Fintech needs to adopt advanced AI/ML-powered models

Of many threats, the significant ones to look out for in the sector are GenAI threats, deepfakes, phishing and multi-cloud threats.
Fintech needs to adopt advanced AI/ML-powered models

BENGALURU: The fintech sector is now increasingly adopting cloud services, embracing IT modernisation and integrating traditional silos with artificial intelligence and machine learning solutions. Since the sector is interconnected, and includes numerous third-party vendors and partners, it is also prone to cyberattacks. In 2023 alone, there were 4,29,847 cybersecurity incidents pertaining to financial institutions, according to the Indian Computer Emergency Response Team (CERT-In). This is up from 6,168 in 2019.

The fintech sector is now more susceptible to ransomware attacks due to its integration of advanced digital payment systems along with other solutions for the banking sector that use complex AI/ML algorithms, says a recent PwC report.

Since fintech firms manage vast volumes of sensitive financial data including transaction details, client records and payment information apart from digital wallets, these help cybercriminals to expand their attacks across different subsectors.

The PwC report, titled ‘Beyond the cloud: Navigating FinTech cyber threats and fortifying defences', pointed out that in April 2022, a money lending platform in India suffered a data breach where sensitive customer data containing more than 6.5 million files, totalling over 1TB, was leaked online.

Key threats

Of many threats, the significant ones to look out for in the sector are GenAI threats, deepfakes, phishing and multi-cloud threats. "Fintechs must recognize the evolving landscape of sophisticated cloud-enabled cybersecurity threats. Moreover, the interconnected nature of cloud environments heightens the risk of data security compromises, where attackers exploit numerous weaknesses," the report added.

Fintechs can include these recommendations:

1) Cloud-native security: They can adopt cloud-native security services and tools from cloud providers to improve security parameters. They should enable real-time cloud visibility with investments in cloud native application protection technologies (open source is another option). Adopt cloud infrastructure management platforms, cloud security assessment software and solutions with a strategic approach.

2) API security and secure DevOps: Integrate security mechanisms in the DevOps process so that security practices are deployed from the earliest stages of development.

3) Implementation of ML and AI solutions: To predict and potentially protect against emerging cyber risks, fintechs can adopt advanced AI/ML-powered models and algorithms.

4) Risk analysis of GenAI and large language models (LLMs): Regularly perform comprehensive risk assessments for every GenAI platform/solution and LLM that is implemented, in addition to maintaining an up-to-date risk matrix.

5) Regulatory compliance: Mandatorily adhere to existing regulatory frameworks and be up to date with the newly introduced or upcoming regulations to ensure maximised data security and consumer protection.

Related Stories

No stories found.

The New Indian Express