When Digital Payments FAIL: The Trojanization of the Digital Payment Ecosystem | PART 3

94% of the passwords used by 5.2 billion internet users scored less than 65 on Center for Internet Security’s (CIS) security scale. I am pretty much sure that you are one of them. CIS suggests that anything less than 80, is considered an easy target for hackers, given the advanced computing power available today. To determine if your password is hack-resistant, CIS has developed a simple algorithm. Check your password's security score using the link below:

https://passwordstrength.cis.com/

If you have already clicked or had a thought of clicking it, then you are the victim of phishing. All the stats that I have mentioned above are false. Sorry for that! :) It was a kind of Phishing attempt, a type of cyber-attack. It is a social engineering attack that aims to trick victims into revealing sensitive information.

Hackers insert malicious software/hardware into legitimate digital payment systems, allowing them to steal sensitive information such as credit card numbers, passwords, and personal information – called Trojanization.

Trojanization is a growing problem in the digital payment industry. Hackers use a variety of methods to infiltrate digital payment systems, including phishing emails, fake websites, and social engineering tactics. Once they have gained access to the system, they can install malicious software, such as keyloggers or screen scrapers, to collect sensitive data.

The consequences of Trojanization can be severe. In addition to financial losses, victims may also suffer reputational damage if their personal information is leaked online. For businesses, a breach of their digital payment system can lead to lost revenue, legal liabilities, and damage to their brand image.

To prevent Trojanization, our startup industry is taking a proactive approach to cybersecurity.

1. Behavioral Pattern:

• Paygilant: Paygilant uses behavioral biometrics to track a user's unique behavioral patterns, such as how they hold their phone or how they swipe their finger or how many times phone was locked/unlocked in a given time interval to detect when a fraudster is trying to hijack their account.
• Nethone: Nethone uses behavioral biometrics, machine learning, and deep learning to analyze user behavior and detect fraudulent activity.
• According to a report by MarketsandMarkets, the behavioral biometrics market is expected to grow from $871.2 million in 2018 to $3,922.42 million by 2023, at a CAGR of 35.2%.

2. Device Fingerprinting:

• Paygilant creates a unique "fingerprint" for each device used to make digital payments, which helps to identify suspicious activity across different devices.:
• Forter: Forter analyzes device information to identify fraudulent activity in e-commerce transactions.
• Signifyd: Signifyd analyzes device information, shipping addresses, and transaction history to determine the legitimacy of a transaction.
• Sift: Sift uses machine learning to analyze device information and behavioral patterns to identify and prevent fraud.
• According to a report by Javelin Strategy & Research, the average value of a fraudulent transaction in 2022 was $509.

3. Location Access:

• Riskified: Riskified analyzes location information to determine whether a transaction is legitimate or fraudulent.
• Kount: Kount uses geolocation to identify when a transaction is taking place in an unusual location.
• According to a report by Juniper Research, global online payment fraud losses are expected to reach $48 billion by 2023.

4. Passwordless Authentication:

• Trusona: Trusona replaces passwords with a secure authentication method, such as facial recognition or fingerprint scanning, to prevent hackers from stealing sensitive information.
• According to a report by IBM Security, the average cost of a data breach in 2020 was $3.86 million.

5. Open Banking Infrastructure:

• Token: Token provides open banking infrastructure, allowing financial institutions to securely share customer data with third-party providers, such as digital payment apps, to offer a more seamless and secure payment experience for their customers.
• According to a report by Accenture, open banking could add $7.2 billion in new revenue streams for banks by 2025.

6. Encryption:

• CybSafe provides encryption services for businesses to protect their sensitive data from cyber attacks and unauthorized access.
• According to a report by Zion Market Research, the global encryption software market is expected to reach $16.5 billion by 2025.

7. Two-Factor Authentication:

• Duo Security offers two-factor authentication services for businesses to ensure that only authorized users have access to sensitive data.
• According to a report by Verizon, 80% of data breaches in 2020 involved the use of stolen or weak passwords. (I was not that wrong, at the start of this blog. :)  )

8. Incident Response:

• Companies such as FireEye offer incident response services for businesses to quickly detect, respond to, and recover from cyber attacks.
• According to a report by IBM, the average time to identify and contain a data breach in 2020 was 280 days, with an average cost of $3.86 million.

9. Cyber Insurance:

• Cyber insurance providers such as Chubb and AIG offer policies that can help businesses recover financially from cyber attacks and data breaches.
• According to a report by Cybersecurity Ventures, the global cyber insurance market is expected to reach $23.4 billion by 2030.

10. Cloud Security:

• Cloud security solutions such as Cloudflare and Netskope help businesses secure their cloud-based applications and data against cyber threats.
• According to a report by Gartner, the global market for cloud security is expected to reach $12.6 billion by 2024.

Let me know any innovative startup work - not listed here.

If you have learnt anything new today, please help others by sharing this article.

Connect:

Linkedin: https://www.linkedin.com/in/maheshpawal/

You don't want to miss these:

When Digital Payments FAIL : Over-Reliance and Real-World Examples | PART 1

When Digital Payments FAIL : Disconnected World | Power Failure and Internet Outage | PART 2