The most important topic for the 20,000 new fintechs opening this year is not market data, investors, or product development; it is cybersecurity. Nothing can sink a fintech faster than branding as an irresponsible digital citizen. Cybersecurity issues have sidelined fintech powerhouses, and some never fully recover or even disappear.
Past Fintech Cybersecurity Breaches
Consider the cases of Checkfree Corp, Fiserv, and JPMorgan Chase.
Checkfree Corp – The Little Guy
Checkfree Corp was an electronic bill payment systems provider. In 2008, cybercriminals hijacked their website, redirecting users to a scam site that stole their credentials, compromising up to 42 million customers.
While this wasn’t the first fintech breach, it made a significant impact on the industry. At the time, the US was in a recession due to irresponsible bank speculation. With trust in traditional banks low, fintechs seemed the apparent future. However, the Checkfree Corp incident changed this. Checkfree Corp never fully recovered, and in 2011 they were acquired by Fiserv.
Fiserv – The Middle Man
Fiserv, a Fortune 500 company, reports almost $6 billion in assets. As an essential global provider and partner for nearly 13,000 banks and credit unions worldwide, Fiserv provides core platforms that connect millions of customers to their banks.
In 2019, researcher Brian Krebs revealed that Fiserv’s platform had a significant security flaw exposing customers’ online accounts with the account number and last four digits of the social security number. Fiserv didn’t enforce rate limiting, so a bad actor could make multiple automated guesses at the social security number without getting locked out of the account. With an account number, from the front of a check, for example, any account was hackable. Their program was designed this way. Fiserv’s stock price lost an estimated value of $46 million when this became public.
JPMorgan Chase – The Big Fish
In 2014, the US’ biggest bank was breached, impacting an estimated 83 million households and small businesses. This breach is so historical; it has its own Wikipedia page. For over a month, cybercriminals infiltrated JPMorgan’s systems exposing and removing sensitive customer information. According to the company, all financial data was safe. However, names, email, and physical addresses, and phone numbers were stolen. Access to this personal information, coupled with bank name and banking products used, represents a robust opportunity for phishing attacks.
While JPMorgan had security measures in place, their network complexity and scale made them vulnerable. Losses were estimated to be quantifiable up to $12 billion, loss of reputation, customers, and credibility could not be measured.
FinTech Cybersecurity: A Top Priority
A cybersecurity breach has a significant impact on a fintech, regardless of size. According to the 2020 Verizon Breach Report, human error causes 90% of data loss. People have long been recognized as the single most critical point of network failure. As people engage with the enterprise on more devices, fintechs must find ways to offer corporate data access while preserving network and system security.
A Secure Solution for Fintechs
Hypori Virtual Mobility delivers an ultra-secure, centrally managed, cost-effective solution for fintechs regardless of size. Because Hypori is virtual, enterprise networks maintain 100% separation of personal and corporate data. No data resides on the mobile device safeguarding individuals regarding privacy concerns, and fintechs against potential leaks, human error, malicious app downloads, and other threats. When you implement Hypori, your fintech gains a military-grade security solution that protects against cyberthreats, allows for enterprise-wide BYOD, increased employee productivity, and decreased administrative costs. Hypori helps fintechs address their most critical vulnerabilities and embrace mobile technology to grow into the future.