Rebuildingsociety MD says fintechs needs to step up their cyber security
Rebuildingsociety managing director Daniel Rajkumar has claimed that the fintech sector needs to step up into the next phase of cyber security, as API connections expose vulnerability that hackers can exploit.
He said there is a specific risk at the moment, as more fintechs move towards embedded finance and further API applications with different software companies, such as for anti-money laundering (AML) solutions.
Rajkumar said that many firms conduct penetration testing, the systematic process of identifying and probing vulnerabilities in its infrastructure and software, but do not do so when connecting with another firm via an API.
He said these connections can result in a minor but significant vulnerability combining with another on a separate company to lead to something more serious that a hacker can exploit.
Rajkumar said as we enter the next phase of cybercrime, fintechs need to take cybercrime more seriously, including penetration testing and vulnerability testing.
Read more: Cybercrime overtakes fraud as key business concern
Read more: Rebuildingsociety polls investors about its pandemic response
“I think we’ll likely to see more hacks in future and platforms need to look more seriously at penetration testing and vulnerability testing,” Rajkumar added.
“It’s the whole fintech sector. It’s not just embedded finance. It’s any kind of API integration with another third-party provider and you have that with AML providers, payment service providers and the number of growing integrations is quite common now.
“We will probably go into a new phase of cyber security and it’s something platforms need to take seriously.”
Read more: FCA sends thousands of staff on cyber security training