ebankIT was honored to welcome Stephen Pedersen, VP of Cyber & Information Security at Coast Capital Savings, as a panelist at the ebankIT Summit 2023.
He captivated the audience with an insightful perspective on cybersecurity and shed light on the delicate balance between identity verification and digital threat mitigation in financial services.
Pedersen highlighted that in a world shaped by the COVID-19 pandemic, consumers have flocked to digital channels for their banking needs, driving the transformation of financial services at an unprecedented pace. However, this rapid digitalization has not come without its challenges.
As the digital landscape expands, so do the threats posed by cybercriminals. These digital threat actors have grown bolder, more skilled, and better-funded, making it crucial for financial institutions to enhance their cybersecurity measures. Additionally, the emergence of commodity threat platforms has lowered the barriers to entry for potential attackers.
In this evolving environment, striking the right balance between Know Your Customer (KYC) protocols and minimizing friction for customers becomes paramount. While KYC measures are necessary to ensure the security and integrity of digital banking transactions, they can also lead to increased friction and a less seamless user experience.
While it is essential to have identity verification to prevent account takeovers and minimize fraudulent transactions, it can become inconvenient for users who simply want quick access to their accounts. Pedersen shared valuable insights on how to strike the perfect balance between these two factors, ensuring security without compromising the user experience.
Pedersen mentioned three crucial aspects that should be carefully considered by financial institutions when it comes to cybersecurity.
1. Customer responsibility
Encourage clients to create complex passwords and activate Two-Factor Authentication for additional protection.
2. Identity verification
Providing a secure and smooth experience for banking users can be accomplished through the implementation of automated KYC processes and the adoption of cutting-edge identification verification technology.
3. Real-time Customer Analytics
By monitoring customer interactions in real-time, quickly identify any anomalies and trigger alerts for potential security threats.
Pedersen also recommends that financial institutions prioritize investing in digital channels to combat the rising number of human-initiated and bot-driven attacks effectively.
He emphasizes the importance of focusing on key areas such as new account opening, payment processes, and credential resets while also strengthening security measures in mobile channels. Additionally, leveraging global intelligence to effectively manage risks is essential in today’s cybersecurity landscape.