GoTyme, the digital banking arm of the Gokongwei Group of Companies, maintained that as digital banking continues to grow, there is indeed a need for cybersecurity to be a top priority for banks to protect both their customers and their assets.
Recent reports estimate that the number of cyber fraud incidents has nearly tripled over the last ten years, keeping along the trajectory of more banking services moving online, thus creating more opportunities for so-called bad actors.
Earlier this year, the Bangko Sentral ng Pilipinas (BSP) said card-not-present fraud is the most common cyber incident in the country, stating that there were 5,211 cases in 2022, in which scammers have obtained victims' key payment details without a physical card being presented to merchants to carry out fraudulent transactions.
This accounted for 31 percent of the cyber incidents reported to the BSP by consumers in 2022, with the amount involved estimated at P467 million.
Phishing was the second-most prevalent cybercrime in 2022, with 6,295 incidents involving cash amounting to P623 million.
Account takeover or identity theft came in third with 3,104 reported incidents involving losses amounting to P409 million.
On the other hand, the Philippine National Police (PNP) said that online scams, particularly swindling, were among the most rampant in the country, accounting for 15,000 incidents.
As of the end of January, the PNP Anti-Cybercrime group reported 2,999 cases of cyber identity theft in 2023, garnering a 12.2 percent rise from the 1,402 registered in 2022.
Emerging tech, for good or for ill
As cybersecurity across organizations evolves, so do bad actors' methods.
Fraudsters exploit the weak points in new technologies and launch fresh strategies.
A recent study by Keeper Security, which surveyed more than 800 IT security leaders globally, indicates a concerning emerging trend: 95% of participants reported that cyberattacks have become more sophisticated than ever before, with AI-powered attacks and phishing as the most alarming and rapidly growing threats.
Other areas of concern include cloud vulnerabilities, endpoint security, insider threats, and third-party bank networks.
But as in most everything, an ounce of prevention is worth a pound of cure, especially in fraud defense.
By proactively bracing for cyber threats, organizations like banks can safeguard their health and reputation as attacks become more complex.
During an earlier interview with DAILY TRIBUNE, GoTyme Bank's president and CEO Nate Clarke said that GoTyme fully understands that security is a top priority for its customers, hence the bank makes sure to invest in the latest technology and industry-leading security practices to keep customer information safe.
"We use advanced security measures and conduct thorough penetration testing on any changes we make to our systems," he says.
"This includes working with third-party experts, some of whom have experience as ethical hackers. Like other banks, we are regulated by the BSP and undergo regular independent cybersecurity audits to ensure our defenses are strong."
He said internal housekeeping is also stringent, but GoTyme runs rigorous background checks on all employees before they join the team.
Its fraud team has a specialized unit focused solely on detecting and preventing internal threats.
Clarke says, "All access to customer data by our customer success advocates and personal bankers is logged. This allows us to analyze patterns and identify any suspicious activity. We also have a comprehensive auditing system in place, which allows us to review past activity and investigate any potential incidents."
Overall, Clarke believes that GoTyme is in "a luxurious position" when it comes to cybersecurity because it is building new structures from scratch.
"If you think about a house that's a hundred years old and it's had twenty different additions, put on it…the chances of you getting a leak are greater—and it's also harder to patch up," Clarke says.
"We're lucky; we're building fresh, all-modern technology and the latest from a security perspective, which makes it easier to provide the best kind of perimeter insulation, as it were."
For his part, Albert Tinio, GoTyme co-CEO, reiterates the importance of cooperation among different groups to keep such bad actors from inflicting further damage.
"At GoTyme, we believe security is a two-pronged approach. While we invest in the latest and greatest security technology, we know that user education plays a vital role. That's why we've actively partnered with organizations like the Cybercrime Investigation and Coordinating Center (CICC) and Scam Watch Pilipinas to educate our users on current phishing and scam schemes. We teach everyone how to identify these scams and encourage them to immediately report any suspicious activity to the CICC," he said.
Tinio says that collaborating closely with the government achieves two key goals, namely, increasing public awareness that GoTyme strongly condemns these scams and is not involved in any of them, and providing a clear course of action for users to report scams and help authorities track down the perpetrators.
