What Changes will Artificial Intelligence Bring to Banking Security?

Companies in the banking and financial services industry - just like many other businesses - increasingly need to equip themselves with highly adaptable cyber-defense solutions against bad actors’ ever-evolving attack strategies. Artificial Intelligence (AI) throws yet another variable into the mix. Many banks and credit unions are already exploring opportunities to deploy AI-based solutions to proactively intercept these bad actors’ attempts to compromise their networks or access assets. At the same time, these bad actors are, themselves, taking advantage of AI-powered solutions to execute their attacks.


According HID’s 2024 State of Security Report, 35% of the surveyed users and partners said they will either test or implement some type of AI capability in the next three to five years. Early on, AI will be used for such banking security applications as enhancing identity management by more quickly and effectively surfacing identity-based trends, patterns and anomalies. Many more applications are either being deployed or will soon follow.


Promising Applications Abound


In the HID survey, 22% of all end users say that they are already using AI to optimize the accuracy of threat detection and prediction in their security programs. Today’s biggest use case is for data analytics, according to 44% of respondents. This is particularly important in the banking sector, where administrators need the power of AI to process information and recognize patterns in real time so they can identify fraudulent transactions more quickly and accelerate decision-making and mitigation actions.


This use case will become more valuable with the arrival of custom-built AI models that are trained using data which is specifically relevant to a particular security domain. Developers will be able to integrate these pre-trained, domain-specific models into various banking security applications. This will drive the availability of even more specialized and effective AI tools that solve  a variety of challenges that are unique to the banking sector.

The most visible application of AI, though, is with biometrics to more effectively identify individuals through facial recognition and fingerprint analysis while also detecting attempts to use fake fingerprints or photos. This combination of AI and a biometric factor such as a fingerprint creates an even more powerful multi-factor authentication (MFA) alternative to vulnerable passwords. The security industry already views more robust MFA as the first line of defense against the coming onslaught of AI-driven account takeovers and other cyber-attacks that exploit passwords and improperly configured MFA policies. When biometrics-based MFA is strengthened with AI, it may also be one of the bank’s only defenses against fraudsters who likewise use AI to supercharge and scale their phishing, business email compromise (BEC) and other social-engineering tactics aimed at acquiring the necessary credentials to achieve their objectives.


Beyond threat analytics and fraud detection, AI is also transforming the banking experience and how customers interact with their financial institutions. Some banks already use a combination of behavioral intelligence which includes behavioral biometrics, AI and machine learning (ML) to identify and authenticate users based on their unique behavioral patterns. Data associated with keystroke and mouse usage, touchscreen swipes and app navigation is analyzed by AI algorithms to establish a profile of how each user typically interacts with the system. When this process is integrated into edge devices such as the surveillance cameras gathering a bank branch’s  facial-recognition data , the institution’s security infrastructure can achieve real-time anomaly detection for a more efficient threat response. This shift from reactive to proactive security will be an important advancement.


With these and other applications that use biometrics, banking and financial institutions should work with a reputable manufacturer that has a strong track record of implementing end-to-end banking consumer journeys, among other considerations.


Deployment Considerations


Financial institutions should consider a number of issues when exploring the use of AI in their security infrastructure.


First, AI relies on enormous amounts of data, which introduces the risk of bias in its models and algorithmic decision-making, simply because the human element may be a source of biases during model training. This bias can compromise security conclusions and outcomes. Malicious actors can also exploit these biases to bypass security measures. In general, organizations should always consider how AI models were trained, and AI outputs should always be considered a subjective guide rather than objective truth.


Additionally, robust and ethical data governance practices are critical. This requires being disciplined and conscientious about data sourcing, defining clear purposes for data collection, and maintaining transparency with data subjects.


The banking industry is ripe for incorporating AI into its security infrastructure. Institutions will soon be able to expand AI’s use in existing threat detection and biometric authentication solutions so they are even more effective at detecting and preventing fraud while improving the bank customer experience. Other capabilities are on the way. The more banks embrace AI in their defenses, the more effectively they will be able to defend against AI-based threats while anticipating and addressing potential risks before they escalate.

About the Author

 Edwardcher is a highly skilled solution architect and a digital security expert with an instinctive passion for pragmatic problem solving. He has over two decades worth of experience working in the trenches developing software and delivering solutions & services to the military, telecoms, banks, enterprise and the government with synergies in NFC, TSM and mobile financial services applied with PKI, risk management and strong authentication.

Want to keep reading? This content is for subscribers only.

Login Subscribe