At any given point it is likely that nearly 99% of the money in a credit union is stored digitally. Not only is more money going digital, the movement of digital money is becoming faster. What used to take days soon will take minutes, making it easier for cyber criminals to digitally steal billions of dollars.
Pragmatism dictates that it is easier to stop something from happening in the first place than to repair the damage after it has happened. This is true as long as we care about prevention. Easily clonable passwords and biometrics as a proxy for passwords are the predominant methods of digitally authenticating users. With more than a billion passwords cloned, the question is, do you care?
Even the largest bank, JPMorgan Chase, spent $250 million on cybersecurity and still got hacked – therefore we cannot spend our way out of it. This challenge will be exponentially worsened since digital account takeovers are going to become a serious challenge in the near future because of the massive loss of personally identifiable information from Equifax.
So, what should credit unions do? Before we decide what to do, we need to understand why what we are doing is not working.
When it comes to digital identity verification and authentication, only 4% of budgets are being spent on prevention and the rest, 96%, is cure-focused. This is making the entire digital marketplace terribly unhealthy, which ultimately benefits the criminals. Ideally, we should balance prevention and cure for a viable digital marketplace for banking. While it's a logical area to invest in, why are we so reliant on the cure? Perhaps because you and I as consumers think if our passwords are cloned it is someone else's problem to cure it. We only care about convenience, and we cannot be bothered with preventing the loss of identity. Why are we outraged when a burglar walks in our homes but not when digital burglars get into the mobile phone or computer you may be reading this on? Perhaps we cannot see that our computers and mobile phones are unhealthy.
Have we given up and decided that this cannot be solved? I contend that it can be solved, but it is going to require change in how we operate and create policies. Just like everything else, prevention is better than cure. But, curing a problem after the fact through analytics in hacking, just like in health care, makes much more money for the industry because it does not stop the root cause of the problem. So why would the industry focus on prevention when the cure is more lucrative?
According to re:ID magazine, approximately $3 billion was spent on the prevention of identity loss and $73 billion was spent curing identity loss after it occurred. That is why cybercrime is expected to grow from a $3 trillion industry in 2015 to a $6 trillion industry by 2021. It is not only bigger than the GDP of most countries – it is growing faster than any economy. Unless we focus more on prevention, we are going to reach an inflection point when this apathy will result in irreversible harm and unmanageable regulations. Clearly at this type of scale, we cannot spend our way out of it!We need to work smarter and prevent loss before it happens. This is already starting to happen in some areas of our lives. It is very likely that the credit card or debit card in your wallet has a chip in it. These chip cards cannot be cloned and therefore effectively prevent remote compromises that otherwise create havoc. Unlike clonable identities like magstripes and passwords, chip card technology prevents loss as opposed to trying to cure the loss after the cloning occurs.
While these chip cards are preventing fraud in the physical world, fraud is now rapidly migrating to the digital realm. Enabling chip cards to protect identities and crypto keys both in the physical world and the digital world is the next frontier. Once we have this omnichannel protection enabled by unclonable chip card technology and the cure enabled through analytics and machine learning, it will form the basis for a healthy and viable digital marketplace for banking.
|Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.