Abstract
The paper is a synthesis of findings on the financial sector’s cybersecurity analysis and e-identity management from the perspective of human-related vulnerabilities. Extensive desk research was conducted to gain a complete picture of the coexisting digital services and their relationship. Based on that, we defined challenges and synthesized our observations, identifying the most severe security risks associated with digital banking and identity services. Our study points out that human errors are the weakest link in the security chain. COVID-19 has accelerated the development of the digital revolution, thus forcing users to use digital services with greater commitment. The acceleration of digital transformation has not been indifferent to hackers, who have quickly adapted to the changing environment. Thus, the risk of exposing inexperienced users to cyberattacks has increased. Human-led attacks, based on naivety, emotion, and lack of relevant knowledge, have posed the most significant threat. Adversaries skillfully maneuver between the offline and online worlds by using fake IDs and sending fake emails. Only proactive countermeasures can stop attacks. Using our expertise, we identified best practices and defined recommendations for the issues discussed, which is our most significant contribution to this study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
References
Bridge Foundation: CyberLabs Raport 2020 (2020). https://98145a31-5189-415e-8474-41672cd6acb7.filesusr.com/ugd/2b3cfe_6421fe7dedef4dd186b1ca3398e37bc5.pdf
ESET: Cybersecurity Trends 2021: Staying secure in uncertain times (2021). https://www.welivesecurity.com/wp-content/uploads/2020/11/ESET_Cybersecurity_Trends_2021.pdf
European Parliament: Regulation (EU) no 1093/2010 of the European parliament and of the council of 24 November 2010 establishing a European banking authority and amending decision no 716/2009/EC and repealing commission decision 2009/78/EC. Official Journal of the European Union (2010). https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32010R1093 &from=EN
European Parliament: Regulation (EU) no 910/2014 of the European parliament and of the council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing directive 1999/93/EC. Official Journal of the European Union (2014). https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32014R0910 &from=EN
European Parliament: Directive (EU) 2015/2366 of 25 November 2015 on payment services in the internal market. Official Journal of the European Union (2015). https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32015L2366 &from=EN
European Parliament: Proposal of the regulation of the European parliament and of the council of amending regulation (EU) no 910/2014 as regards establishing a framework for a European digital identity. Official Journal of the European Union (2021). https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52021PC0281
KPMG: Barometer cyberbezpieczeństwa, w obronie przed cyberatakami (2019). https://assets.kpmg/content/dam/kpmg/pl/pdf/2019/04/pl-Raport-KPMG-Barometr-Cyberbezpieczenstwa-W-obronie-przed-cyberatakami.pdf
Obserwatorium.biz: TRUSTED ECONOMY in the new reality (2020). https://obserwatorium.biz/en/raport-trusted-economy.html
Polish Banks Association: Standard Kwalifikacyjny ZBP - Stosowanie zasad cyberbezpieczeństwa przez pracowników instytucji finansowych (2019). https://zbp.pl/getmedia/076a1ce8-2850-4415-8a45-0f13389e8f97/Standard-Kwalifikacyjny-Stosowanie-zasad-cyberbezpieczenstwa.pdf
Polish Banks Association: Cyberbezpieczny portfel (2020). https://www.zbp.pl/getmedia/156b5c44-bfcc-46cb-a5d1-bd0d141e9ed0/ZBP_CyberbezpiecznyPortfel2020
Puls Biznesu: Zloty Bankier 2020 (2020). https://www.bankier.pl/static/att/281000/7908761_zloty_bankier_2020_final.pdf
Sophos: Cybersecurity: the human challenge (2020). https://www.sophos.com/en-us/medialibrary/pdfs/whitepaper/sophos-cybersecurity-the-human-challenge-wp.pdf
SRK SF: Raport SBKL 2018 (2018). www.rada.wib.org.pl
UKNF: Stanowisko UKNF dotyczące identyfikacji klienta i weryfikacji jego tożsamości w bankach oraz oddziałach instytucji kredytowych w oparciu o metodę wideoweryfikacji (2019). https://www.knf.gov.pl/o_nas/komunikaty?articleId=66067 &p_id=18
Wodo, W., Stygar, D.: Security of digital banking systems in Poland: user study 2019. In: Proceedings of the 6th International Conference on Information Systems Security and Privacy: ICISSP 2020, pp. 221–231. INSTICC, SciTePress (2020)
XOPERO: Cyberbezpieczeństwo: Trendy 2019 (2019). https://lp.xopero.com/raport-2019-trendy-cyberbezpieczenstwo
Zwiazek Bankow Polskich: PSD2 i Open Banking - Rewolucja czy ewolucja? (2019). https://assets.kpmg/content/dam/kpmg/pl/pdf/2019/03/pl-raport-kpmg0-zbp-psd2-i-open-banking-rewolucja-czy-ewolucja.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Wodo, W., Kuźma, N. (2023). Human-Related Security Threats and Countermeasures of Electronic Banking and Identity Services - Polish Case Study. In: Nguyen, N.T., et al. Advances in Computational Collective Intelligence. ICCCI 2023. Communications in Computer and Information Science, vol 1864. Springer, Cham. https://doi.org/10.1007/978-3-031-41774-0_35
Download citation
DOI: https://doi.org/10.1007/978-3-031-41774-0_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-41773-3
Online ISBN: 978-3-031-41774-0
eBook Packages: Computer ScienceComputer Science (R0)