Cyber-crime is now one of the most serious threats to businesses and national economies. It is rare that a week goes by without a story breaking about a business that has suff ered a cyber-attack. Already this summer in the US, Jeep Cherokee told customers to update their cars after hackers crashed a vehicle, having accessed on board software. While here in the UK, Carphone Warehouse announced that personal details of more than two million customers had been exposed.
According to PwC, the professional services fi rm, cyber-security incidents reported in 2014 by large businesses increased globally by 48 per cent to 42.8million. Notably, out of almost 10,000 organisations polled by PwC worldwide, nearly one in ten reported breaches costing their business a total of more than $10million annually.
The real figure could also be much higher, with the London Metropolitan Police recently estimating that large firms hide up to 88 per cent of fraud, for fear of worrying shareholders or losing competitive advantage.
For financial services and the payments industry, the good news is that payments have never been safer, with global fraud levels around only six cents in every $100. Nevertheless, the biggest bank raid in history – uncovered earlier this year – was not staged by balaclava-clad crooks wielding sawn-off shotguns.
It was a group of hackers that managed to steal £650million from more than 100 fi nancial institutions around the world with the click of a mouse.
Resultant attacks not only carry a fi nancial cost but a reputational one too, as stories are amplifi ed in an unyielding 24/7 news cycle – made all the more damaging when trust in the banking sector has fallen in recent years.
In addition, the growth in electronic payments, coupled with the digital explosion of the internet of things (IoT), turning phones and watches into payment tools that change how and where we can pay, has created a fertile ground for criminals. Research indicates that the use of mobile wallets will increase exponentially in the coming years, and the widespread use of mobile banking apps will mean mobile devices will be increasingly targeted by skilled attackers.
The technologies to counter these threats do exist, but businesses need to act quickly to adopt them, and they need to understand that an attack could happen to them too. This is the changing face of crime: targets who were previously not on the radars of criminals now are because of the geographical ease with which crimes can be committed against your business. Yes, payments have never been safer, but criminals have never been smarter, and the noise around security never louder.
“There is no silver bullet to fi ghting fraud. Businesses require a multi-layered approach to safety and security in order to eff ectively manage the rapid change in consumer behaviour brought about by rapidly advancing technology,” says Ajay Bhalla (right), president of enterprise security solutions at MasterCard. “Such an approach allows for agility in order to detect and prevent potential attacks quickly.”
At MasterCard we are taking the lead in building the next generation of tools and services capable of handling the evolution in cyber-threats. With our Safety Net tool we protect against the impact of cyber-hacking of banks and processors, using our global network to identify potential attacks before they start, or in some cases before the bank or processor is even aware. Safety Net identifies fraud in real time and can decline transactions before harmful exposure takes place. We are also working to transform complex fraud solutions into simple products for banks and retailers.
We are working on new ways to authenticate transactions, shifting towards new forms of biometric identification such as fingerprint, facial and retina recognition. This month we launched a consumer experience in the Netherlands, enabling online shoppers to complete payments using face and fingerprint biometrics for the first time.
Businesses also need to collaborate more with each other and law enforcement agencies to tackle the cyber-crime threat. In this new world, every business has a role to play in sharing its insights and learning in an appropriate way, in order to win the fi ght against cyber-criminals.
In addition, large businesses cannot neglect the value of encouraging collaboration internally in order to drive awareness on the importance of security among employees. As the number of devices used for business across multiple locations increase, businesses need to constantly ensure they are raising awareness of the threat of cyber-crime, and treat education of the issue as an iterative rather than a one-off process.
The payments industry as a whole, through the implementation of global standards, also has a responsibility to enhance the overall payment experience without making compromises on safety. That is why safety and security has always been MasterCard’s number one priority as we work to ensure everyone is protected everywhere and every time they pay.
Digital advancement has created both seismic opportunity and complexity in equal measure. To capitalise on the opportunity that the internet of things will bring, businesses need to adopt a mind-set that sees security innovations as vital rather than optional. To really stay one step ahead, we need to work in partnership and help stimulate this change in mindset.
There will be more change in the payment landscape in the next fi ve years than there has been in the past 50 and innovations in security must continue to evolve quicker than the ingenuity of criminals. For the sake of their bottom line, businesses cannot aff ord to let their guard down, today or tomorrow.
020 7557 5000