October is Cybersecurity Awareness month but 2024 might be the year that digital fraud took on a dangerous new year-round urgency, in Canada and around the world.
In today’s increasingly digital economy, cybersecurity has become an essential focus for businesses of all sizes, particularly small businesses and fintechs. To discuss the unique challenges these companies face, we spoke with Amisha Parikh, Vice President of Security Solutions at Mastercard.
In this Q+A, Parikh shares insights on the importance of cyber hygiene, the growing threats posed by AI-enhanced cyberattacks, and practical steps for building a robust cybersecurity framework.
She also highlights Mastercard’s initiatives, including partnerships and resources designed to help small businesses and fintechs strengthen their defences and stay resilient against evolving cyber threats.
Cybersecurity is a growing concern for small businesses, including fintechs. Why is it so critical for them to prioritize cyber hygiene now more than ever?
AP: With the rise of digital payments and the growing reliance on online platforms, small and medium businesses, including fintechs and startups, might believe that their size of business makes the risk of cyberattacks low; in reality, cybercriminals might see these businesses as easy targets. According to Mastercard research, only 16 per cent of small-business owners in Canada felt prepared for a cyberattack. Cyber hygiene—like keeping software up to date and using strong, unique passwords—is an essential first line of defence. Ignoring these practices can lead to devastating breaches, loss of customer trust and financial damage.
What common cyber threats should fintechs be aware of, and how can they protect themselves?
AP: Phishing attacks, ransomware and identity theft are among the most common threats that fintechs face. Cybercriminals are becoming more sophisticated, using techniques like AI-driven phishing emails that can look incredibly authentic. Fintechs need to be diligent about the use of multi-factor authentication (MFA), regularly update their systems and educate their employees about recognizing phishing attempts. We also offer a complementary Cybersecurity Assessment Tool on the Mastercard Trust Centre, which helps small-and-medium businesses assess their vulnerabilities and provides actionable recommendations for improvement.
Could you tell us more about the importance of multi-factor authentication (MFA) and how fintechs can implement it effectively?
AP: Multi-factor authentication (MFA) is one of the most effective ways to protect against unauthorized access. By requiring not just a password but a second form of verification, such as a fingerprint or a one-time passcode, MFA adds a critical layer of security. Given that password fatigue is a real issue—with many users reusing passwords across multiple platforms—MFA is especially crucial for fintechs where sensitive financial data is involved. We recommend that fintechs make MFA mandatory for all users and consider biometric solutions like fingerprint or facial recognition for an even more secure and seamless experience.
What role does AI play in both enabling and combating cyber threats?
AP: AI is a double-edged sword. Cybercriminals are using AI to create more convincing phishing attacks and deepfakes, making it harder for traditional security measures to keep up. But on the flip side, AI is also one of our greatest weapons for combating these threats. At Mastercard, we use AI to analyze billions of transactions in real-time, identifying patterns and anomalies that might signal fraud or cyber threats. AI helps us stay one step ahead by detecting and mitigating threats before they cause significant harm.
For fintechs just starting out, what steps would you recommend they take to build a robust cybersecurity framework?
AP: Start with the basics: ensure your team is educated about cyber risks, enforce strong password policies and implement multi-factor authentication. Regularly update all software and systems and invest in reliable encryption technologies to protect sensitive data. Establishing a strong foundation from the start will save a lot of headaches and potential losses down the road.
October was Cybersecurity Awareness Month, and Mastercard partnered with two popular podcasts in Canada to raise awareness. Could you share more about that initiative?
AP: Yes, for Cybersecurity Awareness Month, we partnered with Nighttime and Dark Poutine, two highly engaging true crime podcasts, to discuss the real-world consequences of cybercrime. These episodes highlight how cybercriminals operate and what small businesses, including fintechs, can do to protect themselves. The podcasts provide actionable tips on improving cybersecurity hygiene and underscore the importance of staying vigilant in this constantly evolving digital landscape.
How is Mastercard helping fintechs and small businesses improve their cybersecurity practices?
AP: We’re committed to supporting fintechs and small businesses through resources like the Mastercard Trust Centre. It’s an online hub offering education and support to help strengthen their cyber defences. One of our key offerings is the Cybersecurity Assessment Tool, which provides businesses with tailored recommendations based on their current level of cyber preparedness. Additionally, we’ve partnered with other industry leaders to support cutting-edge solutions, like biometric authentication and tokenization, to reduce the risks associated with traditional passwords and protect against fraud.
Looking ahead, what cybersecurity trends should fintechs keep an eye on?
AP: One of the biggest trends is the move toward password-less authentication, which uses biometric data like fingerprints or facial recognition. This not only improves security but also creates a more seamless user experience. With the rise of AI, fintechs also need to be aware of both the opportunities and threats it presents. Staying proactive and continuously adapting to new technologies will be key to staying ahead of cybercriminals. I encourage fintechs to regularly check the Mastercard Trust Centre for updates and best practices to help ensure their defences are always up to date.
Leave a Reply