TheJakartaPost

Please Update your browser

Your browser is out of date, and may not be compatible with our website. A list of the most popular web browsers can be found below.
Just click on the icons to get to the download page.

Jakarta Post

Fintech Talk: Dealing with vicious threats in fast-growing fintech services

Financial technology (fintech) has created new and more practical ways for consumers to access financial products and services. While shaking the status quo and revolutionizing the way traditional financial institutions operate, it comes with threats that must be taken care of.

Budi Rahardjo (Member of Board of Advisors to the Indonesian FinTech Association and information security expert and lecturer at the School of Electrical Engineering and Informatics, Bandung Institute of Technology)
Jakarta
Tue, January 17, 2017

Share This Article

Change Size

Fintech Talk: Dealing with vicious threats in fast-growing fintech services Cash society: A customer prepare piles of banknotes as he prepares to make deposits at a bank branch in Central Jakarta. Despite the introduction of internet and smartphone banking services, traditional channels, such as through automatic teller machines (ATMs) and direct deposits, still dominate the provision of banking services in Indonesia. (JP/Dhoni Setiawan)

Financial technology (fintech) has created new and more practical ways for consumers to access financial products and services. While shaking the status quo and revolutionizing the way traditional financial institutions operate, it comes with threats that must be taken care of.

Client interactions that the people experience while enjoying banking services have been more dynamic. As shown by the 2015 McKinsey & Company Survey, the adoption of digital banking services has increased expeditiously throughout Asia since 2011.

Clients have been using their computers, smartphones and tablets to interact with banks more often, which consequently leads to less customer service though brick-and-mortar banks. The telebanking service, which is run through the telephone line, has also fallen substantially.

While the aforementioned survey shows that the traditional channels of banking services such as through automatic teller machines (ATMs) still dominate the provision of banking services, it also reveals a five-fold jump in client usage of internet services and smartphone banking in the last six years — particularly in the developing nations of Asia, including Indonesia.

(Read also: The emergence of fintech: disruptive or collaborative?)

Increasing consumer reliance on these technologies has become a key factor in accelerating fintech development, which supports the provision of various financial services in Indonesia. Currently, it is estimated that there are more than 140 start-up companies, a number that will continue to increase due to the great potential of this untapped market.

In line with the increasing number of players in the industry, services that fintech offer have been getting more diversified from payment services, financing/loans, investment in capital markets and insurance products that take advantage of these technologies.

The knowledge and demand of fintech, as well as the convenience and financial inclusion, have all increased. Despite these benefits, as a logical consequence of the greater variety in options and points of access, there has also been an increase in the security risks of conducting transactions in such a way.

Indonesia is ranked first in the world in terms of speed of growth in the number of connections. However, unfortunately, Indonesia is also ranked first internationally in terms of cybercrime and second in the world in terms of hacking.

The police’s Special Crime Investigation Directorate reported approximately 1,627 criminal cases over the course of 2016 and cybercrime accounted for the highest proportion of these crimes, totaling 1,207 cases. Malware, including viruses and ransom ware, were the most common tools used for such activities in Indonesia.

The closer the connection between technology and financial services, in which financial activities can be conducted whenever and wherever, the greater the threat of sophisticated crime occurring. There is no other sector that is more exposed to this threat than the financial services sector, which includes fintech.

While the most common form of cybercrime in Indonesia is malware, the most concerning criminal activities that affect financial transactions are fraudulent transactions, carding (the use of another person’s card without authorization) and marketplace fraud. Those three crimes are moving in the direction of financial technologies.

The biggest risk emanating from these threats is the loss of client confidence, which will be the basis of financial technologies in the future.

From a technical point of view, there are a number of ways in which fintech security can be implemented, both by the service providers as well as by users. From the service provider’s point of view, firstly, they can use the user ID and password combination as the most basic form of protection.

Secondly, they can provide additional protection that is formulated specifically for the user, such as with the use of cards or tokens. Thirdly, they can provide a more sophisticated level of protection in the form of biometric features, and fourthly, they can secure data via the network or server by using multiple technical techniques.

The most important aspect of security requiring the attention of service providers in relation to the data security is the concept of innovation in security techniques (the development of applications and their operationalization), as well as frequent and continuous testing of security protocols. Additionally, significant investments must be made in this area, not only in the systems but also in the competent human capital.

From the user’s perspective, education is the key. The community must be educated about the importance of having their personal data, and particularly their financial information, properly secured. The community must also be careful when selecting their financial service provider. Schools must be encouraged to start teaching about system security in the curriculum.

Meanwhile, the role of the government and relevant associations is a key part of undertaking quality control and evaluating the activities of fintech start-up companies, which are expanding rapidly in number. The Communications and Information Ministry has already formulated an Information Security Index (KAMI), but it should take more beyond “business as usual” approaches as this should not be dealt with purely in a reactive manner to specific cases.

In the future, it is hoped that there will be security obligations and standards that can be used as a guide by business actors in measuring and enhancing their security.

Case reporting and handling mechanisms are required to reduce concerns regarding fintech services, should a case occur. Risk is indeed a constant. However, it must be mitigated and maintained at an acceptable level.



{

Your Opinion Matters

Share your experiences, suggestions, and any issues you've encountered on The Jakarta Post. We're here to listen.

Enter at least 30 characters
0 / 30

Thank You

Thank you for sharing your thoughts. We appreciate your feedback.