Written by: Mr. Sundar Balasubramanian, Managing Director, India, and SAARC, Check Point Software Technologies
A bank’s applications are the engine of the business. As they scale and grow, they expose more APIs, which also leads to an increase in attack surface. Cybercriminals exploit this phenomenon by attacking web applications and APIs with advanced methods such as SQL injection, cross-site scripting, and the deployment of automatic scripts called “bots”. These attacks are damaging and costly, and the ability to secure applications has never been more critical.
But detecting and preventing these attacks is difficult, requiring the bank to implement application-specific security defenses, such as embedding security into its mobile apps from the start. If they don’t, the implications are disastrous, with great damage that can be incurred to customer safety and the bank’s reputation.
Here in India, a banking organization was attacked an average of 1364 times per week in the last 6 months, compared to 919 attacks per banking organization in the APAC region, as shown in Check Point’s Threat Intelligence report. Apart from this, in India, the weekly average of organizations affected by banking malware stood at 7.0% compared to the APAC average of 2.9%.
Check Point’s “Mobile Security Report 2021” lists a 15% increase in global banking Trojan activity in 2020, threats that put mobile users’ banking credentials at risk, as actors of the threat use mobile remote access Trojans (MRATs), banking Trojans, and premium Trojans. dialers often hidden in apps claiming to offer COVID-19 related information in 2021, making mobile banking apps a breeding ground for cyberattacks and one of the biggest risks to the banking industry. Security is obviously a growing priority within most organisations, but as the numbers have presented, never more so than in banking.
This blog will feature the stories of two banks, their challenges, and the solutions they implemented to overcome the challenge and strengthen their security posture.
Customer story: a major European bank strengthens the security of e-banking web applications
To overcome the challenges of securing its online banking offering, a European bank was looking to improve and automate the API security of its customer-facing web applications.
With Check Point’s CloudGuard AppSec, the bank can now prevent real threats such as those in the OWASP Top 10, as well as zero-day API attacks and malicious bot traffic. And all this while eliminating false positives.
Among the improvements made possible by the Check Point solution are:
- Improved security with automated application security and API protection using contextual AI
- Increased scalability with a fully automated solution for public clouds (AWS, Azure, Kubernetes, etc.) and on-premises multi-apps, with protection for billions of annual app requests
- Reduced operating expenses by eliminating the need for manual tuning and fully automating multi-environment and applications
Online Banking Security with Check Point CloudGuard AppSec
Customer story: Major Asia-Pacific bank launches mobile e-banking innovations
to over a million customers quickly and securely
With Check Point’s Harmony App Protect Mobile SDK, the bank has been securing its online banking mobile apps from the ground up, achieving:
Out-of-the-box secure applications
Runtime protection against malware, jailbreak/root, MitM attacks and tampering attempts
Known and unknown threat detection and compromise prevention
Faster version release
Developers quickly and securely release new features
Reduced development and testing effort
Applications compliant with financial regulations from day one, incl. FFIEC, PSD2, PCI-DSS, etc.
Secure Apps with Check Point Harmony App Protect
Security solutions for advanced e-Banking services
Banks can protect web apps and APIs from cybersecurity attacks and build secure mobile apps from the start with Check Point’s CloudGuard AppSec, which automates financial services apps and API protection, and with Harmony App Protect for secure online banking mobile applications.
Check Point enables banks to provide their customers with advanced digital services with the highest level of security for their network, cloud, users and access, with the Quantum, CloudGuard, Harmony and Infinity product lines.
By adopting a consolidated security approach with the Check Point Infinity architecture and services, banks achieve preemptive protection against advanced fifth-generation attacks while achieving a 50% increase in operational efficiency and a 20% reduction in security costs.
This extensive offering of Check Point cybersecurity solutions and services enables 6,500 financial institutions around the world to overcome their toughest challenges today and helps banks deliver superior digital experiences while ensuring security and compliance .