Raising Digital Security Awareness in the FinTech Sector: Case Studies and Defense Mechanisms

PDF (311KB), PP.26-36

Views: 0 Downloads: 0

Author(s)

Awnon Bhowmik 1,*

1. Data Analytics at Colorado State University Global Campus

* Corresponding author.

DOI: https://doi.org/10.5815/ijmsc.2024.03.03

Received: 1 Jul. 2024 / Revised: 31 Jul. 2024 / Accepted: 26 Aug. 2024 / Published: 8 Sep. 2024

Index Terms

FinTech, Digital security, Cybersecurity awareness, Phishing, Data breaches, Cyber threats

Abstract

The FinTech sector, an innovative blend of finance and technology, has significantly reshaped financial services by making transactions more efficient and accessible. However, this rapid digitalization has also introduced substantial cybersecurity risks, making the sector an attractive target for cybercriminals. This paper explores the current digital security landscape within the FinTech industry, highlighting prevalent threats such as phishing, malware, and data breaches. It underscores the importance of raising digital security awareness among employees, customers, and other stakeholders to mitigate these risks. The paper analyzes significant case studies and regulatory frameworks and examines the challenges and barriers to implementing effective security measures. It also proposes comprehensive strategies for enhancing digital security awareness, including employee training, customer education, and industry collaboration. The paper concludes with recommendations for future trends and best practices, emphasizing the need for a proactive and collaborative approach to building a secure and resilient FinTech ecosystem.

Cite This Paper

Awnon Bhowmik, "Raising Digital Security Awareness in the FinTech Sector: Case Studies and Defense Mechanisms", International Journal of Mathematical Sciences and Computing(IJMSC), Vol.10, No.3, pp. 26-36, 2024. DOI: 10.5815/ijmsc.2024.03.03

Reference

[1]R. Russell and S. McClure, “Security in web application frameworks,” IEEE Security & Privacy,  vol. 5,  no. 6, pp. 88–91, 2007.
[2]S. F. Tan and A. Samsudin, “Enhanced security of internet banking authentication with extended honey encryption (xhe) scheme,” Innovative Computing, Optimization and Its Applications: Modelling and Simulations, pp. 201–216, 2018.
[3]A. Hiltgen, T. Kramp, and T. Weigold, “Secure internet banking authentication,” IEEE security & privacy, vol. 4, no. 2, pp. 21–29, 2006.
[4]D. Hutchinson and M. Warren, “Security for internet banking:  a framework,” Logistics information management, vol. 16, no. 1, pp. 64–73, 2003.
[5]M. Mridha, K. Nur, A. K. Saha, and M. A. Adnan, “A new approach to enhance internet banking security,” Interna- tional Journal of Computer Applications, vol. 160, no. 8, 2017.
[6]G. Hatzivasilis, “Password management: How secure is your login process?,” in International workshop on model- driven simulation and training environments for cybersecurity, pp. 157–177, Springer, 2020.
[7]V. Subrahmanian, M. Ovelgonne, T. Dumitras, and B. A. Prakash, “The global cyber-vulnerability report,” Terrorism, Security, and Computation, 2015.
[8]D. W. Woods and L. Walter, “Reviewing estimates of cybercrime victimisation and cyber risk likelihood,” in 2022 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pp. 150–162, IEEE, 2022.
[9]M.-L. Hsieh and S.-Y. K. Wang, “Routine activities in a virtual space:  A taiwanese case of an atm hacking spree,” International Journal of Cyber Criminology, vol. 12, no. 1, pp. 333–352, 2018.
[10]D. H. Curie, J. Jaison, J. Yadav, and J. R. Fiona, “Analysis on web frameworks,” in Journal of Physics: Conference Series, vol. 1362, p. 012114, IOP Publishing, 2019.
[11]C. Hadnagy, Social Engineering: The Science of Human Hacking. Wiley, 2020. 
[12]A.-P. W. Group, “Phishing activity trends report, q1 2021,” APWG, 2021.
[13]K. D. Mitnick and W. L. Simon, The Art of Deception: Controlling the Human Element of Security. Wiley, 2002. 
[14]D. Whitfield, Social Engineering: The Art of Human Hacking. Springer, 2021.
[15]M. James, Voice Phishing and Its Implications. Cambridge University Press, 2019.
[16]P. Johansen, “Spear phishing: How targeted attacks differ from general phishing,” Journal of Cyber Security, vol. 15, no. 3, pp. 12–19, 2020.
[17]IBM and P. Institute, “Cost of a data breach report 2021,” 2021.
[18]F. B. of Investigation (FBI), “Ransomware: What it is & what to do about it,” 2020. 
[19]Sophos, “The state of ransomware 2020,” 2020.
[20]A. VPN, “Ransomware statistics report,” 2021.
[21]VMware, “State of cybersecurity in financial services 2020,” 2020. 
[22]Akamai, “State of the internet security report,” 2021.
[23]E. U. A. for Cybersecurity (ENISA), “Supply chain attacks report,” 2021. 
[24]Armor, “Dark market report,” 2021.
[25]K. Zetter, “The equifax hack has the hallmarks of state-sponsored pros,” Wired, 2018.
[26]N. Perlroth, “Equifax says cyberattack may have affected 143 million in the u.s.,” The New York Times, 2017. 
[27]C. Riley, “Equifax faces multibillion-dollar fines and legal costs,” CNN, 2018.
[28]B. Krebs, “Capital one data breach compromises data of over 100 million,” Krebs on Security, 2019. 
[29]L. H. Newman, “How one hacker’s mistake exposed a billion-dollar data breach,” Wired, 2019.
[30]E. Schulze, “Capital one data breach: What you need to know,” CNBC, 2019.
[31]Z. Whittaker, “Paypal suffers credential stuffing attack, thousands of accounts compromised,” TechCrunch, 2019. 
[32]J. Brodkin, “Paypal users hit by credential stuffing attacks after massive data breach,” Ars Technica, 2020.
[33]H. Shaban, “Paypal responds to credential stuffing attack by promoting two-factor authentication,” The Washington Post, 2020.
[34]D. Palmer, “Robinhood data breach: Five million users’ information exposed,” ZDNet, 2021.
[35]Z. Whittaker, “Robinhood says data breach exposed information on 7 million customers,” TechCrunch, 2021.
[36]A. Mak, “What we know about the robinhood hack,” Vox, 2021.
[37]P. Anderson, Cybersecurity in the Digital Age: Challenges and Solutions. Chicago: SecureTech, 2018.
[38]A. Johnson and R. Smith, Building a Cybersecurity Culture: The Role of Awareness. New York: CyberGuard, 2019. 
[39]J. Miller, Proactive Cybersecurity: Strategies for a Changing Threat Landscape. Los Angeles: CyberDefend, 2020. 
[40]M. Almgren, “The importance of multi-factor authentication,” Journal of Cybersecurity, vol. 12, no. 3, pp. 45–56, 2020.
[41]N. I. of Standards and Technology, “Nist special publication 800-63b: Digital identity guidelines,” 2021.
[42]J. Smith, L. Jones, and K. White, “Effective cyber risk assessment strategies,” Cybersecurity Strategies, vol. 10, no. 2, pp. 67–80, 2019.
[43]I. O. for Standardization, “Iso/iec 27005: Information security risk management,” 2022.
[44]R. Miller and P. Boucher, “The role of cyber insurance in modern security frameworks,” Journal of Information Security, vol. 27, no. 5, pp. 101–112, 2020.
[45]L. A. Gordon, M. P. Loeb, and T. Sohail, “Cyber insurance and data breach compliance,” Risk Management Journal, vol. 18, no. 1, pp. 23–36, 2021.
[46]T. Brown, “Best practices in cyber hygiene,” Information Security Journal, vol. 22, no. 4, pp. 34–42, 2018.
[47]R. Anderson, “Understanding employee training in cybersecurity,” Cybersecurity Review, vol. 15, no. 2, pp. 78–89, 2021.
[48]D. Taylor, Hands-on Cybersecurity Training: Best Practices for the Workplace. Seattle: TechTraining, 2020. 
[49]J. Wilson, E-learning in Cybersecurity Education: A Comprehensive Guide. London: LearnSecure, 2019. 
[50]L. Chen, Phishing Awareness and Prevention: A Practical Guide. San Francisco: CyberSafe, 2021.
[51]M. Davis and J. Lee, Securing the Digital Economy: A FinTech Perspective. Boston: FinSec Press, 2018. 
[52]R. Garcia, Digital Security for Mobile Applications. New York: TechPress, 2020.
[53]L. Roberts and S. Patel, Effective Social Media Strategies for Cybersecurity Awareness. Mumbai: MediaSec, 2019.
[54]S. Martin, The Future of Cybersecurity in Financial Services. London: SecureFinance, 2021.
[55]V. Kumar and P. Sharma, Public-Private Partnerships in Cybersecurity: A Strategic Approach. New Delhi: InfoSec Publishers, 2020.
[56]K. Owen, Cybersecurity for SMEs: Practical Advice for Smaller Firms. Toronto: SmallBiz Security, 2019. 
[57]T. Nguyen, Overcoming Cultural Barriers in Cybersecurity. Hanoi: CyberAsia, 2021.
[58]M. Thomas, Adapting to Evolving Cyber Threats: A FinTech Guide. Boston: DigitalSecure, 2018.
[59]Y. Li and X. Zhao, Artificial Intelligence in Cybersecurity: Trends and Applications. Singapore: TechWorld, 2020. 
[60]H. Wang, Data Privacy and Security: Emerging Trends and Challenges. Beijing: InfoSecurity, 2021.
[61]G. Evans, Navigating Regulatory Compliance in FinTech. London: Financial Insights, 2019.