Responsive image

Banking: Will digitization help recover from 2016’s aftershocks?

Madhav Mohan July 18, 2017

Banks have been the backbone of our country as they can propel or plummet the country’s GDP. By 2020, Indian banking is set to become the fifth largest, according to a joint report prepared by KPMG and Confederation of Indian Industries (CII). But 2016 was a rollercoaster ride, as the banks battled demonetization and the debit card breach affecting close to three lakh accounts. The year ahead too won't provide any relief, as the task to do damage control and the pressure to leverage digital is huge.  

Banks have begun to fully integrate digital in their business. Demonetization has opened the gates for massive digitization drive. Payment companies and gateways drive the financial inclusion, which is unprecedented. However, the banking sector faces huge technical and regulatory challenges in absorbing the digitization wave. The mobility-based feature phones, multiple gateways and Aadhaar-based biometrics, all demand innovative approach to create a responsive and secure ecosystem.

The challenges are at multilevel--at one level to have innovative technology products and processes, and at other to create seamless digital platforms to expand the customer base exponentially.

CIO India spoke to three CIOs from top banks: Mithilesh Singh, Director-Technology Audit, IDFC Bank, Anup Purohit, CIO, YES BANK, Nirmala Sridhar, CIO and GM–IT, Vijaya Bank, on the digital plans and priorities for 2017, challenges the banking sector will face, and security measures for the growing online transactions. 

With digital banking gaining momentum, what are the steps your bank will be taking this year to provide seamless service to customers?

Mithilesh Singh: Being a new bank we focused to capture the market through latest digital technologies and in this regard we took many new innovative initiatives. One of the very prominent initiatives taken by our bank is MicroATM Technology for retail customers across Tier 1, 2 and 3 cities, and rural areas. 

We were the first bank to roll out Aadhar PAY for cashless payments to merchant nationally. The solution has been developed by our bank in association with UIDAI & NPCI. 

We in partnership with NHAI introduced a solution for hassle free trip on national highway called IDFC Bank FASTag. The bank is committed to offer innovative solutions to simplify the banking experience for the end users.

Anup Purohit: Our product, SIMsePAY, has been launched, primarily for adoption in rural India. It will come handy for the customers in rural areas as they don’t have banking services on their cell phone. It does not require internet connectivity and is economical. Also, we want to grow our wallet and enable mobile banking adoption, where we integrate UPI with yeswallet, yesmobile and Simpay. We will also enrich our products with Unified Payment Interface.

Nirmala Sridhar: To make rural India part of Digital India, we have launched the concept of digital villages and already five villages have been fully digitized. On 26 January, 2017, we are declaring 100 villages across India as Digital Villages, where in customers will be able to seamlessly access all digital products.

With respect to digitization, what are the challenges the banking sector is going to face in 2017? How do you plan to leverage IT to overcome these challenges? 

Singh: Cyber Security is the immediate need of the hours. Due to the transformation from manual to digital means of banking the risk of cyber threat increases many-folds for the financial sectors. Financial institutions today are being targeted by hackers with increasingly sophisticated techniques. Traditional cyber defences may be apt against thwarting malwares with known signatures, but such defense strategies are fast losing their effectiveness against more sophisticated cyber-attacks such as zero-day or customized exploits. 

The banks need to look for bug bounty kind of security program to address such kind of emerging threats.

Purohit: Sim cloning is one of the challenges. With technology, sims can be cloned and misused. As hackers are one step ahead, banks have to aggressively think of an idea to combat threats to protect customers. Bank should get hold of ethical hackers. Having said that, we are onboarding partners and trying to find key niche players who can offer such services. As phones have become banks, there is a need for banks to do three factor authentication by providing a good user experience. Banks have to think of a solution to make phones secure too.

Sridhar: We feel that the biggest challenge is going to be cybersecurity. Due to high number of security breaches, banks have to lay a razor sharp focus on securing all their products. Banks need to align with cybersecurity framework. Banks need to follow a rigorous security testing process before launch of any digital product, have to carry out vulnerability and penetration assessment, and network security audit. Overall, banks' approach should be proactive and not reactive.  During this year, our key focus would be on building fraud risk framework.

How do you plan to stave off competition from payment companies?

Singh: Traditional banks are not lagging behind. Most of the traditional banks have started to offer a digital platform or solutions. The space for wallet companies will be challenging in 2017, as many banks will have a wallet. And as NPCI has come up with a UPI platform, the role of wallet companies will diminish.

Purohit: One, banks have an advantage in terms of size, and have more complex technologies. Two, all the banks have digital teams and have become more agile in terms of IT. Payment banks will be regulated by RBI and will have a restriction in terms of assets and liabilities.

Sridhar: Competition is a must for improving performance. Our bank’s USP is customer service and unique IT products. We feel that public and private banks have a personal touch with customers and they have a diversified portfolio of products suiting the needs of customers, which would be leveraged.

With Modi’s idea becoming a cashless economy, what kind of security measures your bank will implement to secure online transactions?

Singh: We have stringent rules on applications before it goes live. My team performs a technical review of the application in a detailed manner, from development to deployment. If we don’t do it, any small flaw will have a cascading effect. This year we will continue to do it. Also, we are in search for new companies who can provide expertise like reviewing our environment, with respect to emerging threats in today’s digital world. We have deployed best in class security solutions to meet the cyber defense related challenges.  

Purohit: We are strengthening our fraud risk management application software by integrating with enterprise. Also, we are focusing on integrating analytics on various channels through which loans can be seen. In the risk and security area, analytics will play a key role this role.

Sridhar: With cashless economy and online transactions surge, security threat is looming large. As such we already have in place two-factor authentication for all our products. We regularly conduct security audit and all our digital products undergo rigorous security testing before being launched. Presently, the communication is secured. However, with more and more mobile-based apps, we feel that the hardware security of the customer devices would be a challenge. We are taking measures to identify rooted or jailbroken devices as a step to provide secure transactions.