Across the banking and financial services industry, Know Your Customer (KYC) processes play an increasingly essential role in risk management and compliance processes. In common with their bricks-and-mortar rivals, for example, the fast-growth Neobank sector faces a range of cybersecurity and data privacy risks, from identity fraud and poor verification to compliance breaches. Efforts to deliver on their responsibilities must also be balanced against the need to deliver an excellent customer experience.
Among the various risks they face, the KYC procedures employed by Neobanks can be vulnerable to file-based cybersecurity threats with the potential to impact both security and reliability. The risks include:
- Document Uploads: Sensitive customer documents uploaded during KYC can act as a pathway for malware or ransomware, risking system compromise.
- Data Integrity: File-based threats can alter KYC document data, leading to erroneous verification and impacting process integrity.
- Data Breach: Unauthorized access to sensitive customer data via file-based threats can result in serious data breaches.
- System Availability: File-based threats like ransomware can disrupt KYC and banking operations by locking down systems.
- Non-compliance: Data breaches or incorrect verification due to file-based threats can lead to regulatory non-compliance, incurring penalties.
Content Disarm and Reconstruction
In response to these issues, Neobanks and organizations across the financial services industry are turning to Content Disarm and Reconstruction (CDR) to proactively protect against the risks posed by file-based threats.
Unlike reactive antivirus and sandboxing technologies Glasswall CDR doesn’t rely on the detection of ‘known’ threats. Instead, it works by proactively looking for ‘known good’ by inspecting, cleaning and rebuilding each file - automatically removing potential threats and delivering a secure, visually-identical version to the user.
And because this all happens in real time, users don’t even notice Glasswall is providing protection against completely attack types, including zero-day threats. With Glasswall CDR, Neobanks can secure their document workflow by implementing the Glasswall API to call upon its zero-trust file sanitisation capability. Glasswall CDR processes files in under a second – automatically removing potential threats and delivering secure, fully functioning and visually-identical files.
Case Study: Glasswall CDR in Action
An award-winning publicly listed European bank was looking to secure its new mobile banking app against file-based threats. In particular, it was implementing a Know Your Customer (KYC) file upload portal as part of its Anti-Money Laundering (AML) compliance process.
With customers required to upload proof of identity documents, the bank identified file ingest as a potential cybersecurity attack vector, as bad actors could be targeting the bank with files containing zero-day malware.
Adding to the challenge was the fact that their existing antivirus technologies could only detect malware that had been seen before, offering no zero-day protection capabilities. The bank also had difficulty integrating its sandbox architecture, which was incapable of delivering the processing speed required to meet customer expectations.
Collectively, these issues left the bank open to potential malicious events, such as a major leak of sensitive client data or a costly ransomware attack.
The bank turned to Glasswall Zero-trust CDR (Content Disarm and Reconstruction) technology to secure its document workflow, implementing the Glasswall API to call upon its zero-trust file sanitisation capability. Glasswall CDR processes files in under a second – automatically removing potential threats and delivering secure, fully functioning and visually-identical files.
Glasswall Zero-trust CDR doesn’t rely on the detection of ‘known’ threats but works by proactively looking for ‘known good’. The Glasswall CDR Platform inspects, cleans and rebuilds files - automatically removing potential threats via a process that takes place in real time, providing protection against new attack types.
In addition, Glasswall Zero-trust CDR provides the bank with real time feedback on the threat level of each file, and a granular risk report is provided to their security team.
The bank now has confidence that zero-day malware will automatically be removed from files or documents before they reach their network. This was achieved without file flattening, maintaining document useability for the organization's end users, who can open files ingested via their portal. As a result, the solution plays an important role in helping our client maintain compliance with AML rules and regulations.
To learn more about how Glasswall CDR can help secure Neobanks and their KYC processes against file-based threats, click here.