How can a bank claim to be 100% secure?

In yet another conversation about technology in banking, we were discussing how the world has changed in the last ten years.

In just one decade a lightning strike has happened whereby a planet that had connectivity became totally connected. 

Countries and continents that had zero infrastructure were suddenly capable of communication through mobile infrastructure.

That has been the big change of the past decade and it is a dramatic and fundamental change. 

Just the very fact that countries like Afghanistan can process payments via mobile telephones after their formal infrastructures were blown to bits illustrates the point well, as does the distribution of food stamps in Indonesia via text messaging after the islands were devastated by typhoons.

The world is now 100% digitised and this means global communication and commerce 1:1 for everyone on Planet Earth.  And that is a dramatic change.

It also introduces a dramatic risk.

The data pandemic.

The data pandemic is very similar to the bird flu or other human virus pandemic.  It starts small, but can spread rapidly overnight across the planet.

The viruses, malwares, trojans and cybercriminal network can hit anyone, anywhere and, almost within seconds, be global.

So when I tell banks to make the claim that they will keep data 100% secure, it makes the banks the first target for the data pandemic to spawn.

After all criminals rob banks because that’s where the money is, and cybercriminals rob bank networks, as that’s where the money is today.

The question to then ask is how to make a bank 1000% bulletproof if the bank is the first target for the cybercriminal to launch their global data pandemic.

The answer is you won’t.

No-one is bulletproof in today’s world.

But a bank will make the claim because, like scientists dealing with bird flu, they are the first to find the cure for any data pandemic.

Any attack, issue or vulnerability is overcome by banks as fast as they arise.

That is the hygiene factor for a bank today, particularly as the bank is the only secure data vault out there.

PayPal know this.

PayPal is the #1 target for criminal attack.

The fact that PayPal is not in the news being compromised that often is testament to their fraud protection division.

From a great article on PayPal's private governance:

It developed algorithms that could learn over time and became quite good at approving legitimate transactions and preventing bad ones. PayPal had to weigh the risk of letting bad transactions go through against the cost of turning down good ones. Rather than treating the problem of fraud as a legal problem, the company treated it as a risk management one.

In other words, the bulletproof bank – or should we call that the pandemic proof bank? – is the one that is the best at managing the risk of data compromise.

That is why a bank can claim to be 100% secure.

Of course it isn’t. 

It’s just capable of ensuring an affordable level of data compromise through its management systems.