Breaking News
Comment From Arxan on Security Risks of CMA’s Shared Banking Data Scheme
Winston Bond, EMEA Technical Director at Arxan Technologies, comments: “Today’s announcement from the Competition and Markets Authority that banks should offer all of their core services via mobile is great news for consumers seeking more freedom and flexibility, but could also leave the door open for an unprecedented cyber-attack if the banks are not able to meet the increased demand for security.
“Cyber security remains a major concern for mobile financial apps, and all of the most popular apps we tested for our 2016 State of Application Security Report had at least one major security flaw that could be exploited by attackers. The most common issue is a lack of binary protection, which could allow cybercriminals to tamper with the app and steal personal data, and most apps also lack sufficient protection in the transport layer, potentially enabling thieves to intercept data transmissions.
“APIs (Application Protocol Interfaces), which are a major cornerstone of the CMA’s plan for banks to share consumer data, can also provide an easy route for attackers if not properly secure. Most APIs use a simple authentication protocol to confirm access to server assets. The usual approach is a simple-challenge response exchange that relies on cryptographic keys to keep it secure. If attackers are able to break into the app and decompile its code, they can root out these keys and use them to connect to any authorised system – including the bank’s servers.
“With mobile financial apps already providing so many attack vectors, both the banks and “approved firms” involved in the data sharing scheme will need to be even more vigilant in proofing their applications against criminals. The more data is shared and interconnected, the greater the risk of attackers being able to infiltrate multiple organisations to operate large scale data theft.
“Advanced app hardening techniques such as code obfuscation and white box cryptography will help to protect against many of the risks inherent in mobile apps, but all parties involved must explore every available route to protecting this potential vast collection of data from attack. With data shared on this scale, there can be no weak links if the scheme is to succeed.”
- Cheaper, Faster… Riskier: Over Half Of Brits Plan To Use ChatGPT For Completing Their Tax Returns Read more
- WorkFusion Raises $45 Million in Funding to Fuel Growth for Agentic AI for Financial Crime Compliance Read more
- AI-Powered E-commerce, Stablecoins and Local APMs: Emerging Trends Headline EBANX’s Payments Summit in Mexico Read more
- Second Day of Money20/20 Middle East Unveils Next-Gen Solutions at the Region’s Largest Ever Fintech Gathering Read more
- United Gulf Financial Services Joins The Hashgraph Association and Exponential Science Foundation Adding $1M to Hedera Africa Hackathon Pool Prize Read more
Cheaper, Faster… Riskier: Over Half Of Brits Plan To Use ChatGPT For Completing Their Tax Returns
More than half (59%) of Brits admit that they’ll use AI to help with their tax return
WorkFusion Raises $45 Million in Funding to Fuel Growth for Agentic AI for Financial Crime Compliance
WorkFusion, a pioneer in AI agents for financial crime compliance (FCC), today announced it raised $45 million in funding.
AI-Powered E-commerce, Stablecoins and Local APMs: Emerging Trends Headline EBANX’s Payments Summit in Mexico
How could AI agents search, compare and pay for things? What makes stablecoins a game-changer for cross-border digital commerce? Why are local Alternative Payment Methods (APMs) crucial for any business wanting to enter and scale in emerging markets?
Second Day of Money20/20 Middle East Unveils Next-Gen Solutions at the Region’s Largest Ever Fintech Gathering
Day two of Money20/20 Middle East in Riyadh brought together global leaders in fintech, banking, and financial services to discuss the future of money and finance in the region.
United Gulf Financial Services Joins The Hashgraph Association and Exponential Science Foundation Adding $1M to Hedera Africa Hackathon Pool Prize
United Gulf Financial Services (UGFS North Africa), a leading venture capital firm offering innovative companies and startups with financial support and mentoring services, has announced a partnership with The Hashgraph Association, a Swiss non-profit organization driving global adoption of Hedera-powered solutions by funding innovation, training, certification, and venture building programs, and Exponential Science Foundation, a not-for-profit foundation accelerating responsible tech adoption, via research, education, and innovation activities, for Hedera Africa Hackathon 2025, the biggest hackathon in Africa aimed at enabling the next generation of Web developers and empower economic inclusion in Africa with a digital future for all.
Payhawk Transforms Spending Experience for Businesses With Four Enterprise-Ready AI Agents
Payhawk announced set of AI agents that complete everyday finance work as part of its product launch
Alipay+ to Launch in Saudi Arabia, Facilitating Cross-Border Mobile Payments for Local Merchants
Ant International will launch cross-border QR code payments between the Saudi Arabia’s (KSA) national payment scheme, mada, Alipay+, during 2026 to drive digitisation and inclusive growth for local merchants.
Cheaper, Faster… Riskier: Over Half Of Brits Plan To Use ChatGPT For Completing Their Tax Returns
More than half (59%) of Brits admit that they’ll use AI to help with their tax return
WorkFusion Raises $45 Million in Funding to Fuel Growth for Agentic AI for Financial Crime Compliance
WorkFusion, a pioneer in AI agents for financial crime compliance (FCC), today announced it raised $45 million in funding.
AI-Powered E-commerce, Stablecoins and Local APMs: Emerging Trends Headline EBANX’s Payments Summit in Mexico
How could AI agents search, compare and pay for things? What makes stablecoins a game-changer for cross-border digital commerce? Why are local Alternative Payment Methods (APMs) crucial for any business wanting to enter and scale in emerging markets?
Second Day of Money20/20 Middle East Unveils Next-Gen Solutions at the Region’s Largest Ever Fintech Gathering
Day two of Money20/20 Middle East in Riyadh brought together global leaders in fintech, banking, and financial services to discuss the future of money and finance in the region.
United Gulf Financial Services Joins The Hashgraph Association and Exponential Science Foundation Adding $1M to Hedera Africa Hackathon Pool Prize
United Gulf Financial Services (UGFS North Africa), a leading venture capital firm offering innovative companies and startups with financial support and mentoring services, has announced a partnership with The Hashgraph Association, a Swiss non-profit organization driving global adoption of Hedera-powered solutions by funding innovation, training, certification, and venture building programs, and Exponential Science Foundation, a not-for-profit foundation accelerating responsible tech adoption, via research, education, and innovation activities, for Hedera Africa Hackathon 2025, the biggest hackathon in Africa aimed at enabling the next generation of Web developers and empower economic inclusion in Africa with a digital future for all.
Payhawk Transforms Spending Experience for Businesses With Four Enterprise-Ready AI Agents
Payhawk announced set of AI agents that complete everyday finance work as part of its product launch
Alipay+ to Launch in Saudi Arabia, Facilitating Cross-Border Mobile Payments for Local Merchants
Ant International will launch cross-border QR code payments between the Saudi Arabia’s (KSA) national payment scheme, mada, Alipay+, during 2026 to drive digitisation and inclusive growth for local merchants.