EU project FINSEC mitigates cyber-physical risks for banks

Milano, 14 October 2021 – In 2020, financial services organisations were the targets of over 3.4 billion credential-stuffing attacks. This translated to an increase of more than 45% over the previous year*. Emerging cyber-attacks could put between 10 and 30 percent of the financial institutions’ profits at risk**.

FINSEC is a flagship project funded by the European Commission that created a platform that will greatly enhance the financial industry’s security infrastructure. GFT Italia coordinated the collaboration of 23 international partners that were involved in the project. 

FINSEC improves security of ATMs

One of the use cases covered by FINSEC, and one that makes it very easy to understand the practical benefits of the project, concerned the security of ATMs. ATMs are still profitable targets for criminals, and banks and their customers are at serious risk from fraud and robbery at ATMs. The FINSEC system analyses ATM CCTV camera images and uses Machine Learning algorithms to detect physical attacks against both the customer or the ATM itself. It also detects when criminals try to manipulate an ATM or to steal customer data to illegally withdraw funds.

Reference architecture validated through pilot projects

But of course, FINSEC is much more than only ATM security. The project partners validated the implementation of the reference architecture through a series of concrete pilot projects. They involved various stakeholders (banks, capital management, insurance companies, card payments and P2P providers) and used Machine Learning algorithms to identify and contain potential threats. The number of use cases produced far exceeded the budgeted number. High-impact scenarios developed included:

• SWIFT network monitoring 
• data centre and ATM protection 
• peer-to-peer payment network protection 
• financial SME infrastructure security 
• Insurance Companies risk management.

In addition, financial institutions can share information about risks and threats through a platform for collaborative security based on blockchain technology.

"FINSEC impressively shows how the fight against cybercrime can succeed. This benefits financial institutions and consumers alike," says Marika Lulay, CEO of GFT. Fabrizio Di Peppo, Delivery Executive Manager, European Projects client unit of GFT Italia added: "The route we embarked on three years ago has allowed us, in the privileged role of coordinators, to come into contact with truly extraordinary international teams We are pleased and honoured to have provided our best resources and technological expertise to coordinate and deliver a project that contributes to innovation and security in the financial sector for the benefit and protection of citizens and businesses in the European community."

FINSEC represents the first concrete result of a path that has seen GFT Italia already lead other European projects such as INFINITECH, started in October 2019 with the aim of supporting financial and insurance organisations in the innovation process driven by Big Data, Artificial Intelligence and Internet of Things, and PHYSICS, started in January 2021 with the aim of democratising the implementation of the Function-as-a-Service (FaaS) paradigm applied to Smart Manufacturing, e-Health and Smart Agriculture.

*) Phishing in the financial sector, Akamai, May 2021, https://www.akamai.com/it/it/multimedia/documents/state-of-the-internet/soti-security-phishing-for-finance-infographic-2021.pdf 
**) Cyber Risk for the Financial Sector: A Framework for Quantitative Assessment, IMF, June 2018, https://www.imf.org/-/media/Files/Publications/WP/2018/wp18143.ashx