Connect with us

BANKING

Challenger banks: Ensuring trust in your email 

Lack of partnerships holding back open banking innovation, report finds

By Paul Wilson, Product – Risk Based Authentication, AppGate

With nearly 300 billion emails being sent every day in 2019, the use of email by both individuals and businesses shows no sign of slowing down. In fact, in light of recent governmental lockdowns causing more people to work from home, there will arguably be more emails sent now than ever before. For most organisations, it is the primary way in which they communicate with their customers so the need for email to remain a trusted method of communication is crucial.

But it is not just the enterprise world that is taking advantage of the cost-effectiveness and easy to use nature of emails. It is understandable that fraudsters are increasingly tapping into these benefits with 49 per cent of businesses reporting that fraudulent emails the one cybersecurity breach that caused the most disruption to their organisation.

For businesses, particularly those within the financial service industry, it is absolutely paramount that their customers maintain a level of trust in their provider’s email communication. This is especially true as we see an increase in call centres closing down due to COVID-19 and email becoming a vital form of communication for the foreseeable future for many organisations. To truly protect themselves against cybercriminals and ensure their trustworthy reputations are kept intact, financial institutions must ensure they have the correct tools in place.

The price to pay when trust is lost

When it comes to people’s personal and financial details that are at risk of being compromised there is very little room for forgiveness. Once a customer has experienced fraudulent activity, it is not just a matter of having to rebuild their trust. The likelihood is, they’ll move on to another provider.

For the larger banks, this can be a setback but it is unlikely they’ll suffer in the long term. However, for the increasing number of challenger banks such as Monzo and Starling, who face acquiring costs of US$ 349 (£268) for new banking customers, it is not just short term reputational damage they have to battle. The cost of losing a customer can be a matter of make or break for them.

What’s more, the likelihood of suffering an attack is high and continuing to rise. The number of phishing emails has risen by 25 per cent in the last year alone, according to the AppGate’s latest Fraud Beat Report. Unlike other forms of fraudulent attacks, phishing attacks are easily masked through the use of mimicking official bank email addresses. This makes it almost impossible for the customer to even notice if they are receiving questionable emails.

For challenger banks, who are in phases dedicated to fast growth and customer acquisition, having a trustworthy email system is not simply a nice to have. It is an absolute necessity if they are going to successfully hit their targets, maintain their existing customer base and retain new customers.

Straightforward protection

To add further difficulty into the mix, the majority of security solutions require a high level of technical knowledge. For larger organisations, this is easily solved by onboarding a specific security team. But for challenger banks, who often have small teams and very tight budgets, this is a luxury few possess. Challenger banks need solutions that are not only simple and efficient but one that fits around their fast-paced operations.

This is where authenticity policies and reporting protocols, such as Domain-based Message Authentication Reporting and Conformance (DMARC), can come into play. By hosting an approved list of domains, DMARC works by allowing email service providers to quickly cross-check the lists and block spoofing email attacks. For challenger banks, once they publish their details on the DMARC Domain Name System (DNS), they establish a strong foundational layer of protection for their customers.

It is through the use of two reporting methods that DMARC can work to block spoofing emails. The first method, known as Sender Policy Framework (SPF) reports, checks if the incoming mail is from a domain that is authorised by that domain’s administrators. The second report, called DomainKeys Identified Mail (DKIM) reports, checks that the email, and any attachments in it, have not been altered in any way during delivery. If an email fails either of these tests, the sender’s DMARC policy will notify the receiver of the emails to either monitor the unauthenticated email, separate it or reject it.

With the use of real-time threat visibility and analytics platform, this protection can be taken a step further. These platforms connect to the DMARC DNS data, enabling them to not only show where malicious emails come from but then assist in preventing the malicious emails reaching customers. By capitalising on these platforms, challenger banks can quickly close down spoofing sites and disable additional attacks. In addition, as more security features are added over time, the threat visibility and analytics platforms can also assess their effectiveness. Having this additional layer of insights and ability allows challenger banks to simultaneously ensure trust in email communications whilst not affecting the customer experience.

Start as you mean to go on 

For challenger banks, trustworthy email communications are not simply the difference between a good and a bad day in the office. It is the lifeblood of their survival. Having effective security measures in place to protect their customers is vital. For challenger banks to really provide that added value of faultless security protection for themselves and their customers, a combined approach of security solutions such as DMARC and an analytic platform is a necessity.

Continue Reading

Recent Posts

The lockdown money revolution 29 The lockdown money revolution 30
FINANCE4 days ago

The lockdown money revolution

By Granville Turner, Director at Turner Little. Many Brits have found that lockdown has been beneficial for their money, having...

Self-employed taxpayers and Making Tax Digital 31 Self-employed taxpayers and Making Tax Digital 32
BUSINESS4 days ago

Self-employed taxpayers and Making Tax Digital

By John Hemming, CEO of Cirrostratus Exedra, the company that runs the VAT Direct Making Tax Digital Service The HMRC’s ambition...

Auditor regulation and litigation - down to the Wire(card)? 33 Auditor regulation and litigation - down to the Wire(card)? 34
BANKING5 days ago

Auditor regulation and litigation – down to the Wire(card)?

By Tom Snelling, partner at Signature Litigation and David Entwistle, a regulatory lawyer and legal risk specialist Introduction The collapse...

Why it’s time to adapt to the virtual world: how to master online negotiations 35 Why it’s time to adapt to the virtual world: how to master online negotiations 36
TECHNOLOGY5 days ago

Why it’s time to adapt to the virtual world: how to master online negotiations

By Tony Hughes, CEO at Huthwaite International, a leading global provider of sales, negotiation and communication skills development Virtual negotiations...

Protecting against man in the middle attacks with dynamic linking 37 Protecting against man in the middle attacks with dynamic linking 38
FINANCE2 weeks ago

Protecting against man in the middle attacks with dynamic linking

By David Vergara, Senior Director of Product Marketing at OneSpan In recent years, the booming growth of mobile applications has...

The Case for Banks to Digitally Transform: Iterating out of lockdown 39 The Case for Banks to Digitally Transform: Iterating out of lockdown 40
BANKING2 weeks ago

The Case for Banks to Digitally Transform: Iterating out of lockdown

By Sudeepto Mukherjee, Senior VP, Banking EMEA & APAC, Publicis Sapient. Before COVID-19 disrupted every imaginable part of society, banks...

Difficulties of Getting on the Property Ladder Post-Pandemic 41 Difficulties of Getting on the Property Ladder Post-Pandemic 42
LIFESTYLE2 weeks ago

Difficulties of Getting on the Property Ladder Post-Pandemic

There is a lot of talk about what’s going to happen to the housing market over the next few months....

Russian Doll: Building digital capabilities into a bank’s core 43 Russian Doll: Building digital capabilities into a bank’s core 44
BANKING2 weeks ago

Russian Doll: Building digital capabilities into a bank’s core

By Ian Johnson, Managing Director of Europe, Marqeta COVID-19 has left its mark on every industry, and banking is no...

How the US and Europe's COVID-19 Responses Have Affected Exchange Rates 45 How the US and Europe's COVID-19 Responses Have Affected Exchange Rates 46
TRADING2 weeks ago

How the US and Europe’s COVID-19 Responses Have Affected Exchange Rates

In living memory, few events have thrown the reputations of different countries and regions under such intense scrutiny as the...

Recognising the surprise PE investment potential in southern Africa 47 Recognising the surprise PE investment potential in southern Africa 48
INVESTING2 weeks ago

Recognising the surprise PE investment potential in southern Africa

By Martin Soderberg, partner at SPEAR Capital. An event of historic significance passed largely unnoticed in the world’s media recently,...

Why Banking is experiencing a second wave of transformation 49 Why Banking is experiencing a second wave of transformation 50
BANKING2 weeks ago

Why Banking is experiencing a second wave of transformation

By Keith Pearson, Head of Financial Services EMEA, ServiceNow The financial landscape has seen significant changes in the last six...

Making your mark: an introduction to trademarks 51 Making your mark: an introduction to trademarks 52
TRADING2 weeks ago

Making your mark: an introduction to trademarks

By James Turner, Director at  Turner Little  Are you looking to protect your brand? The chances are, you are –...