The ideology behind this article is to introduce security measures comprising of Denial-of-service (DoS), DDoS attacks, Rootkits, Web-Based and Network-Based Attacks, Social Engineering Attacks, Resource Abuse Attacks, Mobile-Based Branchless Service, Data Loss, Data Integrity Threats and other severe attacks in mobile banking and disruptive fintech innovation.
An Organization should base techniques in comprising several countermeasures to establish safety. A confidential document is to be documented to highlight all security components that are important to mobile banking including bank application use cases, the internal and external network layout.
Other techniques both the FinTech organizations and banks should consider, are the Game Theory, Secured Network Address Translation, Establishing Network Security Measures, Wireless Security Port Scanning and other security techniques. The entire security should facilitate the interaction between attacker, data leakage, server unreachable and the entire organization network. Disruptive FinTech organizations should adopted the IT risk management tool to assess all risks to maintain confidentiality, integrity and availability (CIA) of customer’s data.
The main aim of this security approach is to propose a rigid IT security strategy, analyze and compare the shortcoming of traditional framework security measures caused by quantitative decision systems.
Furthermore, organizations should diagnostically illustrate that there is a rigid methodology and procedures available for them to defend against malicious attackers if recommendation and good practices are followed, right from top personnel to all staffs.
The accuracy of the strategies adopted will depict various process and confirm that the security officer has set up rigid security measures for the entire project from commencing to completion and afterwards.
It is true that some recommendations might be difficult to follow by these FinTech start-ups and the innovative financial sectors due to complexity, time frame and resources.
Data transmission depletion as DoS or DDoS is a standard attack in this digital world and different defense strategies are still being recommended to limit these assailants. However, most of these recommendations are not effective since most are only focused on the node-to-node approach instead of the (D)DoS issue.
Nevertheless, some of the recommended methodologies by other specialists are still effective to address DDoS assaults, but the problem arises when the assailant alters the node-to-node approach into an attacker-to-defender type. Here, the conventional strategies neglect both the behavior and decisions of the attack, making them non productive.
In this article, security officers should apply methods that are furnished with scientific structure for analysis and displaying their system security issues. My research on the financial aspects of DDoS assaults has concentrated on the association of a strong defense resistance design theory based on the game hypothesis and administered simulation analysis on a network which uses a framework to deduce DDoS assault techniques.
I am aware of, that traditional process lacks efficacy remedies since it neglects the behavior and choices of the aggressor. Modern firms are still investing huge amount of capital to prevent security violation and vulnerable attacks to prevent data theft. From my perspective, the new trends such as; cloud computing and bring your own device (BYOD) influence data leakage which I address very carefully at many organizations. Following rigid security measures, these organizations should set rigid data policy for the development and all transaction protocols as well as storage. This approach will prevent data from losing its integrity and consistency. In this article, banks and fintech startups are advised to abide by approved and tested security measures such as the CIA triangle which also forms a blueprint for the company to enforce integrity and prevent data from being accessed by unauthorized persons.
It is therefore essential that all security measures will be accepted by CEOs, top personnel, staffs, outbound workers and vendors of the company to enhance mobile banking and financial technology (FinTech).
FinTech organizations should use tried and approved mobile banking and online banking security measures to help protect customer’s data. I do hereby propose, that the security measures should start from the APP development, registration, secure log-in and PIN-entry, storing default location, the API transmission protocols, recoveries, the storage devices, data warehouse, the organization network layout and all service level agreements (SLA). These organizations are to abstain from SHA-1 and MD5 algorithm as well as open-source cryptos.
This article governs the integrity, privacy, security, and confidentiality of information, especially highly sensitive information, and the responsibilities of departments and individuals for such information. Furthermore, the measures proposed here are intended to protect information assets and preserve the privacy of the employees, sponsors, suppliers and associated entities. Inappropriate use exposes FinTech innovators to risks including virus attacks, compromise of network systems, services and legal issues.
Associate: University of Derby