WHY THE FINANCIAL SERVICES INDUSTRY NEEDS TO EMBRACE CONFIDENTIAL COMPUTING
While financial data has always been considered sensitive, the growing number of companies working with sensitive data has brought renewed attention to the issue.
Financial institutions are among the most targeted by hackers due to the large amount of critical customer data they handle. Any loss of personally identifiable information (PII) can lead to lawsuits, fines, and irreparable brand damage.
For this reason, the financial services industry is often hesitant to share data and collaborate. With the rapid rise of digital fraud since the start of the pandemic, it’s time for financial institutions to reevaluate their options. Confidential Computing is a new approach to data encryption that helps the financial industry protect PII and fight digital fraud through collaboration.
The value of secret computation
Although protocols exist to protect data in transit (in transit over a network connection) and at rest (in storage and databases), only secret computation solves the security problem. important data by encrypting the data in use – during processing or execution.
Sensitive data is handled in hardware memory called “enclaves”, preventing hackers from accessing the data, even if the infrastructure is compromised. This allows businesses to run sensitive applications in the cloud or other hosted environments, as the risk of malicious or unintentional breaches is essentially eliminated.
The evolution of digital fraud
With the outbreak of the pandemic in 2020, financial institutions rushed to develop online services to make banking services accessible to limited consumers. The flip side of this digital shift is creating new opportunities for scammers to steal PII. According to a recent study by the Identity Theft Resource Center, 1.5 billion PII entries have been exposed in the past three years alone.
The availability of PII creates a number of opportunities for cybercriminals. They can use complete sets of customer information to open new accounts or put together different pieces to create entirely new profiles, known as composite identities. The 2021 Consolidated Identity Fraud Report found that US banks lost $20 billion in 2021 due to aggregate identity fraud (SIF).
Whether it’s using one person’s sensitive information or an aggregate of many, PII is the key that criminals use to open up a wide range of fraud opportunities. Fortunately for financial institutions, confidential computing not only protects PII from the risk of exposure but also enables a new approach to combating digital fraud – sharing fraudulent profile information. between banks. PII Protection and Anti-Fraud
When scammers steal PII, they use it to create fake accounts, borrow money, and open multiple lines of credit. Whichever approach they take, they can reuse the same information to commit fraud at multiple banks, none of which is wiser.
Why? Because even if financial institutions suspect or find out that PII is fraudulent, they cannot report it to their peers at competing banks for fear of breaching confidentiality laws, leaking data, or causing fraud. or put itself at a competitive disadvantage.
This is why confidential computing and its ability to encrypt data during processing or execution are so important. It allows financial institutions to check information for signs of fraud and share their findings anonymously, without the risk of exposing PII in the process. This approach encourages financial firms to cooperate in the fight against digital fraud, eliminating duplication of effort and making it easier for regulators and enforcement agencies.
The technology has been successful in industries like healthcare, and similar success must now be replicated in financial services to protect PII. It has the potential to be the driving force behind improving digital fraud detection and reversing the rise of digital fraud.