“White Hat” hacker-based security platform HackerOne – which demonstrated its bug bounty and vulnerability disclosure platform at our developers conference FinDEVr in London in 2017 – has secured $49 million in Series E funding. The round was led by GP Bullhound, and gives the San Francisco, California-based firm nearly $160 million in total funding. Benchmark, NEA, Dragoneer Investment Group, and Valor Equity Partners also participated in the investment. HackerOne will use the capital to support research and development and expand go-to-market operations.

“As attack surfaces grow, so does the gap between what digital assets organizations own and what they can protect,” HackerOne CEO Marten Mickos said. “HackerOne is closing that gap and keeping its customers out of harm’s way in a way that no other mechanism can accomplish.”

Mickos noted that HackerOne has identified more than 17,000 high or critical vulnerabilities for its customers over the past 12 months. He underscored 2021 as an especially challenging year, with the firm’s customers announcing a 97% increase in reports for misconfigurations. Additionally, Mickos said that a growing number of institutions are choosing ethical hackers – such as those provided by HackerOne – to defend their digital attack surfaces and help reveal potential vulnerabilities. Specifically, HackerOne has experienced increased adoption of its HackerOne Assessments, Application Pentest for AWS, which was launched in August, and expanded its Internet Bug Bounty program to include vulnerability management in the open source software supply chain.

HackerOne ended 2021 with the appointment of Chris Evans as Chief Information Security Officer (CISO). Evans brings years of digital security experience from tenures at Oracle Corporation, Tesla, and Google – where he founded the Google Chrome security team and Google Project Zero security research team – as well as Dropbox, where he was Head of Security.

“All software has security vulnerabilities,” Evans said in a statement. “The only way to outpace the cybercriminals is to enlist the help of external security researchers. Across every industry, we’re seeing the most innovative companies and CISOs embrace ethnical hackers to reduce risk.”

UBS Group AG has become an investor favorite in recent years as a reliable beacon of profitability. For Chief Executive Officer Ralph Hamers, such stability poses a challenge: how to fix something that isn’t visibly broken.

Coming from ING Groep NV, the Dutch lender he’s credited with transforming, the Dutchman’s mission statement is to pull UBS into the Digital Age. Last week, he made his long-awaited first move, buying robo wealth adviser Wealthfront for $1.4 billion in cash.

The deal gives UBS more than 470,000 additional U.S. clients, notably a younger crop that’s still accumulating wealth. It’s a departure for the Zurich-based bank, long accustomed to providing personalized services to the ultra rich. Hamers says the bank must embrace a broader base, even if it means pushing lower-margin, automated products that aren’t the hallmark of UBS’s personalized offerings.

“Let’s not wait for somebody to eat our lunch, let’s do it ourselves,” Hamers said in an interview this month, before the Wealthfront deal was announced. “Do you dare to cannibalize your own business? You have no choice.”

But long-term employees priding themselves in tailor-made services worry that automated advice might dilute a cherished brand. Investors say that moving into unfamiliar territory will probably require more costly acquisitions. And Hamers still has to prove that he can put his stamp on the Swiss institution. His first full year passed with mainly cosmetic fixes like collapsing hierarchies or revamping tech teams, and his first strategic update last year got a lukewarm reception from analysts and staff alike.

New Strategy

UBS is poised to lay out new financial targets and give more clarity on its strategy when the bank reports fourth-quarter earnings on Feb. 1. The Wealthfront deal is the clearest indication yet where Hamers, 55, wants to take UBS, both geographically and strategically. He’s pushing for a mixed model, whereby advisers personally focus on the wealthiest and most lucrative clients, while algorithms cater to less affluent and demanding customers.

Stakeholders have long pointed to the bank’s U.S. operations as an area in need of attention. The business is too costly, with a cost-income ratio of 80% compared with less than 60% in all other regions. Assets are too sub-scale when stacked up against peers, and UBS lacks the investment-banking punch to break into the Top 5 on Wall Street.

UBS remains committed to the region, because selling out like Credit Suisse Group AG did in 2015 would effectively shut it out of the world’s largest wealth pool. Instead, Hamers sees the U.S. as a laboratory for his digital push that will help cut costs. While some analysts questioned the relatively high price paid for Wealthfront, others expect the bank to pursue more bolt-on deals as it tilts more toward robo advisers.

Prove It

“The digital wealth offering is a model that will have to prove itself,” said Eric Hagemann, senior analyst at Pzena Investment Management, a UBS shareholder. “Can a human being in a call center deliver a credible substitute for a full-service high-touch model? It’s really unclear. And then that raises the question of is it really worth the cost of having human beings involved at all?”

Coming into an institution steeped in private banking tradition, Hamers — with his background in corporate and retail banking and direct Dutch approach — was initially viewed with skepticism by other leaders and their cohorts in UBS’s wealth arm. Financial advisers were concerned that he would replace centuries of practiced behavior with a flashy app that would alienate and ultimately drive away cherished clients.

It’s not the first time Hamers has sought to shake up a business that was doing well. But at ING, he had to reboot a strategy two years later, with stricter targets and thousands of job cuts, when internal resistance slowed down execution.

And the speed at which ING built out its digital platforms left the bank vulnerable to money laundering, resulting in a record fine in 2018 for shortcomings in its checks. Hamers himself remains the subject of a probe by Dutch prosecutors into his role in ING’s past failures to police money laundering.

Hamers concedes the wealthiest customers still need highly personalized advice that no machine could ever replicate. In theory, the digital-first model is more varied and flexible and comes with the added benefit of a human fallback should the client demand a more personal touch. It will push UBS into a lower category of wealth– those with $250,000 to $2 million in assets– that it hasn’t previously targeted in a meaningful way.

Global Push

Pushing business through digital channels automatically chips away at margins. But UBS needs to act now while it has the funds to invest, Hamers said. Eventually, it could roll out the model in Europe and Asia, with some programs already being put in place this year.

“The reason it is so easy to disrupt in banking is that we don’t deal with physical goods,” Hamers said. “Music is digital. Money is digital. Everything that is an immaterial good can be disrupted through technology.”

It’s a message he’s taken great pains to get across. Hamers says the bank initially struck him as a hierarchical and divided when he first took over in late 2020. Units had few links to one another other than residing under the same roof, leaving the new CEO with a sense that he was running three separate banks, according to people familiar with his thinking.

An econometrician by training, Hamers has a keen eye for details and data, analyzing potential problems from every possible angle, according to people who have worked with him.

At UBS, his management style has also come across as unorthodox, the people say. If someone complains about a problem, he tells them to go fix it.

“People generally like to be told what to do,” Hamers said. “But my belief is, that most people know what to do.”

Can’t Wait

Hamers gave the executive team more oversight than just their own divisions. Rob Karofsky, the head of the investment bank, is now also co-head for the artificial-intelligence data team together with digital head Mike Dargan, while the leader of asset management, Suni Harford is also in charge of sustainability.

Hamers also abolished titles like group managing director, a crop of the most senior 100 or so employees across the bank. While they kept their elevated pay, they joined the ranks of ordinary managing directors. Mindful that his message might otherwise not filter through the sediments of management that remain, Hamers routinely appears in short, impromptu videos that he beams to all employees.

The CEO acknowledges that it will take time for his message to sink in. But at the same time, his patience isn’t endless because the disruptions are taking place now, and UBS can’t afford to sit them out.

“The shift to digital in wealth is literally happening now,” Hamers said. “Every client I have talked to over the last year and a half that I have been here says UBS has great products and the best advice, but oh man, you can really improve when it comes to digital.”

— By Marion Halftermeyer (Bloomberg Mercury)

While integrating payments into software apps will create a more seamless, unified experience for customers, software developers often make the same mistakes that don’t even pertain to the actual integration process. ISVs need to consider more than just the technical aspects of integration – they need to think about their ability to support emerging payment technology.

Nick Starai is chief strategy officer and co-founder of NMI, having worked in the payments and fintech industry for more than 20 years. NMI enables payments across e-commerce, mobile, retail and self-service channels, working with ISVs, ISOs and banks to provide them with the right tools to safely and securely process payments for their merchant customers and end-consumers. 

Here he shares his thoughts on the most common mistakes made by developers when integrating payments. 

Most of the mistakes we see software developers make when integrating payments often have nothing to do with software integration at all. In fact, most ISVs forget that the simplest solution is usually best.

For instance, ISVs often work with payments companies that specialise in a specific set of customers like SMBs, enterprises or businesses in particular verticals. While an effective tactic for attracting a niche audience, it limits ISVs from expanding to new markets and serving all types of customers – essentially inhibiting their business growth.

Additionally, software developers oftentimes still rely on legacy tech stacks and payment options to serve their merchant customers. Instead, ISVs should keep the big picture in mind by looking for new technologies and services that they can easily integrate into their existing tech stack. Keeping up with the latest payments technology is just as important as the most up-to-date software capabilities in order to serve merchants best and meet their evolving needs. Through this, developers can also ensure their solution is agile, adaptable and scalable for their merchant customers’ growing business and easily enable transactions at any stage in a business’ growth.

ISVs can help make the payments integration experience transparent and easy to understand for merchants by leaning on their software expertise. In the past, technology was the main driver of innovation in the payments space. However, since the pandemic, consumers have been the ones driving demand for new payment features and services, like contactless and mobile wallets.

That said, ISVs often find the most success in addressing these mistakes by partnering with one omnichannel payments platform that can easily plug into their existing software and provide the payments expertise that complements ISVs’ software expertise. This, as opposed to relying on multiple payment platforms, creates a more streamlined experience for merchants and their own customers.

As the payments space continues to grow and evolve, software developers need to make sure they are able to support the many new payment technologies available to better serve their customers. Today, merchants are looking for payments to be integrated with their current systems to support more seamless business functions. Because of their software expertise, ISVs know how to build out really great platforms to serve a multitude of their customers’ needs. However, because they’re not as familiar with the payments space, that’s where they usually face challenges, and they’ll look to payments experts to fill the gaps. That is why we are seeing a convergence of ISOs and ISVs driven by acquisitions and targeted hiring to try and combat this weakness. This helps ensure the merchant is getting a complete solution that is adaptable to both new payments technology and new and improved software.

The ideal ISV partner for merchants

For merchants, the ideal ISV partner is able to support a variety of transactions and payment types across channels. Customers today want the most convenient payment option and therefore, convenience is king for ISVs as well. Merchants are looking for ISVs that can support many different industries, from restaurants to retail. The ideal ISV partner can also integrate payments into its already existing tech stack, making the process more streamlined for merchants.

Additionally, payments-integrated ISVs are better able to monetise their payments volume, making them an even more complete solution for merchants. Merchants are seeking out ISVs who can provide a simple yet well-rounded solution, and payments are a big part of this. ISVs’ software expertise combined with the power of integrated payments helps them offer an easier to integrate solution creating a more seamless, unified experience for merchants and their customers. ᐧ

As the financial services workforce continues to adapt to remote working, this series will look at how remote engineering teams are able to navigate both innovation and regulation, while moving forwards towards greater change. Our panellists will discuss what a new, distributed workforce now looks like, alongside some of the pain points, including: siloed teams, difficulties in hiring top talent, and navigating when is the right time to hire.

In the first episode, moderated by Anthonio Pinheiro, Head of Delivery at Andela, is joined by Stuart Gregory, Chief Product Officer, Railsbank, to discuss how the company navigated remote working and the challenges that arise from a distributed team.

To watch the interview in full click here.

“Financial services has its own set of challenges,” said Gregory. “We have a very international team throughout the world, but if you think about financial services, they’re very local. For example, thinking about how banking works in Singapore, most people in the UK have absolutely no idea. You have all of these super-local payments systems that exist in each market. And our local teams all understand them.

“The bit where it gets quite challenging is when the global teams are needed to contribute, and the communication piece about the fact there’s so much context you need to understand about these local markets. And particularly when you can’t travel like we have been unable to in the pandemic, you’ve really got to work to get people to understand the context of each geography as payments services are so domestic and local. We’re trying to build a very global platform for people to come to the platform and pull services from all over the globe and pull them together in a consistent way.

Watch the video in full here.

Targets set by the Financial Sector Development Program (FSDP) in relation to the share electronic payments in retail have been surpassed by The Saudi Central Bank (SAMA) as it announced that the shares of total transactions had exceeded 57 per cent of total transactions conducted in 2021, two per cent more than the target.

The FSDP is one of the main programs of Saudi Vision 2030, a strategic framework established in 2016 to reduce Saudi Arabia’s dependence on oil, diversify its economy, and develop public service sectors.

On this occasion, His Excellency Fahad Almubarak, governor of the Saudi Central Bank, stated that SAMA, in line with the guidelines of the Kingdom’s wise leadership, is working on promoting electronic infrastructure, expanding electronic payment activities and accelerating the electronic transformation of transactions, remarking that this most recent achievement was driven by the Financial Sector Development Program and the implementation of the Bank’s strategic plans for the payments sector, primarily aiming to reduce dependency on cash, and increase the rate of electronic payments to 70 per cent by 2025. Almubarak also noted that joint efforts between the government and private sectors to increase payment choices and implement many payment digitisation initiatives together with private sector innovation and expansion initiatives as well as opening financial services to a new class of fintech stakeholders in the Kingdom, all played an instrumental role in making this achievement possible.

SAMA also noted that there were several jumps in the number and value of payments made through the National “mada” payment system during these past few years, as the number of transactions made through this system has exceeded 5.1 billion transactions during 2021 for a growth rate of 81 per cent compared to growth of 76 per cent recorded in 2020. SAMA also observed a sizable increase in the number of PoS terminal numbers and commercial sector coverage reaching more than a million PoS terminals were deployed by the end of 2021 compared to 721,000 terminals deployed by the end of 2020. Contactless Payments (NFC) methods also witnessed a tremendous increase in utilisation as they accounted for 95 per cent of all PoS transactions in 2021, alongside other electronic payment methods such as, eCommerce payments, “SADAD” system payments and the new Instant Money Transfer through “Sarie” system, and others.

Additionally, corporate payments in the business sector have marked a significant increase in electronic payments, with 84 per cent of the sector’s total payment transactions being electronic in 2021, compared to just 51 per cent in 2019, marking a 65 per cent increase in electronic payment share during these past two years. Results have also shown that major corporations rely on electronic payments to complete 99.6 per cent of their transactions, while the same metric stood at 78 per cent for SMEs transactions and 76 per cent for those of micro-enterprises.

SAMA stated that this achievement comes in support of the guidelines of the Kingdom’s leadership, which aim to promote the electronic transformation of the Saudi economy, positively redirecting consumers to adopt electronic payments to conduct their transactions, recognising its benefits in the facilitation of more convenient transactions, the reduction of the financial burden imposed on the national economy by cash payments, in addition to the reduction of operational costs imposed on most retail stores and shops, better record keeping and the increase of transparency in financial transactions.

Customers using the Financial Data Exchange (FDX) API more than doubled in 2021, rising to 28 million during fall 2021 from 12 million in fall 2020. FDX is a non-profit devoted to standardizing financial data sharing as U.S. financial institutions adopt open banking. The API supports open finance and open banking data sharing. In addition: […]

The Good Business Pays campaign, launched in May 2021 to encourage large companies to fast track their payments to small suppliers, has received support from one of the UK’s “Big Four” banks. NatWest Group, the banking and financial services organisation that serves 19 million UK customers, has become the first major bank to sign-up and aims to help small businesses capitalise on the £60billion of additional revenue and 460,000 extra jobs that could be generated if they were paid faster.

Alison Rose, Chief Executive at NatWest Group, said: “As the largest supporter of UK businesses, we understand the difference that prompt payment makes to businesses throughout the supply chain which is why we are supporting the Good Business Pays campaign. Throughout the pandemic, we have maintained immediate payment on goods and services receipts, which exceeds our commitment to the Government’s Prompt Payment Code.

“We are proud to have been awarded the Fast Payer Accreditation by Good Business Pays for 2021, and we will continue to meet this standard as a bank that is committed to helping SMEs thrive and achieve their potential.”

Research commissioned by Good Business Pays from the Centre for Economics and Business Research (CEBR) has shown that up to £60billion of additional revenue would be unlocked for small businesses if their large customers paid them on receipt of invoices, adding much needed capital to the nation’s economy as we continue to deal with the covid-19 pandemic and creating up to 460,000 extra jobs.

Terry Corby, Chair of the Good Business Pays campaign commented: “We are delighted to have the support of NatWest Group, a company that has long shown its commitment to the business sector. NatWest Group is also a great example of a large company that recognises and takes seriously its responsibility to pay small suppliers on time and quickly. It was one of the first major banks to receive the Good Business Pays Fast Payer Award in 2021.

“It’s really encouraging to see a major organisation continue to support the recovery and growth of small businesses in such a competitive environment. I look forward to working with NatWest Group, alongside our other supporting organisations, to bring an end to our culture of late payments. According to the latest data from the FSB, this is threatening to force almost half a million UK small businesses to close down.”

The Good Business Pays campaign aims to get businesses paying not just on time, but working towards payment when small fast. It is calling on other large businesses to join NatWest Group in signing up to show their support by adopting a set of pledges:

1. Complying with the Prompt Payment Code principles;
2. Exploring digital solutions that enable small supplier invoices to be paid when they need it;
3. Providing access to data that helps drive the fast invoice payment agenda for small businesses;
4. Making sure payment performance data is published as required by the ‘duty to report’ on large businesses;
5. Undertaking a quarterly review of feedback from suppliers on payment performance.

The Good Business Pays campaign is backed by the Federation of Small Businesses, the CBI, manufacturers group Make UK, the BCC, IoD and the Creative Industries Federation.

Following two years of uncertainty and consecutive lockdowns, 61 per cent of business leaders said that they are seeking business finance to expand and hire in 2022. Furthermore, 63 per cent revealed that they already have plans to look for equity investment in their business during 2022.

The polling was contained in a major new study by Capitalise, the UK founded platform that gives small businesses and their adviser transparency and control over their business finance all in one place.

The report, titled ‘Get Fit for Business‘, commissioned independent research company Censuswide to poll 500 UK-based small business decision-makers in December 2021.

The data revealed that 38 per cent of business leaders wanted to better understand their financial health, and 58 per cent need help understanding business finance. Also, 58 per cent are planning to engage with a business mentor in 2022.

Interestingly, the report revealed that three-quarters (75 per cent) of business leaders’ confidence has surged, after reflecting upon the way their business was able to adapt during the pandemic.

However, 75 per cent admitted that the last two years were incredibly stressful – but that they had hidden that stress from their team. Leaders clearly recognised the need to de-stress, however, with almost 73 per cent trying a stress-relieving activity such as yoga or meditation for the first time.

Furthermore, when asked about their health and wellbeing, 83 per cent agreed that they do their best work when they’ve had enough sleep and are eating and exercising well. But, 71 per cent said that working from home has left them feeling less physically fit.

As a result, the report also revealed that 78 per cent of business leaders have increased investment in the health and wellbeing of their team, knowing that this creates a happier and more productive workforce. Especially as 30 per cent said that keeping their team motivated was their biggest concern – this figure increased for healthcare, retail and transport sectors, which is understandable given the pressures placed on these industries during the pandemic.

But, despite some business leaders feeling burnt out (21 per cent), over three quarters (76 per cent) said that they are feeling optimistic about 2022.

Commenting on the research findings, Minister for Small Business, Paul Scully MP, said: “Small businesses, operating under difficult circumstances, have performed incredibly well during the past two years. I am pleased to see the biggest priority for small business leaders remains expansion and growth, crucial for jobs in local areas, and the economy.

“I am also encouraged to see more focus on staff wellbeing. This ensures a healthier and more productive workforce, who are the backbone of the British economy.”

Paul Surtees, CEO and Co-Founder of Capitalise adds: “The last few years have been tough for small businesses, as lockdowns and an ever-changing business environment has left business owners feeling exhausted. That’s why now, more than ever, business leaders need help, whether mentally, physically, or via external support such as from their accountant, a coach and a platform like Capitalise.

“Capitalise can help small businesses discover a healthier way to do business in 2022. We’ve got a complete programme of hard-hitting research, wellness videos and all the insights, support and tips you need to get financially, physically and mentally get fit for business.

“We’ll get business owners running the numbers and running around the block. They’ll be able to learn how their credit score impacts business growth and the impact a great night’s sleep can have on productivity. And, we’ll make finding funding feel a little easier.”

Derrick Evans MBE, the British fitness instructor and expert advisor for this report, explains: “Getting up and being active is the first step to a healthier lifestyle and positive mental outlook, but often that first step can be the hardest. Leaders of busy businesses are regularly strapped for time and energy, but even just standing up and sitting down every hour is enough to get your blood circulating. Sometimes a few minutes of deep breathing between meetings is all it takes to focus your thoughts.

“Just like how business leaders demonstrate care for their employees, and bravery in boardrooms, they need to start taking care of themselves. Business leaders: check in with your people but also check in with yourself. Pick up the phone just to ask someone how they’re doing and if they ask you the same question, be honest in your answer. Getting fit for business is a team sport.”

The findings from Onbe, a corporate disbursements platform, show nearly 75 per cent of consumers preferred to make and receive payments using digital methods, including direct deposit and digital payments from peer-to-peer (P2P) applications or mobile wallets instead of cash or paper checks.

In its 2022 Future of Payments Survey, which surveyed more than 1,000 US consumers on their payment preferences, Onbe sought to learn what consumers value most when making and receiving payments. The company wanted to find out what payment methods they’re most open to, which newer payment technologies they plan to try and which modalities they’ll start to use less.

“Americans are seeking more diverse payment options across the board,” said Bala Janakiraman, CEO of Onbe. “As the covid-19 pandemic continued through 2021, less people were using cash and turned to a range of digital payment options from P2P apps to mobile wallets and this trend will only increase in 2022. As consumers place an emphasis on speed, choice and convenience, it’s clear that more companies will adopt digital payment options over paper checks  cash and other traditional methods to meet consumer demands.”

Key 2022 Future of Payments Survey findings illustrate Americans’ payment habits in the current consumer landscape and how they will continue into the future:

• 74 per cent of consumers prefer to make payments using digital methods over traditional forms including cash or paper checks.
• 65 per cent of consumers believe digital payments are the most secure as opposed to other forms of payments, including money order, cash or check.
• Nearly one-third of respondents say they plan on using cash less frequently or not at all next year, while only eight per cent plan to use cash more.
• 37 per cent of respondents in the 18 – 24 age group say they plan to use cash and check payment methods less often or not at all in 2022.
• 46 per cent of all respondents own or plan to own cryptocurrencies within the next 12 months.
• 45 per cent of 35–44-year-olds use bitcoin/cryptocurrency compared to just 17 per cent of 45-64-year-olds.

The entire week JPMorgan, the biggest US bank, was all over the Greek news. This weekend it was mentioned countless times in Greek parliament by the prime minister and several other cabinet members, during the no-confidence vote initiated by the main opposition leader. Last Monday, JPMorgan announced that it agreed to acquire a 49% stake in the Greek fintech Viva Wallet. This was really big news for the company, its employees, and the entire local startup ecosystem because it turned Viva into the first Greek unicorn, valued close to $2 billion. In the last ten years the Greek startup scene has been picking up steam and 2021 was a record year for the country in terms of investment, with over half a billion euros in funding. JPMorgan’s investment in Viva is part of its overall strategy of tapping into fintech startups not just for investment, but for growing its business more directly. In 2021, JPMorgan Chase was on a buying spree, investing in more than 30 companies, both big and small, to secure its present and future leadership. JPMorgan Chase has announced that in 2022 it will spend more than $12 billion on technology. That’s some serious money coming into fintech.

Ilias Louis Hatzis is the founder and CEO at Kryptonio wallet. Please participate in our Crypto Wallet Survey, we could use your help. It’s seven simple multiple-choice questions about crypto wallets and you should be done in 60 seconds. The survey is completely anonymous.

When Andreessen wrote that software will eat the world, he was right. Eleven years later, software may control our physical and digital worlds, but every software platform depends on payments. From online marketplaces and streaming videos to cross-border money transfers, almost every digital activity relies on a payment system.

It should come as no surprise that while global economies contracted in 2020, fintech grew. In Europe alone, fintech apps adoption and usage jumped by 72%. In Africa, there are already at least six payments and fintech unicorns.

In 2021, global fintech investment set a record high, reaching $132 billion in 2021, an increase of 168% from 2020.

Payments are more than just a transaction
Historically, banking and payments have been separate, but the truth is that banking and payments are one and the same. Banks that can do both banking and payments will likely be most relevant in the new economy.

JPMorgan has been using its resources to beef up its presence in the payments ecosystem, through investments and partnerships over the last few years.

In 2015 it launched its own digital wallet, Chase Pay (shutdown in 2021). In May 2017 it co-led a $50 million investment in LevelUp, an order-and-pay-ahead app. It brought its peer-to-peer payments product, Chase Quick Pay, onto Early Warning Services’ Zelle network. It invested in Bill.com to allow its customers to send and receive electronic payments and invoices. It spent $400 million to acquire small business payments company WePay.

Last September JPMorgan acquired a majority stake in Volkswagen’s payments business, as it eyes a huge opportunity in the mobility ecosystem. JPMorgan plans to leverage Volkswagen’s payments capabilities across the automotive sector. By 2030, about 95% of new automobiles globally will be connected. Imagine that you’ll drive out of a parking lot and your car pays for the parking.

The Viva deal
Viva Wallet, founded in 2000, serves small and medium-sized businesses in 23 European countries. The company offers merchants services that include card acceptance through a point-of-sale app, bill pay, merchant cash advance, expense management, virtual debit card issuance. Viva Wallet also obtained a banking license in 2020, when it bought Praxia Bank, Greece’s first digital bank.

JPMorgan’s investment in Viva Wallet reaffirms the bank’s emphasis on speeding up its payment solutions, but more importantly, Viva gives JPMorgan an edge.

–  Viva Wallet has its own banking license as a result of the acquisition of Praxia Bank in August 2020 which allowed the company to offer lending and support merchants to improve their working capital. Viva’s banking license could be handy if JPMorgan decides to increase its stake.

– Viva Wallet gives JPMorgan a footprint in 23 European countries and allows it to take advantage of Viva’s local market expertise with merchant onboarding to expand its acquiring business and offer merchant credit.

– Viva’s roots are in technology, building payment technology for small businesses. Viva has built innovations, such as Tap-to-Phone, that can turn any mobile device into a terminal. Also, Viva recently acquired a 33.5% stake in N7 mobile, a software development company in Poland. In Viva, JPMorgan finds a partner with a solid background in building technologies.

In October, JPMorgan unveiled Chase Payment Solutions for SMBs, by combining Chase Merchant Services with WePay. In the US, JPMorgan Chase serves more than 4 million SMBs and in 2020 processed more than 27 billion transactions with a value of $1.4 trillion. The strategic investment in Viva Wallet will set the stage to develop future international products and services for European SMBs.

The world has gone digital and payments are the glue
The pandemic accelerated trends in digital behaviors across almost every industry. When you think about the rise of e-commerce last year, global e-commerce jumped to $26.7 trillion because of COVID-19. These trends are unlikely to change. During the pandemic, many folks were forced to use digital channels for the first time, For example, in 2020 about 40% of online grocery shoppers were first-time users. Two years later, those digital channels have become the norm for purchasing and consuming.

Fintech is the key to disrupting payments and JPMorgan knows. It has spent more on technology in two years (2018-2019) than the total investment in all European fintechs in 2019 and will it continue to invest big money to ensure it stays competitive and capitalize on the $450 billion opportunity for “wallets on wheels.”

Payments are the glue that will connect consumers and let them transact through connected devices that serve as wallets, like cars, homes, or wearable technology, across physical, digital, and virtual worlds.

Image Source

Subscribe by email to join the other Fintech leaders who read our research daily to stay ahead of the curve. Check out our advisory services (how we pay for this free original research.

On this weeks episode of News & Views, The Fintech Times Podcast team speak about the Omicron test email scams and how Covid has impacted Cybersecurity, Klarnas news card & the rise and fall of Challenger Banks.

As The Fintech Times is spotlighting countries that are taking part in the first-ever World’s Fair (Expo 2020 Dubai) in the Middle East and Africa (MEA) region, the following will now look in Asia at the tiny yet powerful global hub of Singapore.

While wandering around the impressive Expo 2020 Dubai site, one cannot stop and not notice the impressive green-friendly Singapore Pavilion. As with many of the other bespoke design pavilions, Singapore’s is definitely one that impresses.

The Singapore Pavilion at Expo 2020 Dubai is very green for a reason, as walking around it showcases its intention of having that as the forefront, thereby visitors appreciate the benefits and possibilities of integrating nature within our urban environments. Layered with a showcase of greenery, digital solutions and art, the Pavilion exemplifies Singapore’s vision of becoming a City in Nature, and ethos of sustainable development via innovative and impactful urban solutions.

Commenting about the Singapore Pavillion, Yap Lay Bee, Deputy Commissioner-General of the Singapore Pavilion and Group Director, Architecture & Urban Design Group at the Urban Redevelopment Authority (URA) said: “The Singapore Pavilion demonstrates the potential to push the envelope to integrate nature, architecture and technology through various design strategies and digital elements.”

Bee further says: “We wish to invite visitors to contemplate their relationship with nature as they explore the Pavilion’s green, digital ecosystem and its artistic representation of the Pavilion’s integrated system of greenery, water and energy management. In doing so, visitors will be able to appreciate the challenges in realising the Singapore Pavilion, and the ways we can co-exist with our natural and built environment, where both people and ecologies are cared for.”

This is the fourth time the country of Singapore has participated in a World’s Fair – (previous ones were 2005, 2010 and 2000) – a testament to its strong position and importance in the wider global economy. By taking a step back at its past one can understand its present and also its future aspirations.

From a Trading Post to an Economic Powerhouse

Located in the Southeast Asia region and strategically placed geographically, the tiny island nation has been an important hub for trade. This included its importance as a trading and logistics hub during the British Empire. After leaving Malaysia it became an independent nation in 1965. Since the 1960s its impressive growth categorised it as one of the “Four Asian Tigers” – alongside Hong Kong SAR, South Korea and Taiwan. All four places experienced massive growth that was led through its rapid industrialisation and pro-business mentality, specifically around international trade and foreign direct investment (FDI) policies that overall helped its economic development and diversification strategy and implementation.

The attraction of not only FDI, wider international trade activities has brought upon it its own homegrown innovation. Much of Singapore’s own success has been the government’s prioritisation on education and empowering its citizens to have a high quality of life. This is reflective of the vision of the country’s leaders and aspirations, in particular under the leadership of former Prime Minister Lee Kuan Yew, who was PM from 1959-1990.

The country had little choice but to open up, due mainly to the fact it has little natural resources nor space for that matter. Its forward-thinking and innovation has not only elevated the quality of life for its citizens, where Singapore enjoys a very high gross domestic product (GDP) per capita at nearly $60,000 in 2020 according to the World Bank, but also been a magnet attracting talent across all skillsets from around the world.

Financial Service, Fintech and Wider Digital Will Further Empower Singapore

There is without a doubt that Singapore has earned its place on a global stage and its various sectors that positioned itself to be so – from transportation and logistics to tourism and also financial services – was all thanks to the ambitions it had back it was still a developing economy. With regards to financial services, for example, Singapore’s banking sector alone according to the Monetary Authority of Singapore (MAS) is worth around £2trillion.

With respect to fintech, as shown on MAS’s website, it highlights that “The financial sector is an integral part of Singapore’s ambition to be a smart nation. Find out how MAS is creating a Smart Financial Centre through FinTech and innovation,” showing that the central bank is priortising the likes of fintech and innovation to further retain and grow the country’s financial sector and wider economic development. In addition, nearly half (40 per cent) of Southeast Asia’s total fintechs are said to be based in Singapore, housing over 100 incubators, over 40 innovation labs and over 150 venture capitalist investors.

As a whole, there are over 1,000 fintech firms estimated to be in Singapore. As quoted on MAS’s website, according to Ravi Menon, the Managing Director of MAS: “Singapore’s fintech journey is about innovation, inclusion and inspiration. Everything we do in FinTech must always have a larger purpose – to improve the lives of individuals, to build a more dynamic economy, to promote a more inclusive society.”

Many around the world often use Singapore and the likes of the UK, in particular London, as best practice and lessons learned with respect to much of the evolution of fintech. In one key area this has been with regulatory sandboxes. In Singapore, the Fintech Regulatory Sandbox was launched by MAS in 2016. In addition, in 2019 MAS launched Sandbox Express, which is a sandbox with a fast-track approval of 21 days that compliments the main sandbox.

To note, Singapore is home to one, and some might argue the most influential, fintech event – Singapore Fintech Festival. The 2021 edition laid claim to the title of the world’s largest fintech event featured more than 350 sessions, over 700 speakers, over 260 exhibitors, and 14 international pavilions, with another 60,000 streaming the event ‘live’.

Much of the world’s leading and recognised fintechs were developed and/or based in Singapore. The long list includes the likes of Nium, Bybit, Thunes, Aspire, Bambu – to name a few. Many of them are now not only catering to its local markets but across the rest of Asia and even beyond such as in Europe, The Middle East and Africa, and the Americas.

What Can 2022 and Beyond Bring to Singapore?

2022 could be an interesting year for Singapore and fintech. First, more cross-border payment collaborations can occur such as MAS and the Reserve Bank of India announcing plans last year to link Singapore’s PayNow and India’s Unified Payments Interface (UPI) real-time payment systems by July this year.

Also, potentially neobanks could grow, which generally hasn’t been as prominent say in the UK where in Singapore for instance the legislation around them has been strict. However, awarding licences in recent memory of the consortium of Grab and Singaporean telecom Singtel as well as Singaporean tech giant Sea can potentially set the stage for a neobank spotlight in the island nation.

Finally, with regards to open banking, which has been another topic of interest for much of the world in the fintech space, can also see other developments in Singapore. The country, unlike in other parts of the world in particular the UK which has been more legislative and mandate driven, has appeared to been a balance between market demand and legislative. For instance, this has been with MAS publishing the Financial World: Finance-As-A Service API Playbook in collaboration with the Association of Banks in Singapore (ABS). Like much of the world, Singapore’s open banking journey still has much to go and 2022 and beyond can possibly see more developments. For instance, the launch of the Singapore Financial Data Exchange (SGFinDex) at the end of 2020 was the first public-private open banking collaboration in the world and more of these innovative approaches can be seen coming out of the country.

Despite the challenges of the pandemic, an easing of restrictions in Singapore and strong manufacturing helped propel its gross domestic product (GDP) to grow at over seven per cent last year, which has been the highest since 2010.

Heading back to Dubai and Singapore’s participation at the first-ever world’s fair in the MEA region, one still looks at the growth and vision of Singapore to continue to innovate. According to Chief Executive Officer of the URA Lim Eng Hwee: “The Singapore Pavilion is centred on our country’s guiding ethos of sustainable growth where we can have both economic growth and a high-quality living environment. Through the presentation at Expo 2020 Dubai, we hope to celebrate Singapore’s spirit of ingenuity and creativity by profiling Singapore’s innovative urban solutions, design and capabilities through programmes and activities that will take place throughout the six-month Expo.”

The question is not if but when will be the latest innovation that will come out of Singapore – whether it be in fintech, tech as a whole or other aspects that will impact not only its own economy but the global one.

Rolands Mesters, co-founder and CEO of Nordigen, weighs in on the secure methods of obtaining financial data and why screen scraping is a major cybersecurity risk.

This year, we celebrate the 4th anniversary of open banking. Over the last few years open banking has revolutionised the financial industry, bringing users more control over their finances, creating opportunities for new, enhanced services and products with open data sharing, and adding layers of security to customer bank information. In Europe, regulated and secure bank connections can only be achieved through real bank APIs. PSD2 regulations required banks to standardise their APIs in order to provide secure and private access to financial data.

Despite the clear benefits of open banking, another way of obtaining financial data – screen scraping – is still being used and promoted today. The practice has been gathering criticism from experts, highlighting potential worrying use cases, as well as the risk it poses for data breaches. It has been referred to by regulators as being “unsecure, inefficient, unregulated, and an unreliable method of data sharing,” according to their findings.

When it comes to financial data sharing, security is paramount, and screen scraping simply cannot deliver the degree of safety and stability required for this type of data transmission. Furthermore, its continued use can lead to virtual disasters due to the risk of data breaches that could harm the whole industry.

While open banking uses secure methods, such as APIs, to safely share customers’ financial data with third-party services with their consent, screen scraping resorts to simply obtaining bank login credentials from customers. Naturally, sharing valuable credentials makes users vulnerable, with the security of their financial information being reliant on the security practices of the third party.

Since data is stored in plain text, the trust level has to be high as the risk level is high as well, with numerous usernames and passwords stored in plain text on simple servers, making the data vulnerable to hacker attacks. Data breach examples from recent history have shown that the escalating hacker activity is bound to hit the most vulnerable technology, making screen scraping a ticking time bomb.

The rise of screen scraping

Screen scraping has evolved over many years and can be used within a range of fields, both ethical and unethical. The practice isn’t specific to finance, however it became widely used because of the value and functionality that can be obtained through online banking data. One of the reasons this practice became so prominent was due to the lack of legitimate banking APIs years ago.

Developers used the tools at their disposal to create financial technology programs and applications, and generated as much as possible with what they had. While the fintech industry grew and evolved due to their efforts, nowadays, with the rise of open banking, developers can continue to develop and create with the use of a more secure innovation.

These days screen scraping is still used as a workaround or as a means to allow open banking connectivity, more often in countries that have no open banking regulation.

Risk to cybersecurity & user experience

While screen scraping can be used for lending and budgeting applications, data aggregation, client monitoring, and to translate data from a legacy application into a modern one, it can also be used to steal data. Screen scraping has no fixed standards, and each third-party provider has its own approaches to and levels of security, which are not regulated. A user signing up to a screen scraping service has no true way of verifying whether their chosen platform is protecting their data to the highest degree.

Data connection through screen scraping to the bank is unreliable seeing as the practice is more of a “hack”, rather than a fully operational practice. Screen scraping relies on the bank platform that it is connecting with to remain unchanged. If the platform changes, even slightly, the service may experience trouble connecting and re-establishing the link, resulting in an inconsistent experience for the end-user.

Additionally, some screen scraping platforms deliberately mislead their customers, by mimicking established bank institutions through the use of similar logos, colour schemes and trademark designs, to confuse customers into believing they are imputing their login credentials into their online bank platform. Clients will input their data, without even realising their mistake. On top of that, these solutions can also be used by data thieves as a validation point for checking stolen credentials.

How to stay safe in the digital world

For regulated and secure bank connections the only safe option is open banking through the use of real bank APIs. In Europe, PSD2 regulations mandated that banks develop their APIs to facilitate access to financial information in a way that guarantees security and privacy. Security efforts are backed by features such as Consent Management and Strong Customer Authentication (SCA) that are set in place for identity verification, data protection and to ensure that the customer’s information is never shared without their knowledge or consent. Most banks also have established anti-fraud systems set in place, which act as an additional level of security when connecting.

When using real bank APIs, third-party financial service providers can only access user bank accounts if they can demonstrate necessary data security standards, which means that when using a service provided by a licensed Account Information Service Provider (AISP), the customer can be confident that their data security procedures have been approved by a regulator. There is no need to share valuable login credentials with any legitimate third-party service provider and these institutions will never see this information.

While screen scraping helped the fintech market develop in its early years, nowadays there is no need to continue the practice as it is unsecure, unregulated and lacks the necessary quality of user experience. Open banking has elevated the process of financial data sharing, making it quicker, more secure and more reliable. Now that open banking is growing and developing around the world, it is time to stop lauding screen scraping as the “unofficial standard” for bank connections, instead putting data security at the forefront.

Mastercard has expanded Mastercard Installments, its unique and innovative Buy Now, Pay Later (BNPL) program that delivers greater choice at checkout, both in-store and online, to consumers in the United Arab Emirates (UAE) and Saudi Arabia.

The BNPL program will meet growing consumer demand for flexible, digital-first payment options, and support the region’s e-commerce ecosystem through a new program focused on providing consumers choice.

Mastercard Installments – set to go live later this year – uses the power of the company’s trusted network to make BNPL available to millions of consumers and merchants worldwide. It enables banks, lenders, fintech companies, and wallets to offer a variety of flexible instalment options to consumers, including a zero percent interest, pay-in-four model. Implementation is handled by Mastercard and the acquirer with no lift to the merchant to offer this new payment choice, and no disruption to the existing customer experience.

Mastercard is working with leading partners representing a significant market share in the region including Abu Dhabi Commercial Bank (ADBC), Network International, and National Bank of Ras Al Khaimah (RAKBANK) in the UAE and Saudi National Bank (SNB) in Saudi Arabia. It is committed to supporting customers across the region to offer the Mastercard Installments program, with plans to scale to additional markets in the future. The solution sits alongside a number of bespoke BNPL go-to-market models that Mastercard is developing with its digital partners across a variety of sectors including mobility, retail, and marketplaces.

Mastercard Installments enables consumers to digitally access BNPL offers, either pre-approved through their lender’s mobile banking app or through instant approval during checkout. Consumers will have full transparency on lender practices up-front during the approval process, and unlike most current BNPL offerings, consumers will continue to benefit from zero liability fraud protection, the ability to challenge unrecognised charges, and the peace of mind that comes with Mastercard’s acceptance footprint.

“Above everything, consumers today demand flexibility and choice. With Mastercard Installments, we want to give people the choice to pay how, when and where they want. This most recent product innovation builds on the trust between businesses and their customers with Buy Now, Pay Later options benefitting everyone in the ecosystem. As Mastercard continues to design solutions for an evolving digital economy, we see BNPL becoming a standard for shopping, and we look forward to implementing this offering in the UAE and Saudi Arabia later this year,” said Khalid Elgibali, Division President for Middle East and North Africa, Mastercard.

Key benefits of Mastercard Installments include:

Consumers: The Mastercard Installments program enables consumers to choose how and when they pay for items from a brand they can trust. Consumers enjoy a seamless experience before and after checkout through options to access BNPL offers, or secure an offer at the time of checkout, from trusted lenders for use at a variety of merchants interest-free. As consumer protection is paramount at Mastercard, Mastercard Installments provides ubiquitous acceptance backed by zero liability fraud protection, not yet available through most current BNPL offerings.

Merchants & Acquiring Banks: The Mastercard Installments program helps merchants scale BNPL offerings to consumers to turn convenience into a competitive advantage. BNPL solutions have been shown to increase average sales by 45% and reduce cart abandonment by 35% post-implementation*. Mastercard Installments provides seamless merchant integration with a streamlined process for millions of merchants who already accept Mastercard. Meanwhile, acquiring banks can offer instalments capabilities to their entire merchant base with minimal, simple integration.

Lenders: Through the Mastercard Installments program, lenders can offer a flexible, seamless BNPL experience to both existing and new customers, expanding their lending opportunities in one of the fastest-growing consumer segments. Mastercard Installments provides an expedited time to market and global expansion opportunities with a responsible lending approach.

Wallets and BNPL players: Digital wallets and BNPL players can extend their offering to merchants beyond their existing footprint. Mastercard Installments is embedded in the core Mastercard network, which means there is no longer a need for wallets and BNPL players to build direct settlement arrangements with merchants or acquirers. BNPL providers can also supplement their existing networks with additional merchant acceptance.

Fintech founders face a fundamental quandary: How do you innovate and move fast in a highly regulated industry like financial services? For much of the first decade of fintech, there was an impression among founders that either you could move fast or you could be compliant but you could not do both. Given the temperament of most startup founders, when faced with that choice, the answer was clear: move fast and deal with compliance further down the road. 

Justin Howell is the co-founder and CEO of Rize a fintech infrastructure platform that provides fintechs and non-financial companies access to all of the tools they need to efficiently build, launch, and scale new financial products and services via one API. Prior to founding Rize, Howell divided his time between the startup and finance worlds. He started his career in strategy consulting at Bain & Company before moving into private equity at Bain Capital and then managing the illiquid investment portfolio for Perry Capital.

On the startup side, he has served as the VP of Corporate Development for Soleil Securities, an early fintech startup backed by Bessemer Ventures and Bain Capital Ventures. He was also the co-founder of TripUp, a social network focused on frequent travelers, which was sold to SideStep.com. 

Howell spoke to The Fintech Times about his experience dealing with compliance and shared advice on what he believed startups should be doing:

Fintech startups are eager to get ahead of the pack with their innovations in order to secure the funding and marketability before anyone else in their niche space, but looking before you leap is critical when it comes to compliance. With any new technology in the financial services space comes new regulations and regulators are keeping a watchful eye on the fintech space especially for those who may be lacking in the compliance aspect of their business. Regulators are also stepping up their game and making it increasingly clear that the ‘move fast and break things’ mentality of Silicon Valley will not cut it going forward, as evidenced by their increasing willingness to bring enforcement actions against fintechs and the regulated institutions they work with. For example: 

• Ripple, a global payment solution platform, was fined $700,000 for a failure to register with FinCEN and for failure to maintain a sufficient anti-money laundering program within their platform. 
• Recently, Robinhood was given $70million in penalties by the Financial Industry Regulatory Authority for a number of supervisory failures in critical elements of its business. 
• Consumer Financial Protection Bureau this month announced that it halted LendUp from creating new loans and collecting on existing outstanding loans due to a violation of an agency order, and in the process, specifically called out some of LendUp’s venture capital backers

As the importance of compliance continues to increase in the fintech sector, here are some lessons that we have learned at Rize about how to approach compliance as fintech startup based on our experience over the last five years, first as consumer-facing fintech and now as a “fintech-as-a-service” infrastructure platform that serves other fintech builders around their core infrastructure needs (including compliance).

Don’t: Be afraid of compliance.  

Compliance isn’t a mystery and it’s not the bogeyman, it is simply a set of rules that need to be followed. They may be complicated and confusing and written in an era that never even contemplated the internet, but they are still just rules that can be broken down, digested, and incorporated into code or business processes. Don’t be afraid of them, instead; 

Do: Embrace compliance as a source of strength and competitive differentiation

As a fintech founder, instead of thinking about compliance as a constant thorn in your side that is holding you back, try reframing it as a complicated design constraint that if incorporated correctly can actually be a big source of differentiation. Compliance is one of those things that is much easier to deal with if you take the time and effort to get right up front and weave it into the fabric of your product so that they can scale together, as opposed to having to shoehorn it in after the fact. And actually having good compliance and controls in place can save you an immense amount of money by keeping bad actors out of the system and minimising fraud. Go slow to move fast.

Do: Learn the basics and then get expert help

Most fintech founders understandably want to spend all their time on product, but you will do yourself a big favour if you learn the basics about what laws and regulations apply to your product. The various laws and regulations and regulators themselves can vary widely depending on which financial vertical you operate in. You don’t have to become a lawyer and understand every little nuance, but if you understand the broad brush strokes then you are in a much better position to bring in the right experts who can help you craft a compliance program that is appropriate for your product and to fill in all the details. 

Don’t: Take generic compliance materials off the shelf. 

One of the keys to doing compliance correctly as an early-stage startup is to do what the law says you need to do, but not more than that. Treading that line correctly requires that you customise things like policies and procedures manuals to your actual product. If you grab something generic off-the-shelf to simply check a box, you may end up with a document containing a lot of stuff that actually isn’t relevant to your product. But when the regulators come knocking, they won’t have much sympathy. They’ll point to that document and say, ‘Relevant or not, show us that you’ve followed all these policies and procedures to the letter.’ 

Do: Embrace uncertainty.

The reality is that a lot of the laws and regulations that govern financial services are hopelessly out of date, and while it would be nice to have clean bright lines about what you can and can’t do in your particular vertical, the very fact that you are innovating often means you will be operating in a grey area where the regulators simply haven’t caught up to the technology. But be careful not to cut corners here. Instead, consult the right experts, understand the risks involved and mitigate them as much as possible, and then make a business judgment that you could argue straight-faced directly to a regulator

Don’t: Ignore the importance of choosing good infrastructure providers. 

Fortunately, one way to help navigate these issues is to look at organisations providing fintech as a service (FaaS) as the launching point for your new fintech venture. From neobanks to embedded finance options for existing financial institutions, partnering with a FaaS platform to launch your new financial tech venture is a much safer and more efficient way to break into the space. There are platforms that offer the building blocks to many different fintech avenues such as checking, brokerage, and enterprise accounts, without the hassle of having to hire a whole team of compliance specialists to build your platform from scratch. By eliminating the need to reinvent the wheel, companies can spin up their fintech service in under 30 minutes now which may have in the past taken 18-24 months. 

Do: Keep your customer in mind. 

As I said before, compliance is a complicated design constraint, and it’s important, but don’t let it drive the bus. You are the keeper of the product vision, you alone know what your customers want and how best to serve them with an amazing new product. Serving your customers in a compliant fashion may cause you to rethink things a few times, but if you always keep your customers’ needs as your true north, you can find a way to meet your compliance requirements without sacrificing their user experience. 

We have a ways to go, but compliance is getting easier to handle

As an industry, we have to make it easier to be compliant, we have to completely remove that tradeoff between moving quickly and being compliant. We’re getting there – more and more compliance capabilities are getting built directly into the infrastructure – but for now, as a fintech builder, embrace your role as the first line of compliance defense. The regulators, your investors, and ultimately your customers will thank you.  

Throughout the entire month of January, The Fintech Times will be exploring every dimension of one of the industry’s most pressing topics: cybersecurity.

With passwords forming the primary line of defence between personal, sensitive data and cybercriminals, they remain steadfast in the fight against fraud. However, is their future uncertain? We asked several industry experts to get their thoughts on the future of password security.

Consumer vs Business

Michael Crompton, Founder & CEO of Forghetti, said:

They continued: “While it may be easier to use the same password across multiple accounts, it also plays into the hands of hackers who only need to gain access to one in order to infiltrate every account.

“Researchers have displayed, that good security is found in the length of a password and using a password of 12 characters will make a substantial impact on your accounts security, rather than opting for the typically recommended 6-character versions with the use of a special one. The method we’d recommend would be the use of full sentences, including spaces. For more advanced password security, incorporation of foreign characters in passwords should be strongly considered, as this is usually overlooked by hackers.

“The future of password security should involve widespread adoption of longer passwords and diversification of passwords used across accounts. With password managers now widely available, the difficulty of remembering more complex passwords is no longer a concern for most users. Although it should be noted, that with many more organisations and online platforms such as online banking now implementing two-factor authentication as industry standard to increase protection, the reliance on a single password is lessening.”

The Effects of Remote Working

Caroline Wong, Chief Strategy Officer at the cybersecurity company Cobalt believes the continuation of remote working will see even more emphasis on password security and best practices in organisations.

“The pandemic led to a remote work culture most organisations were not prepared for in terms of security and technology,” she said. “Companies of all shapes and sizes were forced to step up their cybersecurity game to manage the increased risk of insecure home Wi-Fi, employees using their personal devices for work activities, and insecure password management on said devices and remote access accounts.

“Password vulnerabilities are a critical issue. According to GoodFirms, a whopping 30% of IT professionals reported password leaks and security breaches due to poor password practices and weak password setups. To address this growing concern, I’ve seen more and more companies encourage the use of strong, unique passwords, which are the first line of defense against cybercriminals breaking into online accounts and stealing data.

“It’s imperative that organisations and individuals store passwords in a way that prevents them from being obtained by an attacker – even if the application or database is compromised. Password managers provide a secure place to store passwords and easy access to them. I expect the use of password managers will become even more prevalent in 2022.

“In 2022, we will also see the increased utilisation of Multi-Factor Authentication (MFA). By requiring one or more additional verification factors, MFA enables organisations to decrease the likelihood of a successful cyber attack.

“Also, I anticipate an increase in cybersecurity awareness training and programming at both the SMB and enterprise levels. Cybersecurity training ensures your best wall of defense – your teams – know the basic password do’s and don’ts.”

Password fatigue

Craig Lurey, CTO and co-founder of Keeper Security, a password manager, believes “password fatigue” could be a real issue.

He said: “The immediate future of password security is going to be a larger shift towards tech that automates password security protocols on its own.

“Password fatigue is real – everyone is sick of creating a new, strong, unique password. And then having to remember it. We’re going to see a movement to password management software that takes the burden of password creation and memorisation off of consumers.

“We’re also going to see more widespread adoption of two factor authentication (2FA). Most of the top players already have this as an option, but it may become mandatory for websites seeking to avoid large scale data breaches as cybercrime rises. 2FA will also become mandatory internally for many businesses, both big and small, as employees shift permanently to remote or hybrid work.

“Also, with this shift to permanent remote or hybrid work, smaller businesses will begin adopting password management systems for all team members. Employees are often using both personal and work devices, which can lead to cross-contamination of personal and professional passwords, creating opportunities for cybercriminals to infiltrate the entire organisation’s system.”

The end of passwords altogether

The CEO of authID.ai, Tom Thimot, believes the future of password security is “one without passwords altogether.”

“The term “password security” implies that passwords can be truly secure, but the staggering, rising rates of successful password phishing and spraying tell another story. Given widespread password reuse, conventional user-generated passwords can no longer sufficiently protect against the many highly skilled cybercriminal networks. As such, organisations of all sizes and industries should reject passwords as a critical part of digital security. Facial biometrics – the use of one’s physical attributes to verify identity – is the modern alternative for which the market has been yearning,” he said.

“Also called “facial mapping”, facial biometrics is already well on its way to overtake vulnerable, legacy security tools like one-time passwords and knowledge-based authentication (think, your mother’s maiden name or the make of your first car). Biometrics simplifies a person’s facial topography into an encrypted, anonymised mathematical code, securing the assets or account being accessed while protecting the user from nefarious digital tracking. This technology addresses passwords’ fatal flaw: There’s no need to remember anything and, when combined with liveness AI, can’t be easily spoofed by bad actors.

“Already, tech behemoths and U.S. federal agencies have deployed facial biometrics to better secure their platforms. We’re also seeing considerable interest across industries: In our 2021 Fintech Security Report, a market survey we conducted with top fintech and banking leaders, we found that 75 percent of executives are somewhat or highly concerned about the risks associated with legacy identity protection options. Seventy percent are also likely to consider facial biometric identity authentication as an alternative during the next year. We at authID.ai see that the future of password security is already here. And the market couldn’t be more excited to wave goodbye to passwords altogether.”

Elad Sherf, Global Head of Defence at Performanta, agrees with this, saying:

“The future of password security is, frankly, that they will cease to exist. We’re heading into a ‘password-less’ future, with organisations and websites seeking other ways to identify you going forward.

“The revolution of readily available biometrics with our phones now able to scan our faces or fingerprints will change the way password security works entirely. This is a huge trend that will continue in 2022 and beyond, and it makes perfect sense.

“Put in a real-world scenario, password security seems so weak. Imagine the vaults of Fort Knox unlocking after someone says or types in ‘the magic word.’ It’s so rudimentary that it seems almost crazy how an inordinate amount of data is relying on being kept hidden behind this basic level of security.

“Biometrics is one way password security is set to change, but with artificial intelligence now stronger than we’ve ever seen it before and advancing rapidly, we could see a whole new league of security developing in the coming years.

“We’re getting to a stage where a system will soon be able to simply recognise you. It will do so by identifying the user behaviour and associating it with you just being you, smartly tracking your words, activity and everything you do with the system you’re using.

“From a cybersecurity perspective, this is far safer than a rudimentary password, and certainly needed in the current climate with attacks rising exponentially year on year.

“One of the key benefits of a password-less future is that we move beyond two (username & password) or three (including MFA) pieces of information to identify a user, moving to posture and telemetry based authentication method will allow us to provide far more granular levels of security access depending on these. This is ideal in a world where zero-trust is quickly, and rightly, moving to the forefront of security managers ‘to do’ list for the year. Granting a user access to certain systems based on posture information is ideal – for example you can check email on your phone, but only log into your finance system on your work provided laptop.

“The question remains though as the best way to start to implement this to your organisation.”

However, James Bore, Director, Bores Consultancy disagrees with this entirely.

He concludes: “There’s a lot of talk about passwordless, smart cards, dongles, tokens, and similar, and there might be something in that. However I don’t believe the password is going anywhere fast – the concept has been with us for millennia and while it has serious flaws to paraphrase a certain politician, “passwords are the worst form of authentication, except for all the others that have been tried”.

InterSystems, a creative data technology provider dedicated to helping customers solve scalability, interoperability, and speed problems, has found that 81 per cent of global fintechs cite data issues as the biggest technical challenge they face. These struggles are split between leveraging data for analytics, machine learning, and artificial intelligence (41 per cent) and connecting to customers’ applications and data / legacy systems (40 per cent).

Security was also found to be a significant challenge for 40 per cent of respondents, followed by cloud support / multi-cloud deployment and administration (39 per cent).

The survey of over 500 senior decision-makers at fintechs across 12 countries, including the UK and Ireland, North and South America, and Australia and Southeast Asia, found that cloud tops the list for over half (51 per cent) of respondents adopting new technologies in the next 12 months. This is followed closely by plans to invest in data management technology (48 per cent), artificial intelligence (AI) and machine learning (ML) (45 per cent) and data fabric technology (42 per cent).

“While the majority of fintechs currently face significant data challenges, it’s encouraging to see many of them are looking to implement data management technologies like data fabrics to overcome them”, said Mike Hom, Head of Financial Services Solutions, InterSystems. This is an important step for both established and emerging fintechs, as getting their data in order will ensure any new data-related initiatives they undertake, such as implementing AI or ML, prove effective and worthwhile. By picking the right data management solutions, fintechs can also gain access to those more advanced technologies and analytics capabilities that are so desirable.”

The levels of investment into these technologies do differ in relation to the maturity of the organisation, with the more established fintechs focusing more on data management (49 per cent), cloud (54 per cent) and data fabric initiatives (44 per cent). Meanwhile, those fintechs whose offerings are still in the early adoption phase are more likely to prioritise investments in AI and ML (51 per cent). This indicates that more established organisations are focused on overcoming the data issues they are facing before considering implementing new technologies like AI/ML, which rely on data.

These investments are being driven by a number of different initiatives:

• 55 per cent said customer demand / improve competitiveness
• 52 per cent want to improve scalability and reliability
• 48 per cent are hoping to increase agility
• 47 per cent want to enable better integration with customers and third parties

Rabih Ramadi, Head of Financial Services and Insurance at Unqork, an enterprise-grade no-code platform, commented, “Investing and integrating with the next-generation data management technologies such as InterSystems is a top priority for us to ensure that our applications offer vital bidirectional, real-time data integration with our customers’ legacy systems. With such capabilities, data is no longer seen as a challenge but rather a critical differentiator empowering our customers to innovate faster to meet their business goals.”

However, it was found that a number of fintechs still face barriers to implementing new technology, with a lack of flexibility within their current environment to integrate new technology (54 per cent) and a lack of internal expertise / skills (51 per cent) cited as the largest.

Looking at their offering, 39 per cent of fintechs surveyed offer a cloud-based managed service available in multiple public clouds and almost a quarter (23 per cent) offer a hybrid application.

This prevalence of cloud is despite 39 per cent of respondents previously saying cloud support is one of their top technical challenges. This is a problem felt across the board from start-ups to established players, which could point to issues such as vendor lock-in, lack of real-time cloud availability and a shortage of expertise in security, cost-management, data-locality and integration of services.

“While the complexity of cloud and its costs are major challenges for fintechs, especially as they grow, if they take the right approach to cloud deployments, these organisations can reap significant rewards and deliver those back to their end customers,” added Hom. “Boosting training and knowledge, along with building their offerings on cloud-first solutions that avoid vendor lock-in and which can be implemented within a hybrid environment will allow fintechs to increase agility, scalability, and security and ensure that their solutions appeal to a wider customer base.”

65 per cent of banks globally say Open APIs that enable access to a broad range of fintechs and consolidation of different payment types are the key drivers behind their plans to modernise payments systems, according to a new ACI Worldwide report.

The report ‘Defining and Building the Next Generation Payment Hub‘ was produced in collaboration with Edgar, Dunn and Company (EDC).

“Financial institutions are keener than ever to connect to the new opportunities provided by the widening catalogue of fintechs,” commented Mark Beresford, Director of EDC. “By having Open APIs, the connectivity between historic financial institutions and new players dramatically improves. And, in a world where both quantity and quality of alternative payment methods is rising exponentially, it is no surprise to see that banks are trying to simplify their approach to these offerings.”

Key findings of the report include:

• A third of financial institutions now generate over half of their income via payment processing, with 86 per cent of large banks generating more than 30 per cent of their revenues through this channel.
• 48 per cent said current legacy systems no longer meet business or customer needs and are not flexible enough to keep up with the pace of change coming from the modern payments world.
• Over half said they experience a siloed approach to support different payments processes and systems within their institution.

To meet the challenges of modernising their payments infrastructure – be it connecting to new vendors, consolidating different payment types, or processing large volumes of payments quickly and efficiently – an increasing number of banks are looking to invest in a modern payment hub. This offering combats each challenge in a cohesive and centralised way that is easy to manage for a financial institution.

• Over 90 per cent of financial institutions view payment hubs as pivotal in tackling unseen payments-related challenges.
• 40 per cent said their bank already has a payment hub solution.
• 45 per cent of financial institutions that do not currently have a payments hub today say they are likely to implement one in the next five years.
• 77 per cent said ‘faster and smoother adoption of new payment methods’ would be the key feature required from a payments hub solution.

“Overall, the outlook for the payment hub is very promising. With rising revenue dependencies on payments, the need for a solid payment infrastructure has never been greater,” commented Dean Wallace, head of consumer payments modernisation, ACI Worldwide. “Once seen as expensive and an ‘easier said than done’ enhancement, new technological efficiencies and the pressure on financial institutions to compete in a radically new environment have changed that view. Payment hubs are now viewed as a vital solution to relieve the pressure from many of today’s challenges and to prepare banks to successfully compete in the future.”

A new fintech partnership in India has emerged to provide MSMEs in the region with a new, superior technology framework. Hitachi Payment Services, India’s foremost enabler of both cash and digital payments and Indipaisa, a member of the Nexxo Network, an international network of Fintech companies operating in the Middle East, Asia and Europe, are now working together to help India’s 63 million MSMEs take charge of their business finances.

With its future-ready, digital payment capabilities, Hitachi Payment Services will provide a superior technology framework for the new Fintech platform for India’s MSMEs.

In partnership with Hitachi Payment Services, Indipaisa will offer a range of payment solutions to match the specific needs of Indian MSME owners and operators, to help them grow their businesses, comply with government tax laws, and build a better future for themselves and their families.

Anuj Khosla, CEO – Digital Business of Hitachi Payment Services said, “As one of India’s leading solution providers to the digital payments ecosystem, we have seen the ecosystem positively evolve in the last few years and are happy to associate with Indipaisa for the new fintech platform. Our technological know-how, centralised infrastructure and expansive network will further help in democratising digital payments, thereby providing an impetus towards financial inclusion for the marginalised MSMEs.”

Aizaz Tahsildar, CEO of Indipaisa said, “Indipaisa is very proud and honoured to work with Hitachi Payment Services to help Indian small businesses align with India’s digital drive for a cashless society.” Tahsildar added, “We plan to offer high-quality digital platform for fintech services at affordable prices for Indian MSME market; which is simple, easy and fast to manage by the owners and operators of MSME. Having innovative leaders with deep payment domain knowledge in fintech gives us a strong competitive advantage to successfully execute our plans in India.”

Nebil Ben Aissa, Chairman of Indipaisa said, “We are very excited to invest in India and offer our financial services to empower Indian small business owners and operators and help them build a better future for their businesses and their families. Our experience in servicing Indian small business owners and operators in the Middle East and other markets gives us confidence that our solutions will deliver value and gain traction in India”.