseccon keynote: My 2 Paisa's on Infosec World
Diverseccon keynote: My 2 Paisa's on Infosec WorldDiverseccon keynote: My 2 Paisa's on Infosec World
Diverseccon keynote: My 2 Paisa's on Infosec World
 
Mobile App Security Predictions 2019
Mobile App Security Predictions 2019Mobile App Security Predictions 2019
Mobile App Security Predictions 2019
 
You can wear it!
You can wear it!You can wear it!
You can wear it!
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScan
 
Your Pathway to Cybersecurity Careers
Your Pathway to Cybersecurity CareersYour Pathway to Cybersecurity Careers
Your Pathway to Cybersecurity Careers
 

Similar to Cybersecurity for Banking & Payments Systems

Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)
Rhys A. Mossom
 

Similar to Cybersecurity for Banking & Payments Systems (20)

Black Friday Kicks Off Holiday Cyber-Crime Season
Black Friday Kicks Off Holiday Cyber-Crime SeasonBlack Friday Kicks Off Holiday Cyber-Crime Season
Black Friday Kicks Off Holiday Cyber-Crime Season
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
 
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
Joint Presentation - Part 1: The Future Evolution of E-Banking & Cyber Securi...
 
Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)Mobile Security BROCHURE (1)
Mobile Security BROCHURE (1)
 
Cyber-Defenders-2020
Cyber-Defenders-2020Cyber-Defenders-2020
Cyber-Defenders-2020
 
Nxtd
NxtdNxtd
Nxtd
 
Webcast - how can banks defend against fraud?
Webcast - how can banks defend against fraud?Webcast - how can banks defend against fraud?
Webcast - how can banks defend against fraud?
 
Check Point Infinity
Check Point Infinity Check Point Infinity
Check Point Infinity
 
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin SukardiAddressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
Addressing Cyber Threats in The Banking Sector - Lt Col (R) Sazali Bin Sukardi
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
 
10 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 201610 IT Security Trends to Watch for in 2016
10 IT Security Trends to Watch for in 2016
 
10 Things to Watch for in 2016
10 Things to Watch for in 201610 Things to Watch for in 2016
10 Things to Watch for in 2016
 
Adjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New NormalAdjusting Your Security Controls: It’s the New Normal
Adjusting Your Security Controls: It’s the New Normal
 
Cómo usar la tecnología para generar más Seguridad y desarrollo local
Cómo usar la tecnología para generar más Seguridad y desarrollo localCómo usar la tecnología para generar más Seguridad y desarrollo local
Cómo usar la tecnología para generar más Seguridad y desarrollo local
 
Informationsecurity
InformationsecurityInformationsecurity
Informationsecurity
 
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
Joint Presentation on The State of Cybersecurity ('15-'16) & Third Party Cyb...
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
Top 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in BankingTop 5 Cybersecurity Risks in Banking
Top 5 Cybersecurity Risks in Banking
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
Building Cyber Resilience
Building Cyber ResilienceBuilding Cyber Resilience
Building Cyber Resilience
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Cybersecurity for Banking & Payments Systems

  • 2. The cybersecurity threat landscape has become more menacing, malignant and malevolent. Security strategy: identify, protect, detect and respond. Cyber-crime is escalating and no industry, business or institution is immune 2
  • 3. CYBER CRIME ESTIMATE (hype, sensationalism & bluster) 2009 $1 TRILLION 2015 $3 TRILLION 2021 $6 TRILLION Feb 2016 – June 2018 SWIFT Payment Systems 3
  • 5. Bangladesh, Canada, Chile, Ecuador, India, Malaysia, Mexico, Nepal, Russia, Taiwan, Ukraine, Vietnam C Y B E R S E C U R I T Y $81 million stolen from Central Bank of Bangladesh HACKING SWIFT PAYMENT SYSTEMS 5
  • 6. Union Bank of India Swift Payment System was hacked in July 2016 $171 Million SWIFT SYSTEM VULNERABILITIES: DEFICIENT 2FA; DEFECTIVE PAYMENT ENVIRONMENTS Far Eastern International Bank Taiwan, October 2017 $81 million - February 2016 6
  • 8. 8
  • 9. 9
  • 10. The chip cannot be cloned The magstripe is easily cloned 10
  • 11. 11
  • 13. 13
  • 14. Eye Deployment of Biometrics in Banking What is biometrics? 14
  • 15. I D E N T I T Y V E R I F I C A T I O N PATTERN / VEIN / 15 15
  • 17. V-KEY Mobile Device Security 17 Device Binding Jailbreak and Root Detection HSM Emulation Push Notification / Secure Messaging Geolocation Security Face Authentication Voice Authentication One-Time Password Transaction Signing Eye Authentication Fingerprint Authentication MOBILE BANKING & PAYMENTS 17
  • 19. 19
  • 20. within 1hour of incident discovery Notify MAS Submit Root Cause Analysis 14 Days from incident discovery Implementation of IT Controls Data Protection MAS Notice 644 (effective 1 July 2014) 20 Critical Systems High Availability Recovery Time Objective RTO 4 hours
  • 21. Identify internal and external threats. Adopt protect-detect-respond security strategy. Establish strong access and identity management controls. Deploy business continuity and rapid recovery capabilities. Enforce data governance and customer data privacy policies. Fulfill all regulatory compliance and reporting requirements. CYBERSECURITY POLICY FRAMEWORK 21 Make the Chairman, CEO and EXCO jointly and severally responsible for cybersecurity and risk management 21
  • 22. 22 Any questions? Any Questions? A R T I F I C I A L I N T E L L I G E N C E & B I O M E T R I C S IS THE F U T U R E OF D I G I T A L B A N K I N G WWW.V-KEY.COM