CXOToday has engaged in an exclusive interview with Pinakin Dave, Country Manager – India and SAARC, OneSpan
Tell us about OneSpan’s presence in India and the solutions that it offers to banks and financial institutions.
OneSpan works with some of the biggest global and Indian banks on authenticating digital transactions with cutting-edge solutions that help their customers. As a digital agreements security company we offer a range of services for sectors including Retail Banking, Commercial Banking, Lending & Financing, Wealth Management, Insurance, Healthcare and the Government. Our state-of-the-art solutions include Passwordless Authentication, Account Takeover Fraud, Transaction Authorization, Regulatory Compliance, New Account Fraud, Enterprise Security, Regulatory Compliance, e-signature, Customer authentication and Automated Financial Agreements among other services.
What is your current market share and clientele? Any plans for expansion.
Large global and Indian banks trust the solutions offered by OneSpan for providing their customers with a safer banking journey. OneSpan is also focusing on the NBFC, insurance industry and large enterprises by providing solutions which will not only secure but also enable their business growth. We are a dynamic company, and we aim to deliver a secure digital journey to large enterprises and financial institutions in India.
What are some of the new-age digital threats that customers or companies need to be cautious about? How is the Indian banking industry affected by these threats?
There are a number of latest digital threats that affect both banks and their customers. Some of the more sophisticated ones include man-in-the-middle attack, reverse engineering of mobile apps, screen overlay attack, screen sharing or remote access fraud, OTP theft, keylogging and screen reading, malicious app banking fraud and the SIM swap fraud. These attacks mostly target customer’s bank accounts or take over their data and hold it for ransom.
A new kind of threat that emerged during the Covid-induced lockdown was the fact that, as employees started to work from home, they used their home networks and personal devices. Organizations are not sure whether the person accessing their system behind the is eligible or not. In such cases, having multi-factor authentication along with VPN is very important. E-sign is another feature that was very useful during the lockdown as it maintained the integrity of the transaction along with safety.
Can you throw some light on the digital infrastructure that banks are following currently? Any shortcomings that you would like to point out, and how they could strengthen their existing infrastructure?
Banks in India are constantly updating their infrastructure and employing state-of-the-art method to safeguard their customers. Along with that, they are continuously in touch with customers to spread awareness about digital frauds. Banks in the retail vertical often employ solutions like e-signature solutions which digitize both internal and consumer-facing agreement processes so that they can deliver a better experience to both customers and employees. These e-signatures can be used for easy account opening, account maintenance and a host of other services including hiring & employee onboarding, vendor contracting, signing NDAs and other legal agreements. Commercial banks, too, use e-signatures for small business lending, treasury management along with their other internal processes.
Today, mobile banking is at an all-time high and we have witnessed an increasing. Banks, on their end, are working round the clock to secure the mobile app, and RBI is giving its utmost importance to security around mobile banking. Banks who offer mobile banking have to follow strict RBI guidelines that keep updating which ensure that mobile banking transactions remain safe.
What are your views on the rise in digital transaction frauds reported in India, especially through mobile applications, fraudulent links, etc. Describe the ways in which consumers can have a safer experience while transacting online.
Even as banks are continuously updating their digital security along with educating their consumers, we have witnessed a significant rise in the number of digital frauds. Fraudsters are constantly updating their methods to rob customers of their hard-earned money. At OneSpan, we constantly invest in R&D and come up with products that help banks and consumers stay one step ahead of these fraudsters.
Customers, on their part, need to remain constantly vigilant. They should never download apps from untrusted sources or clink any links that they do not trust. They should only scan QR codes for those transactions they are sure about. Using a robust mobile security app is another way to be safe while transacting online. Another important thing is for them to always keep their system and security software updated as that will help them avoid latest threats. Customers need to protect their data online and never reveal their details with any outside source. These simple yet important steps can really help make a difference in being secure while banking in the digital landscape. Banks also now use passwordless authentication which effectively eliminates risky password management techniques and reduces credential and identity theft.
How has the pandemic contributed in raising awareness among regulatory bodies and financial institutions in investing and maintaining a robust security infrastructure to protect against potential cyber scams?
At the start, cyber criminals saw Covid as a chance to increase their fraudulent activities given that the number of online transactions increased considerably. However, banks and organizations were quick on the uptake and managed to cope considerably well with digital financial threats. Newer products were employed, like the ones we have in OneSpan’s application shielding which not only protects the users from operating in untrusted environments, but also helps improve the user experience. Additionally, cloud authentication, e-signature, digital signature, e-closing, id verification and authorization were all security tools that came into force and banks employed them efficiently. The RBI came out with digital payment security control guidelines which were timely and helped banks upgrade their digital security and help provide a safer banking experience for customers.
Another thing we noticed was that since people were working from home, banks and companies ensured their employees used VPN along with multi-factor authentication to safeguard against third-party attacks. To sum up, there were a lot of learnings and the responses from banks and companies was swift and helped secure their digital systems.
Things to keep in mind in terms of online security and the forecast for 2023 and the potential threats to guard against.
The threats that we witnessed in 2022 will continue in 2023 as well. In terms of the learnings that we can gain from this is that digital financial security is a two-pronged approach. While RBI and banks are both taking all the measure required to keep customers secure, its also the responsibility of the users to follow online hygiene and become responsible netizens.