Mastercard launches ‘wave to pay’ biometric allowing customers to pay using the face or hand gesture in stores
Financial Safekeeping: Checking Security at Financial Institutions and DeFi Platforms like Nimbus
How can you be sure that your financial assets and transactions are safe and secure? Is it enough to change your passwords often, check your account balances, sign up for credit monitoring? To visit only reputable business and financial websites, use reliable apps, resist storing your card or personal information online, watch out for scams – and cross your fingers?
Is your financial institution ensuring security as well? It may try, by spending 10% of its annual IT budget on cybersecurity, or about $2300 per employee, amounting to millions of dollars per year. It can use data encryption for transactions and institutes two-factor authentication. It can employ firewalls, anti-virus protection and fraud monitoring.
Still, the threats to your financial information are coming from everywhere. Ingenious hackers are always coming up with new methods for stealing customers’ identification and financial assets. Cybercriminals know financial websites are the most vulnerable, contents of a webpage can be altered and apps can be cloned to look exactly like the real ones. Malicious codes access users’ cookers and steal personal information from websites. Fake “notifications” from your financial institution continually bombard your mailbox with requests for verification of sensitive information.
Meanwhile, data breaches and ransomware attacks threaten your whole financial institution. Denial-of-service attacks can cripple system-wide operations, freezing your personal and business accounts for days. While many companies pay the hackers’ demands, all attacks mean significant costs to the institution whether ransoms are paid or not. Customers are affected as much as the institutions by staff resignation and layoffs, closures and ultimately damage to the institution’s reputation.
Fending off these threats requires finding the necessary talent and expertise, but most institutions do not have the internal human resources. Outsourcing to third party vendors increases the risks of vulnerability, and there’s always the possibility for fraud and human error. Employees of both institutions and their vendors intentionally commit a majority of attacks, or make mistakes like opening suspicious email.
All these threats paint a hopeless picture. Where can you find the security you need, that you can really trust? Perhaps security actually lives in a system that doesn’t require trust.
The blockchain technology underlying cryptocurrency and decentralized finance is trustless because it doesn’t require that you put your faith in a third party, human or institutional. No entity intercedes in financial transactions or comes between you and your financial assets. No person or institution has the authority over the financial system you use. With blockchain, peer-to-peer networks store transactional data and “smart contracts” execute operations. While institutions and humans can be corrupted, blockchain’s immutable or unmodifiable code cannot.
Crypto wallets hold assets, and are accessed with private keys with many complex security safeguards. For example, private keys have 51 alphanumeric characters that are virtually impossible to hack. By contrast, most financial passwords can be discovered by “brute force” attacks even if they are random and contain letters and symbols, particularly if they are repeatedly used or stored on many websites and apps.
The smart contracts that fulfill transactions rely on decentralized code and verification, making this system virtually impossible to shut down or failing at one centralized location. Blockchain also eliminates the possibility of unintentional or malicious modification with its immutable and irreversible encrypted code.
In fact, cryptocurrency and the DeFi platforms based on it do require trust in something: the computer code. If it has coding flaws or bugs, it will be as vulnerable to hacking and cybercrime as traditional institutions. That’s the main reason to rely on leaders in the DeFi industry such as the Nimbus Platform, who vigorously employ blockchain protocol and smart contract audit procedures through established cybersecurity services like Hacken. Nimbus also implements an ongoing bug bounty program with rewards for hackers.
Of course, there will always be unscrupulous people in any industry, and DeFi is no exception. As it evolves, it’s experienced its own scams, like the crypto “rug pulls” that happened when dishonest developers abandoned DeFi projects taking users’ assets with them. To avoid these threats, it's critical to know the background of any platform’s leaders and choose only the best. Case in point: Alex Lemberg, CEO of Nimbus has over 30 years of experience working as a business analyst. His resume includes work for Merrill Lynch, Morgan Stanley, Barclays Capital, CIBC, Bank of America Securities, and Credit Suisse, He’s committed to applying his vast understanding of business technologies to Nimbus, and the knowledgeable, innovative team he’s assembled have created a streamlined, user-friendly Platform.
There’s one more person you’ll have to trust: yourself. The choice between traditional financial institutions and DeFi depends on whether you want to control and protect your own assets. If you take time to learn about DeFi with the help of a platform like Nimbus that provides a DeFi hub and easy access, then you can answer your own security questions.
This article does not necessarily reflect the opinions of the editors or management of EconoTimes