What Does Data Security Mean for Fintech Companies in 2023?

June 8, 2023 | min

Digital transformation is key to growth - perhaps now more than ever, as tech develops at ever faster rates, and businesses generate, source, and store larger amounts of data.

Companies using fintech and dedicated fintech companies continue to grow, building wider digital networks and expanding their databases. But with this growth come risks, known as ‘sprawl’. Having data in multiple locations, systems and networks and no single view can open up the risk of a ransomware attack.

In this article, we’ll explore what fintech is, how it’s growing, and how businesses can adopt the right security measures to protect both themselves and their customers.

What Is Fintech?

Investopedia defines fintech as ‘new technology that seeks to improve and automate the delivery and use of financial services’. The term is broad, then, and covers everything from back-end systems to customer-facing user interfaces and headline-grabbing technologies like cryptocurrency. Business banking, online payments, and more are all included under the broader heading of fintech. 

Technology allows established companies to upgrade their services and improve their offerings to customers. It presents significant opportunities to improve efficiency, transparency, and more. But the rise of fintech also creates novel risks for cyber and data security for a wide range of companies, in sectors from private finance to online shopping and even public education.

The growth of fintech

The wealth of data on the growth of fintech is striking. According to the European University Institute’s digital economy data portal Statista:

  • The number of fintech startups in the Europe, Middle East, and Africa (EMEA) region alone increased by 160% between 2018 and 2021
  • Half of that growth occurred in 2020 alone 
  • Global fintech investment value reached an all-time high in 2021

What Are Some Examples of Fintech Companies?

The quick look at examples of successful fintech companies reveals a mix of new-on-the-scene disruptors and household names in sectors such as retail banking and trading.

Major names include: 

  • Klarna
  • Wise
  • Robinhood
  • Coinbase
  • Revolut
  • Anyfin
  • Monzo
  • Starling
  • Wise
  • Curve

Meanwhile, major traditional financial institutions such as Visa, Mastercard, and others are leaning on fintech in significant ways, and increasingly find themselves listed among the biggest actors in the fintech space. 

The State of Financial Crime in 2023

Of course, the rise of fintech companies has also created opportunities for criminals. Fintech gives companies access to huge amounts of data that allow them to better understand, predict, and respond to customer needs. But that same data is a tantalising prize for would-be hackers. And the adverse global economic situation has only provided unscrupulous actors with more incentives to seize those opportunities. 

The lingering effects of the Covid-19 pandemic, the ongoing Russia-Ukraine conflict, and growing tensions between the United States and China have whipped up severe headwinds in the global economy.

In response, central banks around the world have hiked interest rates to levels not seen for decades. Dealmaking has slowed in both public and private markets, and businesses across the range of sectors have struggled to scale their activities. 

Times are tough. And in tough times, the relative importance of competitive advantage only increases. It is more crucial than ever for businesses to understand and harness new technologies. Solutions such as cloud computing allow companies to access low-cost data storage and sharing, and enable fintechs to provide sophisticated experiences to a far broader base of clients than they were previously able to. 

But cloud technology cannot function without cloud security. And the same holds true for other technologies. It is no surprise, then, that financial institutions and fintechs consistently rank cyber crime among their biggest concerns for 2023 and beyond. And these concerns are well founded. 

According to Sophos’s report on ‘The State of Ransomware in Financial Services 2022’, for example, 55% of organisations surveyed were hit with ransomware attacks in 2021 alone - up 21 percentage points on the 34% reported in 2020, for a total increase of nearly 62%. If you are concerned about the security of your cloud architecture, our helpful explainer is a handy resource to better understand what you can do to practise good data protection. 

Data Security Trends in Fintech

Proper, robust data security measures are a necessity for fintech companies. Here, we survey some of the key threats on the horizon for fintechs in 2023. 

RaaS, HaaS, and AaaS

Software-as-a-service (SaaS) is an acronym that has become ubiquitous in recent years. But RaaS, HaaS, and AaaS are somewhat less well known. 

Here’s what each of them means: 

  • RaaS: ransomware-as-a-service
  • HaaS: hackers-as-a-service
  • AaaS: access-as-a-service

Similar to SaaS, RaaS, HaaS, and AaaS mean that bad actors can bypass the need for dedicated in-house ransomware, hacking, and access. Instead, they can draw on dedicated providers. 

As the mere existence of the acronyms suggests, availability and use of each of these ‘services’ has increased significantly. And this has lowered the bar for cyber criminals. Gone are the days of the lone wolf tapping away at their keyboard. Now, those who seek to exploit data security weaknesses can draw on elaborate setups to attack businesses with things like ransomware.

Artificial intelligence and machine learning

AI (artificial intelligence) is a well-known acronym. Indeed, in the age of ChatGPT, it can seem difficult to escape. ML, or machine learning, is perhaps marginally less familiar. But it is nonetheless crucial to understanding the evolving data security landscape that fintech companies must navigate. 

Drawing on ML, AI is ever more able to analyse gargantuan quantities of data to identify patterns and point out potential instances of fraud. 

Fintechs in particular can use AI and ML to do things such as: 

  • Improve financial decision making to feed into recommendations for clients
  • Detect fraud
  • Support customers
  • Make financial forecasts

Above all, AI and ML provide boons to speed and scale. Human analysts could perform many of the same functions in terms of things like risk assessment and fraud detection. But AI can do so around the clock, constantly updating, with data sets too vast for even the most competent human worker to assess.

Blockchain technology

Investopedia defines a blockchain as ‘a distributed database or ledger shared among a computer network’s nodes’. The term is most often used in the context of cryptocurrency. But the benefits of the technology extend far beyond Bitcoin. Blockchains allow for the creation and maintenance of immutable chains of data: ones that cannot be altered without leaving a record. This means that users can create data trails that can be independently verified. 

This provides two key benefits: 

  • Transparency: all users can see how and when the data was altered
  • Efficiency: no user needs to consult any external authority to check the legitimacy of the data 

Zero-Trust Architecture (ZTA)

Finally, fintechs and other companies can increasingly turn to zero-trust architecture (ZTA). ZTA models can be distinguished from more traditional cyber security models in that they rely on ‘constant verification’. In traditional systems, users are granted access after entering just one password. They are ‘trusted’. ZTA, by contrast, requires recurrent verification. The benefits to businesses, in fintech and other sectors, are clear. ZTA makes it easier to contain cyber security breaches - and harder for bad actors to do catastrophic damage. 

Technological advancements and the growth of fintech produce significant opportunities - both to businesses looking to grow and to customers seeking to improve their lives. But the increasing adoption of new technologies also requires that fintech companies pay great attention to developing transparent and airtight security measures. 

If you would like to learn more about ransomware vulnerabilities in particular, please see this webinar from our CISO Sebastian Goodwin.

The Nutanix blog series is intended to educate and inform anyone looking to expand their knowledge of cloud infrastructure and related topics. This series focuses on key topics, issues, and technologies around enterprise cloud, cloud security, infrastructure migration, virtualization, Kubernetes, etc. For information on specific Nutanix products and features, visit here.