Are we digitalising to our advantage, or demise?

BE it coming up top as a leading technology innovation hub or helming 1 of the fastest broadband speeds in the world, Singapore has no doubt come far in its digital transformation journey.

However, even as the nation continues to scale its digitalisation efforts, cybercriminals, too, have been levelling up their game. Bad actors are adapting and becoming more sophisticated - even as companies continue to ramp up their digital capabilities and strengthen their security.

To top it all off, it doesn't take much to circumvent security fences today. Any Jane and Joe can now try their hands at becoming a criminal online, as items such as phishing kits are now widely available on the Web.

Digitalisation, it seems, has not only paved the way for more advanced technologies, but created a rich environment for cybercriminals to thrive in. If that's the case, how do we stay ahead of our criminal adversaries, while reaping the full benefits of the digital world?

Digitalisation wasn't the problem

As we continue to advance our digital transformation journey, it has become exceedingly apparent that the intended users of any system will never be as sophisticated as its attackers.

Take the complex nature of the recent OCBC phishing scams for instance. Scammers used social engineering attacks to impersonate authorities, tricking users into giving out their information.

Attacks like these succeed because they are carefully designed to manipulate emotions and take advantage of the victims' trust, causing them to disregard logic and ignore warning signs - until it is too late. The OCBC incident has taught us that organisations cannot always assume that their end users can safeguard themselves against fraud.

While consumer education efforts can be instituted, new attacks - which cleverly exploit loopholes in consumer behaviour - are bound to be launched, too.

A strong cybersecurity stance today must include a mix of both consumer education and sophisticated technology that considers the multifaceted risks from cybercriminals.

Fortunately, this can be achieved in a manner that doesn't compromise on convenience or usability. Banks, in particular, are already implementing modern features such as facial recognition and liveness detection - which enable companies to determine the user's physical presence behind an app - to thwart impostors and send fraud levels plummeting.

But that alone is not enough.

Organisations often risk overlooking ease of use and convenience as they stride on in their pursuit for newer, more secure technologies.

A future-proof cyber defence strategy, however, requires picking the right technologies and implementing them in the right manner.

One platform, multiple solutions

It's not surprising that some enterprises will deploy multiple solutions to protect their ecosystems - but that often comes at a cost. From risk and fraud detection capabilities to user authentication, each disparate solution adds a layer of complexity to the system.

This is further aggravated by the number of different features that need to be managed to satisfy various aspects of regulations and the consumer journey. To make matters worse, some of these technologies aren't user-friendly, and risk making the system harder to use.

However, strong security can be achieved without forgoing simplicity and usability. Organisations can adopt a more comprehensive and holistic approach that benefits both the user and the organisation, while minimising costs and security risks. This can be achieved by consolidating the technologies onto one single platform, or by partnering an integrated solutions provider.

For banks, that would mean unlocking a full suite of online identity verification, Electronic Know-Your-Customer and Anti-Money Laundering solutions that leverage liveness detection, AI, computer vision, biometrics, automated watchlist screening, ongoing transaction monitoring and any necessary manual reviews through a single integrated partner. Doing so takes the heavy lifting of fraud prevention out of the hands of users, while allowing organisations to focus on their primary business.

The seamless orchestration between disparate components in a cyber defence infrastructure is critical in delivering faster and more reliable ways for detecting online fraud and simplifying regulatory compliance. The best solution should not require any additional steps from the user and allow the organisation to effectively balance security and convenience.

The reality is that cybercriminals will never stop finding new ways to attack. At the end of the day, it falls upon organisations to provide more secure authentication mechanisms to their customers, without letting the new features and costs precede the real needs of users and business processes.

Ultimately, digital transformation shouldn't be seen as a be-all-and-end-all solution. Rather, it is imperative that organisations evaluate their digitalisation strategy to futureproof systems and protect their users. And they must do so with careful consideration of each technology and implementation - lest the features become yet another spoke in the wheel that could have been avoided in the very first place.

• The writer is vice-president of Asia-Pacific at Jumio Corporation