You may think cash has come to an end, or maybe you’re on the other side of the fence, where cash is king. However, a balance is to be struck. Below WeSwap CEO Jared Jesner explains why travellers will also need cash, despite a predominantly digital economy.

Trailing closely behind Sweden and Canada, the United Kingdom is the world’s third most cashless society. According to UK Finance, cash will be used for a mere 21% of all payments by 2026. Increasingly, countries around the world are making definite moves towards a futuristic economy based on fully digital transactions for goods and services, with cash often portrayed as obsolete. In Sweden, 80% of all transactions are made by cards via the mobile payment app, Swish.

According to a report in Reuters citing the Bank for International Settlements, the study found that the use of cash is actually rising in both developed and emerging markets. “Some of the breathless commentary gives the impression that cash in the form of traditional notes and coins is going out of fashion fast,” said Hyun Song Shin, BIS economic adviser and head of research “despite all the technological improvements in payments in recent years, the use of good old-fashioned cash is still rising in most, though not all, advanced and emerging market economies.” Furthermore, the Bank for International Settlements found that in recent years, the amount of cash in circulation has increased to 9% of GDP in 2016 from 7% of GDP back in 2000. That said, the same study stated that debit and credit card payments represented 25% of GDP in 2016, up from 13% in 2000.

Cash’s resiliency comes at a time when the odds are seemingly stacked against its historically ubiquitous presence, with the critical mass of consumers owning more credit and debit cards today than ever before, using them for smaller transactions than in years past. Moreover, thanks to new technologies, consumers are able to use contactless payments via their mobile devices to pay for things in record numbers. These now societal norms have led to predictions that cash is dying as the world moves to digital payments. WeSwap asserts this prediction as flawed.

Jared Jesner, CEO of WeSwap, founded his company on the notion that cash remains indispensable across the majority of countries around the world: travelers will inevitably need to access hard currency beyond UK borders, and the method with which to do so, should be fair and transparent. As the key driver of a uniquely positioned digital banking revolution sweeping the nation, Jesner demystifies the notion that cash is moving closer towards extinction, instead recognizing its unwavering importance to society in 2018.

In just three years since launching its core product, WeSwap has rapidly risen to become the world’s largest peer-to-peer currency conversion platform, also enabling users to buy-back excess currency and receive cash delivered straight to their door. Its promise to streamline the travel budgeting process, empowers tourists and business travelers to make the most of their money abroad, with users loading funds onto the WeSwap card and swapping currency directly with each other at the interbank rate with no hidden fees. The service is unique and currently used by over 400,000 UK travelers, all of which appreciate and use the notes in their wallets, coins in their purses and contactless pings of their MasterCards.

CEO of WeSwap Jared Jesner states: “Our nation loves to travel and although we are moving closer towards becoming a cashless society within our own borders, when we go abroad this all changes.”

Jesner is optimistic about the enormous potential to change the landscape of payments, having founded WeSwap to make currency exchange cheap and fair for ordinary people: “I’m incredulous to the fact that we still 'buy' money when we should just be swapping with each other.”

With Futurologists long predicting cash will one day become obsolete, contextualised by the advent of blockchain technology, mobile money and similar innovations, a transition towards a more cashless society is inevitable, but not to the extent where notes are no-more. For all the convenience that digital payments offer, many remain reluctant to fully part with their notes and coins. WeSwap believes that an emotive and security-based connection – similar to our attachment with photographs, films, books and other things of tangible value – secure the role of hard-currency in our lives, inevitably.

Iwoca has found that female applicants are 18% more likely to repay small business loans on time than their male counterparts. Women-led small businesses make up an estimated 20% of iwoca’s customers and it has supported an estimated 2,400 women business owners in the UK with almost £50 million in lending since its launch in 2012.

iwoca uncovered the data in response to a study by the Federation of Small Businesses (FSB), which found that a quarter of female small business owners cite the ability to access traditional funding channels as a key challenge, with many relying on alternative sources, such as crowdfunding, personal cash and credit, for growth.

While this technology-driven risk platform draws on thousands of data points to make credit decisions, gender is not included. iwoca’s data scientists were able to calculate gender-based statistics on loan repayment rates by checking customer application forms for self-identified female titles and then comparing the approximate default rates for both cohorts.

Christoph Rieche, Co-founder and CEO of iwoca, said: “More can be done to narrow the entrepreneurial gender gap in the UK. Making it easier for women to access business funding would go a long way to achieving that. Sadly, the reality is that banks are withdrawing critical finance from across the entire small business sector and unless the Government takes action to encourage greater competition that will allow alternative providers to fill the hole, women will continue to be at a greater disadvantage from an unfair system, regardless of their higher propensity to repay on time.”

(Source: iwoca)

The financial services industry has changed significantly over the past years, and technology has been at the heart of that change. Heightened competition and rapid progress in disruptive technologies have brought about a paradigm shift in the banking experience which has accelerated in 2018.

Banks that don't invest in technology risk falling behind, as new regulation continues to level the playing field with new innovative players. Last year, many of the banks appealed to the CMA for an extension for the Open Banking initiative[1][1]. A number of banks are reaching the end of their extension period which obliges them to give banking customers more control over their financial data by allowing them to share it with challenger banks and FinTech firms.

The introduction of the open banking initiative across Europe opens the floodgates to competition - as PSD2 balances the scales between banks and digital players, banks are directing resources towards digitally transforming their operations and services.

Lloyds Banking Group recently launched a £3bn investment in a three-year strategy to strengthen its digital capabilities. It aims to slash costs to less than £8bn by 2020 and transform the banking experience for their end-customers.[2][2] The bank is driving capital towards technology and its staff to compete against mounting pressure from other traditional banks, challenger banks and FinTechs.^[3][3]

Talent and human capital provide the best value and return on investment for banks looking to diversify their digital offerings. Investment in talent and digital skills goes hand-in-hand with investment in technology solutions to help banks become more fluid and responsive to changing customer behaviours.

In a world where everything is accessible at the click of a button, customer expectations need to be matched by the experiences created by banks. Earlier this year, USB found that online banking has overtaken visiting branches for the first time. The study found 52% of all consumer transactions are now done online, making it the primary method of banking.[4][4]

Bank branches are expensive with most retail bank branches costing banks between 40-60 % of total operating costs.^[5][5] The cost savings from a reduced number of branches can be redirected towards investments into creating digital banking experiences that accommodate evolving customer habits.

With introduction of new financial technologies, the way in which people manage their money has shifted dramatically. However, the current potential of the UK financial services industry is restricted by the lack of tech and digital talent available. Firms are spending record amounts, with 85% of business executives allocating up to a quarter of their total budget to digital transformation in 2018.[6][6]

Digital Transformation goes beyond moving traditional banking to a digital world. A digital strategy is no longer limited to the IT department. In the current business environment, it transcends every aspect of a business and drives long-term success. In order to digitally transform, banks need to adopt a digital mindset. This means fostering a culture of innovation. It’s about going beyond the hype of digital trends and the latest buzz words and identifying the business impact on operations and service delivery.

Most banks still run on core systems installed in the 1970s and 1980s.[7][7] These enterprise structure are made up of a patchwork of systems with limited functionality for the current digital landscape. Fintech and challenger banks are not hindered by these systems, and have the agility to keep pace with customer expectations, which means banks are turning their attention to their business critical function and how they can re-engineer it to become more flexible.

Smart banks are taking advantage of cloud-based systems to enable staff to better communicate and interact with customers across multiple channels to accommodate all customers.

Banks definitely need to push forward with their digital strategy, but they must do so wisely, supported by a reliable digital partner. Technology is beginning to encompass all aspects of bank operations. Working with a single-source supplier that integrates digital into the DNA of the bank – from the talent to the technology solutions – is key to adopting a digital mind-set, which will support a bank’s digital transformation journey end-to-end.

[1][1] http://www.cityam.com/277814/five-uk-banks-given-open-banking-deadline-extension-cma

[2][2] https://www.fnlondon.com/articles/lloyds-puts-digital-banking-at-heart-of-three-year-strategy-20180221

[3][3] http://www.bbc.co.uk/news/business-43138764

[4][4] https://www.telegraph.co.uk/business/2018/01/10/digital-banking-overtakes-branch-use-may-fuel-closures-warns/

[5][5] http://www.economist.com/node/21554746

[6][6] http://www.digitaljournal.com/tech-and-science/technology/59-of-businesses-find-their-digital-transformation-falls-flat/article/504386

[7][7] https://www.euromoney.com/article/b143rj4dz3cd92/technology-investments-drive-up-banks-costs

There's no doubt that these are strange times in the digital age. Whilst the advent of technological innovation has made it easier than ever for individuals to access products and launch businesses, for example, stagnant economic growth and global, geopolitical tumult has prevented some from maximising the opportunities at their disposal.

Make no mistake; however, the so-called “Internet of Value” has the potential to change this and create a genuine equilibrium in the financial and economic space. In this article, we'll explore this concept in further detail and ask how this will impact on consumers and businesses alike.

tellhco.com

So what is the internet of value and how will it change things?

In simple terms, the Internet of Value refers to an online space in which individuals can instantly transfer value between each other, negating the need for middleman and eliminating all third-party costs. In theory, anything that holds monetary or social value can be transferred between parties, including currency, property shares and even a vote in an election.

From a technical perspective, the Internet of Value is underpinned by blockchain, which is the evolutionary technology that currently supports digital currency. This technology has already disrupted businesses in the financial services and entertainment sectors, while it is now evolving to impact on industries such as real estate and e-commerce.

What impact will the Internet of Value on the markets that its disrupts?

In short, it will create a more even playing field between brands, consumers and financial lenders, as even high value transactions will no longer have to pass through costly, third-party intermediaries to secure validation. This is because blockchain serves as a transparent and decentralised ledger, which is not managed by a single authority and accessible to all.

This allows for instant transactions of value, while it also negates the impact of third-party and intermediary costs.

What will this mean for customers and businesses?

From a consumer perspective, the Internet of Value represents the next iteration of the digital age and has the potential to minimise the power of banks, financial lenders and large corporations. In the financial services sector, the Internet of value will build on the foundations laid in the wake of the great recession, when accessible, short-term lenders filled the financing void that was left after banks choose to tighten their criteria.

Businesses and service providers will most likely view the Internet of Value in a different light, however, as this evolution provides significant challenges in terms of optimising profit margins and retaining their existing market share. After all, it's fair to surmise that some service providers (think of brokers, for example) would become increasingly irrelevant in the age of blockchain, while intermediaries that did survive would need to seek out new revenue streams.

The precise impact of the Internet of Value has yet to be seen, of course, but there's no doubt that this evolution will shake up numerous industries and marketplaces in the longer-term.

Netflix, Spotify, Airbnb and Uber are regularly cited as examples of major disruptors. However, there are many more examples on the horizon. Electric and driverless cars will soon disrupt many industries including automobile manufacturing, rental, leasing and motor insurance markets, while the growing popularity of robo-advisors already threatens the existence of traditional financial advisors. For most large companies today, it is a question of when, rather than if, digital will upend their business. Jonathan Wyatt, Managing Director and Global Head of Protiviti Digital, talks to Finance Monthly about the future and direction of management consultancy worldwide.

Management consultancies tend to thrive during periods of rapid and significant change. Many consultancies flourished in the years following the financial crisis as financial institutions struggled to comply with new regulations and needed advice on dealing with more intense regulatory scrutiny. A decade on, the global landscape is facing a more pressing strategic challenge: to innovate and develop solutions that meet consumer and business demands for efficiency, convenience and ease-of-use. The top strategic risk identified by Protiviti’s Executive Perspectives on Top Risks for 2018,[1] is the rapid speed of disruptive innovations and/or new technologies that may outpace an organisation’s ability to compete and/or manage the risk appropriately unless it makes significant changes to its business model.

Tellingly, the second risk highlighted by survey respondents relates to the overall resistance to change within the organisation. Respondents were concerned that their organisation might not be able to adjust core operations in time to make the necessary changes to the business model to keep the company competitive. Even when executives are aware of the disruptive potential of emerging technologies, it is often difficult for them to envision the nature and extent of change, and have the decisiveness to act on that vision. Management consultants are, therefore, positioning their businesses in terms of expertise and skillset to meet the demand from companies looking to conquer those internal and external digital challenges.

To date, the digital experience of many companies has been focused on the digital “veneer” as organisations look to launch and grow digital channels. This is often restricted to customer-facing products, such as websites, apps and payments channels. Often, they have not made the same progress with the digital transformation of their internal processes, even when this has a direct impact on these digital channels. For example, in the mortgage market customers can apply online for a mortgage in minutes. At many of the established banks, the digital mortgage application remains analogue, with traditional credit review and approval processes that take many weeks to complete. Surprisingly, these traditional processes often include regular communication by post rather than embracing digital signatures.

Organisations are gradually realising that core digitalisation, as well as a cultural change to embrace the digital mind-set, is necessary to compete on the new digital stage. To achieve this, some organisations must advance beyond the use of legacy technologies and systems, and they can sometimes be averse to implementing new policies and ways of working. Consultancy firms advise these organisations on modernising their security policies and demonstrating the advantages of using the advanced technology tools that are now available. This will help with the execution of certain cyber-security and digital projects and the development of proof-of-concepts, thereby improving an organisation’s overall security profile.”

Misunderstanding regulations is often given as an excuse for not innovating. Organisations think the new regulations are more complex than they really are and that by innovating/changing their systems, there is a greater chance of falling out of compliance. But digital leaders are more flexible; they look for solutions rather than excuses and are embracing advanced technology to their advantage.

The advancing tide of demand for digital services will fuel current and future business for consultancy firms. Consultancies are ramping up their expertise and skillsets to provide advice on digital strategies and change management programmes as well as implementing core digitalisation projects. Although there will be no shortage of consulting work, the move to a more digital focus will impact the traditional consulting business and pricing models. As a result, the management consultancy industry is not immune to the wave of disruptive change.

To succeed in the digital race, legacy firms need to put digital at the heart of their business, which encompasses a cultural change to think digitally first. Consultancies should challenge their teams and clients to change their mind-set, put digitalisation at the forefront of all projects and think like a technology company – using technologies such as robotic process automation, machine learning and artificial intelligence to drive efficiencies for the company and consumers. Consultancies also need to be at the forefront in digital thinking to ensure they offer the brightest talent, expertise and experience to help their clients embrace the digital challenge and face the future with confidence.

[1] Executive Perspectives on Top Risks for 2018, Protiviti and North Carolina State University’s ERM Initiative, December 2017, available at www.protiviti.com/toprisks.

Like the digitisation of all things, challenges will be faced and there are benefits to reap, but often such progress doesn’t take place because the correlation between the two isn’t a positive or favourable one. Below Gemma Young, CEO and Co-Founder of Settled, discusses with Finance Monthly the future of digital in the property sector.

Property is our most important asset class, it's also our most emotional asset. Therefore, getting our home sale or purchase right is not just a big deal for consumers, it's a big deal for the wider UK economy.

Unlike other industries (travel, music, taxi services to name but a few), the real estate model has clung to its traditional roots. Even with the advent of “online” estate agents now in existence for the majority of this past decade, the industry has been slow to adopt the opportunities a digital revolution presents. It’s therefore unsurprising that we're still seeing the same issues; typical property transactions take over 3 months with 1 in 3 transactions breaking. This drives consumer losses in excess of £250m each year.

Looking forward, is 2018 going to be the year for true transformation? Will ‘proper’ property technology companies make a dent in the things that matter?

What drives transformation?

Technology

The emergence of truly disruptive technologies including artificial intelligence, virtual reality, blockchain and drones all hold their potential disruptive keys to a more progressive future. Not only are technologies proliferating, consumers also have easy access to them from their smartphones.

Empowered individuals

Tech-enabled consumers search for greater transparency, more control and ultimately more progressive solutions to age-old problems. Their quests for modern, digital solutions provide exciting opportunities for change.

Investment

2017 saw the most significant investment in ‘proper’ proptech to date, with a new and forward-focused collective attracting financial backing from VCs and traditional property players.

Regulation

Central and regulatory initiatives represent a particularly exciting shift. The latest Government call for evidence “Improving the home buying and selling process” and the HM Land Registry’s Digital Street scheme look towards a future where technology (including blockchain) will make the transfer of property ownership much more fluid. Such initiatives shine a light on the underlying problems apparent in the UK property market and signal a commitment to a more open and less guarded future.

How does this future look?

As we see this convergence in consumer, regulatory and technology worlds, this more futuristic property market is well within reach. So who wins? The opportunity to embrace and adopt new technology is open to all, however, historically, traditional incumbents have been slow to move in many sectors. They, therefore, get left behind or quite simply, left out. We don’t have to look far to see examples; Blockbuster and HMV are businesses which didn’t, in time, connect to the opportunities of the next generation. As a result, nimble and forward-focused entrants Netflix and Spotify won the respective leading positions in the new world. Much like in the movie and music sectors, forward-focused businesses tend to win in other worlds.

Settled.co.uk is one example of a real estate business that is connecting across these converging elements at quite a unique time in real estate history. Settled’s unique technology has significantly increased the likelihood of completing on a home and has cut the time it takes to sell and buy in half. It presents the hope that, in the future, its technology will enable people to buy and sell properties in moments, not months. This is the kind transformation this sector needs.

As you likely already know, China’s e-commerce sector is the biggest in the world right now. Below Finance Monthly speaks to Ronnie D’Arienzo, Chief Sales Officer, PPRO Group, who lists some ways we can all learn from China’s excellent performance in this sphere.

A few weeks back China’s 1.3 billion population celebrated Chinese New Year and the start of the Year of the Dog. The celebrations lasted for sixteen days, starting on New Year’s Eve (15th Feb) to the Lantern Festival on March 2nd. Preparation for the New Year celebrations is known as a ‘shopping boom time’. Many transactions will be completed this week in preparation for the two weeks of celebrations. Interestingly, the majority of these transactions will be completed using local payment methods, specifically e-wallets such as WeChat Pay and Alipay.

The Chinese e-commerce market is booming; research from PPRO Group found the market is worth a staggering $865 billion with growth rates higher than - the total UK e-commerce market. So how can UK businesses take advantage from China’s healthy ecommerce market? PPRO Group has pulled together seven considerations for UK retailers, when looking to attract the attention of the Chinese consumer.

1. Each year, Chinese e-commerce grows by more than the total amount of the entire UK e-commerce market

In 2018, Chinese e-commerce will grow by $233.5 billion. That’s $30 billion more than the total value of all goods bought online in the UK.

2. Chinese online shoppers spend $208 billion a year using credit cards which UK retailers don’t accept

96% of Chinese credit cards are issued by local schemes and only 4% of all online transactions in China are made using international credit cards, such as Mastercard and Visa. If retailers don’t support local schemes, they’re cut out of a $200 billion market.

3. Don’t miss out on $650 billion of online spend using alternative payment methods

Every year, Chinese consumers buy $650 billion worth of goods using local bank transfer apps, e-wallets, cash-on-delivery services and other locally preferred payment methods.

4. Every year, Chinese online shoppers spend over $100 billion just on clothes

Fashion is the most popular item for Chinese online shoppers. Each year, Chinese online clothing sales are worth more than the entire UK fashion industry.

5. One Chinese e-wallet has more users than there are people in the EU

The Chinese e-wallet WeChat Pay has 980 million users compared to 500 million people in the whole of the EU. In 2017 alone, WeChat Pay was used by Chinese consumers at an average rate of 1 million transactions per minute.

6. M-commerce in China is worth $173 billion

Every year, the Chinese spend almost $200 billion from their mobile phones. And with China spending $400 billion on 5G, the number of mobile users is set to rocket in the coming years.

7. 40% of all global e-commerce sales are made in China

The Chinese share of all global retail sales is around 30%, but for e-commerce sales, it’s 40%. And that number will grow as more people come online.

Want to sell to the world? Start with China.

Cashless payments and the plight of cash in society has been something of a subject over the past few years, but a conversation many aren’t having is that of financial exclusion; something that has happened in the past is likely set to happen again. Below Jack Ehlers, Director of Payments Partnerships at PPRO Group, delves into the details.

In 2016, according to a report just published by the European Central Bank (ECB), EU citizens made €123 billion worth of what the ECB calls ‘peer-to-peer’ cash payments. That’s just another way of describing the money grandparents tuck inside birthday cards, donations to charity, payments to street vendors and the hundreds of other small cash transactions people make all the time.

But even as cash remains central to the economy, cashless payment methods become more common with each year. The use of e-wallets such as Apple Pay and Samsung Pay is predicted to double to more than 16 million users by 2020. Overwhelmingly, the rise of the cashless society is a good thing. It promises greater convenience, lower risk, and improvements in the state’s ability to clamp down on practices such as tax avoidance and money laundering.

But what about those micro-payments? And even more importantly, what happens to the estimated 40 million Europeans who are outside the banking mainstream? These are the EU’s most vulnerable citizens and they have little or no access to digital payment methods.

If we don’t plan properly, the transition to a largely cashless future could see the re-emergence of financial exclusion, which we thought had been vanquished. In Western societies. Ajay Banga, CEO of Mastercard, has talked of the danger that in the future we’ll see “islands” of the unbanked develop, in which those shut out of the now almost entirely digitised economy are left able to trade only with each other.

But are we really going cashless any time soon?

The ECB report quoted above, also found that cash is still used in almost 79% of transactions. So, do we really need to worry about what will happen when we finally ditch notes for digital payments? Yes and no.

Even though contact payments are on the rise, the demand for cash is also growing. A recent study found that the value of euro banknotes in circulation has increased by 4.9% over the last five years. Given the historically low rate of inflation over the past few years, this would seem to be largely due to a cultural preference for cash. Low interest rates could also be encouraging Europeans to spend rather than save. But whatever the reason, cash isn’t going away soon.

But that doesn’t mean we can relax. Some markets are already much closer to going cashless than the European average would suggest. In Sweden, consumers already pay for 80% of transactions using something other than cash. In the Netherlands, that figure is 55%, in Finland 46% and in Belgium 37% [1]. Today, Britons use digital payments in 60% of all transactions. By 2027, that number is expected to rise to 79%. Already, 33% of UK citizens rarely, if ever, use cash.

Unless we take this challenge seriously, we risk stumbling into a situation in which the majority in these countries use cash-free payments most of the time, even if they still use cash in minor transactions. In such cases, there is the danger of many shops and services no longer accepting cash, leaving those who still rely on it stuck in the economic slow lane.

For most people, cashless payments can offer easier and faster payments, greater security, and improved access to a wider range of goods and services. But to maximise the benefits and reduce the downside, including those for strong personal privacy, we need to start thinking now about how we can manage the transition in a way that minimises the risk of financial exclusion for already marginal groups in society.

Charities and mobile payments show the way

The rise of digital payments does not have to mean the growth of financial exclusion. It is possible to create an affordable payments-infrastructure for small traders, churches, and charity shops — and, even more importantly, for economically marginal consumers.

In the UK, charities are leading the way. After noticing that donations were tailing off, the NSPCC and Oxfam sent out one hundred volunteers with contactless point-of-sale devices, instead of charity collection tins. The rate of donations trebled. The success of the NSPCC trial shows that it is possible to roll out the supporting infrastructure for cashless payments even to individual charity collectors on the street.

But that’s only half the story. While charities and shops — even small independent retailers — may be able to afford and install point-of-sale systems to accept micro-payments, normal citizens cannot. Here, mobile payments may be the answer.

The example of the Kenyan M-Pesa, a system which allows payments to be made via SMS, shows that it is possible to create an accessible, widely available and used mobile payment system that does not rely on the consumer owning an expensive, latest-model smartphone. Already, 17.6 million Kenyans use M-Pesa to make payments of anything from $1 to almost $500 in a single transaction.

An inclusive cashless future—in which mobile e-wallets and other contactless forms of payment dominate—is possible. But it won’t happen by itself. As an industry and a society, we need to plan and work towards it: starting today. The stakes for many businesses and some of the most vulnerable people in our society couldn’t be higher.

Sources: 

The use of cash by households in the euro area, Henk Esselink, November 2017, Lola Hernández, European Central Bank
FinTech: mobile wallet POS payment users in the United Kingdom (UK) from 2014 to 2020, by age group, Statista.com.
Close to 40 million EU citizens outside banking mainstream, 5 April 2016, World Savings and Retail Banking Institute​
Insights into the future of cash, Speech given by Victoria Cleland, Chief Cashier and Director of Notes, Bank of England, 13 June 2017.
Why Europe still needs cash, 28 April 2017, Yves Mersch, European Central Bank.
Europe’s disappearing cash: Emptying the tills, 11 August 2016, The Economist
UK Payment Markets 2017, Payments UK.
The Global State of Financial Inclusion, 5 March 2015, Pymnts.com

You may have seen the headlines just a few weeks back: Intel computer processors at risk form hackers. The computer technology firm owned up to some serious flaws in their systems and began to implement patches. Below Rusty Carter, VP of Product at Arxan Technologies, explains the ordeal and touches on the detail of the vulnerabilities, from CPUs to mobile banking.

Earlier this year the appearance of two vulnerabilities, Meltdown and Spectre, which affected a significant proportion of the world computer processors, hit the headlines and gained serious attention across the security and application industries.

The critical vulnerabilities that were recently found in Intel and other Central Processing Units (CPU) represent a significant security risk. Because the flaw is so low level, the usual protections that web developers are accustomed to, do not apply. Due to the vulnerabilities existing in the underlying system architecture, they can be exceptionally long-lived, providing attackers with sufficient time to develop direct attacks aimed at the hottest targets, a big one being the mobile banking and payments industry.

Both Meltdown and Spectre can affect devices used within the banking industry, an obvious one being mobile banking applications. Although similar, the vulnerabilities do have their differences. They both affect Intel; must have code execution on the system; and can be managed or mitigated through software patching. However, they each have slightly different methods of attack – both use speculative execution, but Meltdown also uses Intel privilege escalation, whilst Spectre uses branch prediction. Thus, they each have slightly different impacts. Additionally, Meltdown only affects Intel whereas Spectre can affect Intel, ARM, and AMD.

The location of the vulnerabilities makes them particularly hard to protect against. This is because it is the processor, its registers, and also its memory, that are being attacked. This creates unique challenges for protection, however, does not make protection impossible. Meltdown has now been patched in most cases, therefore, Spectre is the more concerning of the two.

With both vulnerabilities, the exfiltration occurs via the registers or memory addresses of legitimate programs in use, meaning cryptography-related items such as decryption keys and API credentials will be the likely first targets. This is because the vulnerabilities go across users of an application and, therefore, can provide ‘keys to the kingdom’. Follow-on targets are likely to be individual users’ personal information managed by marquee applications.

The banking industry is likely to suffer the effects of both these vulnerabilities, especially with regards to mobile banking and payments. Customer data such as account numbers and user credentials are very likely to be exposed.

With the rising popularity of mobile banking, applications are seeing more and more security risks affecting them. Even well written applications are still vulnerable. Whilst most applications maintain security by encrypting data between the app and the data centre, this is not enough. In order to be fully protected, banks need to encrypt the data within their application, only decrypting it at the moment it is needed, and then encrypting it again. Further application protection that is highly recommended for banks to incorporate into the security of their applications is anti-reverse engineering and anti-tampering.

For customers using mobile banking, it is vital they remember to turn off JavaScript if possible and to ensure they exit applications they do not need, or are not using at the time. Ultimately the application is run on a processor, when there is a vulnerability there, nothing is really safe. However, if a mobile application is not running, these vulnerabilities cannot facilitate the stealing of data. Encrypting data and implementing application protection that uses a variety of different techniques, can make it much more difficult to read memory out of a register, or to leverage a vulnerability such as Spectre. By doing this, banks can put themselves ahead of others within the industry, as well as protecting their customers and overall reputation.

One might assume that Kodak, the American photography company best known for printing your beloved baby pictures from the high street, had faded into obscurity after its redundancy in the wake of the ever-changing digital age.

In the dawn of handheld devices such as cell phones, smart phones and tablets—all of which can take photographs themselves—Kodak underestimated the constant change in our technological society, whereas competitors took advantage of the market to remain up-to-date in a rapidly modernizing world. Its share worth paints a clear picture of this despite its financial peak in 1996, with the brief bankruptcy it filed for in 2012 and the subsequent steady slope downwards in worth from then onwards as solid proof of its growing irrelevance.

That is, until you reach January 2018, and a large spike in value ends its loss-making trend.

The cause? Eastman Kodak Co. announcing Kodakcoin, Kodakone and Kodak KashMiner, another entry in the list of growing cryptocurrencies and miners attempting to bank on Bitcoin’s success. The announcement prompted Kodak’s shares to surge from $3.13 per share to $12.75, slating 31^st January 2018 as the date for the Initial Coin Offering (ICO) for Kodakcoin to begin.

ICOs are used to raise funds in the development of a new cryptocurrency, often in exchange for fiat currency or other cryptocurrencies such as Bitcoin. The announcement was made at the CES2018 convention in Las Vegas. Kodakone, created in partnership with London-based WENN Digital, will be the platform for which Kodakcoin can be used, utilizing blockchain technology to help photographers keep track of how their photos are used online. They will allegedly benefit from being able to register their work, sell rights to images and receive payment through the new cryptocurrency.

Among these announcements was the plan to install rows of Bitcoin mining rigs at Kodak’s headquarters in Rochester, New York—a power intensive process run by Spotlite branded as Kodak KashMiner, that will verify cryptocurrency transactions rapidly.

Kodak KashMiner computers can be leased by anyone for a two-year contract for over $3000, with alleged returns reaching over $9000 for the customer at $375 a month. Despite this, the overall worth of these machines is under scrutiny due to the fact that Bitcoins become harder to generate over time, signalling the potential that customers will earn far less than they anticipated. The scheme was also criticised over fears that a cryptocurrency bubble will form because of it.

Kodak’s move is among many others who have recently joined in the trend of creating unique digital currencies or taking advantage of Bitcoin’s success—including Mark Zuckerberg, who recently detailed plans to incorporate Bitcoin into Facebook in order to fix its underlying problem of centralism.

But is this move worth the risk?

Bitcoin itself has become common knowledge at this point, with headlines reporting its changes in worth on a daily basis—however, its worth plummeted by 14% in just 24 hours due to the continued discussion over South Korea’s potential ban of the cryptocurrency. With its future up to debate, it is unknown whether Kodak will reap the benefits that it undeniably needs. It has, at least, dragged itself out of the grave and back into the limelight for now.

The security of banks’ and other financial institutions’ websites has been in the spotlight recently, notably in the case of NatWest bank which was involved in a public discussion regarding its site. Below Jacob Ghanty, Head of Financial Regulation at Kemp Little LLP, discusses the legal implications of website security, along with the potential consequences and of course some solutions to follow up on.

Importance of bank website security

With the diminishment of the physical branch networks that UK banks have maintained traditionally, banks’ online services are a fundamental means through which they deliver core banking services to their customers.

In the case of NatWest, a security expert identified that the bank was not using an encrypted https (Hypertext Transfer Protocol Secure) connection for a customer-facing website (in contrast with its connection for online banking services). The security expert suggested that hackers could redirect site visitors away from NatWest to other sites using similar names. NatWest stated that it would work towards upgrading to https within 48 hours.

Legal obligation to protect customer data

This type of issue is not new and has affected other banks as well. As long ago as 2007, the Information Commissioner’s Office (ICO) named and shamed 11 banks for unacceptable data security practice.

From a data privacy law perspective, under current legislation (the Data Protection Act 1998 (DPA)) organisations are required to have appropriate technical and organisational measures in place to protect data against unauthorised or unlawful processing, and against accidental loss or destruction of or damage to personal data (data security breach). The DPA does not define "appropriate technical and organisational measures" but the interpretive provisions state that, to comply with the seventh data protection principle, data controllers must take into account the state of technical development and the cost of implementing such measures. Moreover, security measures must ensure a level of security appropriate to both: the harm that might result from such a data security breach; and the nature of the personal data to be protected.

From a financial services regulatory perspective, banks are subject to a requirement in the Prudential Regulation Authority Rulebook to: “…establish, implement and maintain systems and procedures that are adequate to safeguard the security, integrity and confidentiality of information, taking into account the nature of the information in question. … a firm must have sound security mechanisms in place to guarantee the security and authentication of the means of transfer of information, minimise the risk of data corruption and unauthorised access and to prevent information leakage maintaining the confidentiality of the data at all times.” Breach of this and related rules (including a requirement to implement adequate systems and controls to monitor and detect financial crime) would leave banks open to disciplinary action.

The importance of an HTTPS connection

Any data sent between a customer’s device and a website that utilises https is encrypted and accordingly unusable by anyone intercepting that data unless they hold the encryption key. Without https protection, hackers could, in principle, alter a bank’s website and re-direct users to a fake or “phishing” website where their data could be stolen. Phishing sites are designed to appear like a bank’s own website to lure customers to disclose their personal data. Many such sites are quite sophisticated (incorporating fake log-in mechanisms, and so on) and present genuine risks to customers’ data.

Legal and financial consequences for banks who fail to protect their customers’ data

From a data privacy law standpoint, the ICO has the power to impose financial penalties on data controllers of up to £500,000 for a serious breach of the data protection principles. For example, in October 2016, the ICO imposed a £400,000 fine on TalkTalk for a breach of the seventh data protection principle.

The EU’s General Data Protection Regulation (GDPR) will take effect from 25 May 2018. The GDPR will impose stricter obligations on data controllers than those that apply under the DPA.  The GDPR will significantly increase maximum fines for data controllers and processors in two tiers, as follows: up to 2% of annual worldwide turnover of the preceding financial year or 10 million euros (whichever is the greater) for violations relating to internal record keeping, data processor contracts, data security and breach notification, data protection officers, and data protection by design and default; and up to 4% of annual worldwide turnover of the preceding financial year or 20 million euros (whichever is the greater) for violations relating to breaches of the data protection principles, conditions for consent, data subjects’ rights and international data transfers.

Key next steps for banks to protect financial and customer data

There are several obvious steps that banks can take to protect financial and customer data including carrying out a cyber security audit, maintaining adequate detection capabilities and putting in place recovery and response systems to enable them to carry on in case of an unexpected interruption.

There are number of useful sources of information in this area including: the FCA’s speech in September 2016 on its supervisory approach to cyber security in financial services firms; various ICO guides on information security; the FCA’s Financial Crime Guide; and the FSA’s Thematic Review Report on data security in the financial services sector of April 2008.

From AI to IP, with GDPR and cybersecurity in the midst, Karl Roe, VP Services & Cloud Solutions at Nuvias, tells Finance Monthly what’s in store for organisations using the cloud in 2018.

The Rise of AI

2018 will see Artificial Intelligence (AI) drive a transformational change among organisations and impact on cloud use.

ICT isn’t getting any simpler, and businesses are being forced to move faster as their customers’ requirements become more demanding. This is driving innovation in areas like AI, but automation of past processes won’t be enough to keep up with the “need for speed” in business agility.

We will see lots more AI projects and initiatives in 2018; it will be the cornerstone of change in automation of ICT. Proactive, automated, non-human decisions are now a necessity. Are the robots coming? Yes, they are – but we still need to develop the Intellectual Property (IP) to drive them.

IP Will Be Key

With emerging technologies like AI becoming more prominent in 2018, organisations are demanding bespoke software and solutions that solve their specific business problems.

As a result, companies are increasingly working with cloud service providers to gain a competitive advantage – this includes using public cloud providers to power their IP-centric solutions. Investment in infrastructure development is diminishing, replaced by a need for specific business-driven solutions that require unique software to bring these solutions to life.

From Partnering to Strategic Alliances

IP is the key, but many end users don’t have the time, resources or in-house skills to create their own unique solution that gives them the business advantage they require.

As such, they are forging long term business relationships with technology service providers who understand their need for change, and develop specific IP or software which utilises public cloud services, embraces AI, and most importantly which solves a business or specific customer problem.

Public cloud providers also need these strategic partner alliances to ensure there is a shorter time to value in moving workloads to the cloud, and providing solutions that move beyond IaaS (Infrastructure-as-a-Service) to fully utilising PaaS (Platform- as-a-Service).

PaaS as the Basis for Digital Transformation 

We are starting to see the SaaS (Software- as-a-Service) players now extending into PaaS in response to customer demand.

Customers that are using a SaaS kingpin like CRM want to extend that platform into other use cases and requirements. It’s been a long time coming but as the world moves to a cloud-first strategy, the complexity in integrated public clouds is driving companies to explore PaaS.

Secure Cloud Services & Cyber Security get Board Visibility

Cloud services have been a safe bet in the Boardroom in recent years, but now the question is, are they truly secure? Decisions to utilise cloud services have been a relatively easy Boardroom decision, due to their known cost and agility. But with more and more high-profile data breaches, questions are now being asked around cloud security at a Board level within businesses.

The damaging nature of cyber-attacks is now clearly in the line of sight of Board members. GDPR will also raise more questions at this level, making cyber security in the cloud a Board level priority.