Good Intentions, Bad Security – Finding Footing in Fintech

Feb 6, 2019

Note: A version of this blog post originally appeared in the Center for Financial Inclusion blog

As a financial industry veteran, I have dedicated a lot of time and energy to researching, analyzing and implementing strategies to grow financial businesses. But until last year, I spent very little time thinking about financial inclusion.

When we launched our podcast, The Finance Frontier, the goal was to talk with experts and trendsetters on the emerging topics and dynamic developments in the world of finance. We quickly realized that there is a global explosion in the rise of fintech startups, and a common theme for many of these companies is offering access to financial products and services to unbanked and underbanked people.

An entire series on financial inclusion – the promises and the problems – was born, and it has been a fascinating journey.

The Promises and Problems of Financial Inclusion

Fintech companies see an opportunity – and rightly so – to provide much-needed financial services while making a profit. 1.7 billion individuals are unbanked in the world, and 43 percent of the US population is facing difficulty accessing financial products because of thin/no credit files or a low credit score.

These folks may not have the means to open a traditional bank account, or simply lack ready and easy access to a bank or other kind of institution. It is an important problem to address, and it represents a large market segment. Estimates for the market size of unbanked/underbanked consumers ranges from $188 billion to “a whopping $380 billion.”

But in the conversation about the possibilities of fintech for profit and social good, it’s important to acknowledge the very real concerns around security, data privacy and consumer protection. Are the new companies in the space ready for the realities of what it means to be a financial service provider?

In the most recent episode of The Finance Frontier, I sat down and chatted about this very topic with Patrick Traynor, author of the new report “Digital Finance and Data Security,” and Pablo Anton Diaz, research manager at the Center for Financial Inclusion.

Together, we explore what happens when the systems that are focused on expanding financial inclusion are poorly designed and executed, and talk through what new companies need to take into account as they break into the market.

Solving Problems…

Fintech companies are growing in both number and value, and it’s because they are opening a door into financial opportunity for groups that didn’t previously have one. Through alternative business models, like digital banking (no bricks & mortar branches), peer-to-peer money lending, access to alternative data and more, fintechs are filling in the gaps that traditional banks have left open in the market.

Much of this is fueled by the rise of mobile technology and its supporting infrastructure, and people are taking note. In countries with emerging economies, EY recently found that 46% of consumers are adopting some kind of fintech solution, with 84% of consumers aware of some kind of these services.

Much of this focuses on moving money, with payments and money transfers accounting for roughly 50% of the daily active customer use. Additional categories include insurance, savings, investments and financial planning.

This demand is not slowing down, and consumers continue to show their enthusiasm for fintech solutions. But there is growing concern among industry professionals that this may be moving too quickly.

…But Creating Problems, too

In this podcast, Pablo, Patrick and I talk about the excitement of fintechs. But we also talk about the very real challenges of consumer protection, data security and the changing nature of criminals who increasingly focus on stealing personal information.

In his paper “Digital Finance and Data Security,” authored as a research fellow for the CFI, Patrick examined the security of more than 50 fintech solutions. He looked at the privacy policies and options for consumer recourse from companies providing fintech services, and the results were eye-opening: “We see a pretty widespread set of configurations and security standings and some of them are actually downright dangerous.” And as Pablo writes in this blog for CFI, “No company studied was perfect, some were good enough, and some had real vulnerabilities.”

Building A Bright Future

Despite some of the challenges that Patrick and his research team discovered, fintech does represent a bright future for people who truly need access to finance products and services. While security requirements will continue to evolve, groups like the CFI, as well as individuals like Pablo and Patrick, are shining a light on some of the gaps that companies have today.

In the interview, we address data questions and planning that fintech companies need to consider, as well as baseline security assumptions that fintechs need to plan around.

After more than 30 years in the financial services industry, I can say with certainty that security challenges are not going to disappear. But the thoughtful, careful and meticulous development of fintech products and services can help bring more people into the world of financial inclusion, without creating a buffet of data for criminals to feast on.

As Patrick says in this episode of the podcast, “If we get this wrong, we risk having another generation being excluded from the global financial infrastructure and that would be a tragedy. But if we get it right, then this can be something that can be a real differentiator between these companies.”

Be sure to listen to this episode of The Finance Frontier for a full discussion about the findings of this research, as well as the efforts to work with companies with security risks.

Special thanks to Pablo and Patrick for joining me in this fascinating interview!

Ready to incorporate a Zoot Solution into your stack?