Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely

SUMMARY

According to Gartner, API attacks will be the most frequent attack vector in 2022, causing data breaches across enterprise web applications

During his masterclass at the Inc42 Fintech Summit 2022, Dean Houari of Akamai Technologies shared his insights into how India’s fintech startups can shield themselves against common cyberattacks

He stressed the need to identify the level of digital maturity to develop an efficient API protection plan and other security measures

In May 2022, Bengaluru-based digital payment gateway firm Razorpay registered a complaint with the city’s cyber cell, alleging a loss of INR 7.3 Cr as hackers siphoned off the money over three months by manipulating its authorisation process. 

It was not a one-off case. In the past few years, the fintech sector has become an extremely lucrative target, constantly threatened by data breaches and fast-evolving forms of cybercrime. 

According to a report by Akamai Technologies, a cybersecurity and edge technology company, out of the 6 Bn web attacks in 2020, the financial services sector alone saw 736 Mn incidents. Additionally, a 2022 report by US-based network operator Verizon showed that ransomware breaches globally (including India) rose by 13% last year — more than the past five years combined. 

“The rise in applications and digital services across the fintech sector is increasing the threats of cyberattacks every day,” said Dean Houari, Akamai’s director of security, technology and strategy, Asia Pacific and Japan (APJ), speaking at the recently concluded Inc42 Fintech Summit 2022.

During his masterclass titled Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely, he elaborated on how fintech companies, big and small, could navigate the maze of sophisticated cyberattacks, instil confidence among users and scale securely. 

Watch Houari explain the most common cyberattack tactics and how fintechs can deal with those.

Identify Threats Before Taking Action

“Fintech companies are under a lot of pressure to develop adequate security measures. But striking the right balance between security and customer experience (read ease of use) is not easy,” noted Houari. “Oversecured and, therefore, limited customer experience will open the door for competitors.”

It is a double whammy as fintechs cannot compromise on user experience or user data. Hence, businesses must choose the right cybersecurity tools to achieve cyber resilience.

The first step is identifying the cyberattack vectors unique to the fintech industry. 

“It is common to think that attackers will breach your firewall, but that is rarely the case. Hackers know that breaching a firewall can instantly send an alert, and it is too much work for them,” said Houari.

Instead, fintech players must watch out for some common cyberattack vectors, including API attacks, DDoS (distributed denial of service) and in-browser threats. 

“Cybercrime has now evolved into organised crime. Attackers work in groups and may use all these tactics to create a diversion and open a door (into the system) somewhere else,” he warned.

Credential abuse is another common ploy. “Attackers today are spending a lot of time developing malicious botnets to steal a fintech user’s login credentials,” said Houari. 

But among these vectors, APIs are the most targeted as these are at the centre of customer experience, especially in the Indian context. 

“India ranks fifth in API attack targets worldwide. APIs are more performant and less expensive to attack than traditional web forums,” said Houari.

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely
A snapshot from Houari’s masterclass

“Attackers can exploit app vulnerabilities and third-party integrations through APIs. Also, these are still not very secure and have different attack vectors that can lead to data breaches, ransomware and credential theft,” he added.

According to research and consulting firm Gartner, API will be the most frequent attack vector in 2022, causing data breaches across enterprise web applications. Houari claimed that most attacks would take place in the ecommerce and financial services sectors. 

How Fintechs Can Create A Security Shield

During his masterclass at the Inc42 Fintech Summit, Houari urged each fintech company to identify its level of digital maturity and develop an API protection plan accordingly to ensure security and scale in the competitive digital climate. He further advised them to partner with security enablers (like Akamai) to enhance security measures and reduce such attacks.

According to Houari, a few more measures to mitigate cyberattack risks include establishing a WAAP (web application and API protection), preferably with bot security, and investing in DDoS mitigation and DNS security to protect online user experiences.

“APIs are code-based; so, securing your code is also essential. Teaching your developers to ensure in-built security via design and not as an afterthought is also critical,” he added.

Catch all the sessions and insightful conversations from The Inc42 Fintech Summit 2022. You can find the takeaways from some of the most prominent names from the fintech community right here at the Fintech Academy.

Step up your startup journey with BHASKAR! From resources to networking, BHASKAR connects Indian innovators with everything they need to succeed. Join today to access a platform built for innovation, growth, and community.

Note: We at Inc42 take our ethics very seriously. More information about it can be found here.

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
UNLOCK 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
UNLOCK 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely-Inc42 Media
Indian Fintechs’ Guide To Mastering The Art Of Scaling Securely-Inc42 Media
You’re in Good company