By: Neeraj Khandelwal
The swift and massive shock of the coronavirus pandemic will be etched in history as one of the worst-ever global crises. However with social distancing being the new norm and companies across the globe embracing the remote work culture, one of the key characteristic trends that surfaced during the pandemic was an exponential rise in the cyber frauds committed. A recent report on Fraud & Risk Management in Digital Payments by the Data Security Council of India (DSCI) and PayPal stated that there had been a rapid rise in cybercrimes such as web-skimming, malware campaigns, and phishing scams in the country.
The industry witnessed a steady increase in impersonation of fraudulent incidents whether online phishing via social media accounts or the conventional route of emails to obtain login and KYC credentials for executing transactions. Phishing attacks have also been on the rise, preying upon unsuspecting victims to extract sensitive personally identifiable information to compromise bank accounts or carry out card not present (CNP) frauds.
Fraudsters on the prowl have been increasingly looking to exploit the weakest links, underlying technologies or by using several ways to mimic human behaviour including social media access, filling out forms, or through emails and tricking consumers into frauds.
System hacks and technology zero-day attacks are also getting increasingly sophisticated. For example, a new malware – EventBot – is targeting over 200 financial apps on the Android OS, abusing its accessibility features to access data stored in the financial apps and intercept text messages that are used for two-factor authentication (2FA) to log into bank accounts.
Similarly, Cerberus – a new Android banking Trojan is doing the rounds, which compromises financial apps, collects information and harvests 2FA messages, and uses the pedometer function of a smartphone to avoid detection. It activates only when it counts specified steps of a person holding the smartphone to ensure it has infected a real user. At the same time, it remains invisible if it’s installed on sandboxes or test environments set up by malware analysts.
A PwC study last year revealed that about 62% of global CEOs worry cyber threats will affect their company’s growth prospects. While yet another study by Gartner reveals – as few as 30% of organizations take cross-organization steps to drive a business-led approach to digital risk. In the wake of the current industry crisis, cybersecurity has become a burgeoning issue across the globe. And it’s about time that we rethink cybersecurity as a strategic business priority and not just an IT decision.
In 2017, NASA released a report in which the organization pointed out that the current air traffic management systems are prone to a number of cyber-attacks and that blockchain can improve the security greatly. The report which came out of the NASA Ames ResearchCenter in California was authored primarily by the aero-computer engineer Ronald J. Reisman who has extensive experience in the aerospace industry and is highly skilled in software development.
Advanced use for blockchain technology is already becoming a part of other fields beyond Cryptocurrencies and is now being seriously considered across use-cases to boost cybersecurity. By implementing rigorous encryption and data distribution protocols on a network, any business can ensure that their information will remain safely intact and out of the reach of hackers. Clearly, blockchain is emerging as a very viable technology when it comes to protecting businesses and other entities from cyber-attacks.
However, technology like blockchain is combating fraudulent activity in financial transactions because of its decentralized nature. Data stored on blockchain cannot be edited or modified. Blockchains help create public sources of truth, which means they reflect the only set of global transactions that are mathematically verified and secured. To that end, it becomes harder to cheat the system at the level of the actual data.
Blockchain offers a very complex functionality where the digital records combine into blocks. All the blocks make a chain chronologically and cryptographically connecting the network that uses sophisticated mathematical algorithms. Each block maintains a unique set of records that are connected to the previous one, and the encryption technique is used for safety. The information that is saved on the block cannot be altered or modified without permission.
The technology can thus facilitate more secure transactional records to transfer almost any kind of asset, from cash and shares to property. With blockchain, a transaction can be tracked and approved by everyone who is a part of the transaction.
Identity theft can also be effectively addressed using blockchain-based digital identities. The cutting-edge privacy-preserving technologies such as zero-knowledge proofs serve as a single source of identity data and verification. It seamlessly on-boards new customers while meeting the regulatory requirements of data protection, which means financial service providers can do KYC more efficiently while unifying identity information across multiple services.
Additionally, Information flows between financial institutions and regulators can also be streamlined with blockchain technology, allowing the sharing of information faster and more cost effective, allowing financial institutions to demonstrate regulatory compliance, while improving transparency and reducing compliance costs at the same time.
The Blockchain market is expected to grow to $20 billion by 2024. Having proven its fraud-fighting credentials, more and more organizations are now likely to consider the technology. This will eventually benefit the finance and procurement processes across the ecosystem. Experts also predict that businesses will ultimately be using blockchain far more widely thereby changing the dynamics of data storage and online transactions. As blockchain begins to become a more mainstream technology, organizations have a lot to gain by exploring its true potential to prevent fraud and much, much more.
(The author is Co-Founder, CoinDCX and the views expressed in this article are his own)