Securing modern e-Banking services for banks

By Mr. Sundar Balasubramanian, Managing Director, India, and SAARC, Check Point Software Technologies

A bank’s applications drives the business. As they evolve and grow, they expose more APIs causing the attack
surface to grow as well. Cybercriminals are exploiting this phenomenon, attacking web applications and APIs
with advanced methods that include SQL injection, cross-site scripting, and deploying automatic scripts
known as “bots.” These attacks are damaging and costly, and the ability to secure applications has never
been more critical.
But detecting and preventing these attacks is challenging, requiring the bank to implement app-specific
security defenses, such as building security into their mobile apps from the get-go. When they don’t, the
implications are dire, with great damage that can be incurred to customer security and the bank’s
reputation.
Here in India, a banking organization is being attacked on an average 1364 times per week in the last 6
months, compared to 919 attacks per banking organization in APAC, as outlined in Check Point’s Threat
Intelligence Report. Apart from this, in India, the average weekly impacted organizations by banking malware
stood at 7.0 percent as compared to the APAC average of 2.9 percent.
Check Point’s “Mobile Security Report 2021” lists a 15% increase in global banking Trojan activity in 2020,
threats that put mobile users’ banking credentials at risk as threat actors have been using mobile remote
access Trojans (MRATs), banking Trojans, and premium dialers often hidden within apps claiming to offer
COVID-19-related information in 2021, thus making mobile banking apps fertile ground for cyber attacks and
one of the biggest risks for the banking industry. Security is obviously a growing priority within most
organisations but as the numbers have presented, never more so than in the banking industry.
This blog will present two banks’ stories, their challenges, and the solutions they leveraged to overcome the
challenge and boost their security posture.
Customer story: a large European bank enhances security for e-banking web apps
In the effort to overcome the challenges of securing its e-banking offering, a European bank was looking to
enhance and automate the security of its customer-facing web applications’ APIs.
With Check Point’s CloudGuard AppSec, the bank can now prevent real threats such as those from the
OWASP top 10, as well as zero-day API attacks and malicious bot traffic. And all this as it eliminates false
positives.
Among the improvements made possible by the Check Point solution are:
• Improved security with automated application security and API protection using contextual AI
• Increased scalability with a fully automated solution for public clouds (AWS, Azure, Kubernetes, and
more) and on-prem multi-apps, with protection for billions of annual application requests
• Reduced operational expenses by eliminating the need for manual tuning and fully automating across
multi-environment & apps
e-Banking services security with Check Point’s CloudGuard AppSec

©2022 Check Point Software Technologies Ltd. All rights reserved | P. 2
Customer story: large APAC bank releases mobile e-banking innovations
to 1M+ customers quickly and securely
With Check Point’s Harmony App Protect mobile SDK, the bank has been securing its e-banking mobile apps
from the start, achieving:
Apps secured out-of-the-box
• Runtime protection against malware, jailbreak/root, MitM attacks, and tampering attempts
• Detection of known and unknown threats and prevention of compromise
Faster version release
• Developers quickly and securely release new features
• A reduction in development and testing efforts
Automated compliance
• Apps compliant with financial regulations from day one, incl. FFIEC, PSD2, PCI DSS, and more
Secure apps with Check Point’s Harmony App Protect

Solutions for securing advanced e-Banking services

©2022 Check Point Software Technologies Ltd. All rights reserved | P. 3

Banks can protect web apps and APIs from cyber security attacks and build secure mobile apps from the get-
go with Check Point’s CloudGuard AppSec, which automates financial service applications and API
protection, and with Harmony App Protect for securing e-banking mobile apps.
In conclusion
Check Point enables banks to provide advanced digital services to their customers with the highest level of
security to their network, cloud, users, and access, with the Quantum, CloudGuard, Harmony, and Infinity
families of products.
By adopting a consolidated security approach with Check Point Infinity architecture and services, banks
realize preemptive protection against advanced fifth-generation attacks while achieving a 50% increase in
operational efficiency and a 20% reduction in security costs.
This broad cybersecurity offering of solutions and services from Check Point is enabling 6,500 financial
institutions around the world to overcome their toughest challenges today and is helping banks deliver
superior digital experiences while assuring security and compliance.

Leave A Reply

Your email address will not be published.