From our blog we have already approached topics connected to cryptocurrencies and FinTech, but we will focus today on money and users for a more ample concept. It is true that digital assets involve some risks (they are not backed by Central Banks, they are techno instruments, keys can be lost, etc.) but banking products, services and / or investments involve risks as well. In this sense, this article posted by InfoTechnology is quite interesting with some statistics on average theft suffered by Argentinean bank customers ($ 643 million in 2020 with 3000% up in reported events in the region). Cybersecurity becomes critical not only for users but for companies as well.
Keys and data are likely to be hacked using different strategies. Some are very popular like the “African Prince scam” (whereby you are offered by mail to share the heritage of a member of the royal family from an African country) and others are more sophisticated, involving a data survey in social media attempting to guess keys and passwords and/or to use similar logos to users’ habitual providers.
Second semester of 2020 and the first of 2021 turned to be a nightmare for financial services providers but particularly for banks. Many banks (no need to point fingers here) were hacked in their home-banking and personal loans platforms due to IT vulnerabilities, information leaks and/or incautious customers. So, the concept that “money is safe at the bank” is vanishing sooner rather than later.
This topic will be further developed in another article but we would like to comment that there is a conflict between cheated users/customers and services-related banks. Banks could be liable for failures in their IT systems failing to protect their customers’ money and also for the lack of warning to them regarding fraud. Theft will be analyzed on a case-by-case basis but many customers will be likely to recover their savings based on the Consumers’ Protection Law. .
Even though this newsletter is purported to focus on other matters, we believe it is important to share some tips for anti-fraud purposes:
– Whenever a mail is received asking for data, the sender must ALWAYS be checked. This can be done by clicking on “See source code”: message metadata will be displayed disclosing the sender’s information, even if the email address has been concealed.
– Files attached in suspicious mails must never be opened nor suspicious mails must be answered. It is advisable to contact an IT specialist or delete them. A good safety measure is to contact the bank at the phone number published in their web site (usually a 0800) for validating purposes.
– Another tip to consider: keys, passwords, tokens and code cards must NEVER be shared nor stored in digital forms.When personal keys are hacked (even mobile phone, Google or other passwords), cyber criminals are entitled to have access to all users and passwords, enabling them to operate in our place.
– Banks do not interact with their customers through social media; only through chatbots, in some cases, with general information. Many fraudsters act as bank officers by commenting in bank pages (official or fake) pretending to assist those who comment, thus creating a false reliability in order to get key data for stealing money.
For further tips, please see the #Trends article about cybersecurity. #Trends is a publication made by Alliott Global Allianceabout the most relevant legal developments in international business.
As shown in this article by Infobae, the conflict in the financial sector has evolved towards a battle between traditional banks and FinTechs, where both parties blame each other for (the lack of) proper legislation and for the friendly conditions for fraud perpetration. On one side, banks invoke that greater interoperability between banking and FinTech accounts would improve cyber fraud conditions. On the other side, FinTechs argue that traditional banks try to obstacle easily integrated operational capabilities to keep funds within their system.
In this article posted by iProUp , the FinTech sector shows their concern by comparing such obstruction with a “strike” making an analogy between the financial system and a highway network. An effective work is being done between the associations of FinTechs and banks by reinforcing bilateral agreements between Payment Services Providers (PSP, FinTechs) and banks addressed to fraud prevention. In this sense, a 70% fraud reduction has been estimated. The opinion of Lucas Llach is quite interesting by connecting the sensations (still fresh for some people) derived from the 2001 crisis and the measures adopted by the traditional banking system to keep customers (and their money) with them.
Perhaps, banks should make their best efforts to avoid fraud in their own platforms rather than being concerned for their competitors, who have a growing market share in a more dynamic market. Both banks and FinTechs are tightly regulated by the Central Bank, depending on the transactions and services supplied. From our position, we promote greater interoperability for the development of more friendly production conditions and aiming to reduce the current financial costs, standing by traceability and safety standards oriented to smart solutions and safe transactions for users.
Diego J. Nunes
Abogado
Estudio Nunes & Asoc.