Strengthening Malaysian Fintech: Cybersecurity at the Core

In the rapidly evolving financial landscape of Malaysia, fintech companies are at the forefront of innovation, revolutionising financial services to provide enhanced ease and accessibility to users. These companies offer unparalleled convenience and efficiency, leveraging digital platforms to deliver services such as mobile banking, online lending, and investment management. According to Malaysian Fintech Report 2023, the Malaysian fintech ecosystem grew to 313 companies in 2023 from 291 in 2022, despite some closures among BNPL and digital lending firms. Moreover, the number of users in Malaysia's digital payments segment reached over 20 million, highlighting the widespread adoption of digital financial services. However, as digital transactions increase in occurrence, the issue of trust emerges as a central concern for both users and providers of fintech services.

Credit: New England Institute of Technology

At the core of trust in Malaysian fintech lies cybersecurity, a multifaceted discipline focused on protecting digital assets, mitigating cyber threats, and ensuring the integrity and confidentiality of financial data. As Fintech platforms handle sensitive information such as banking credentials, personal identification details, and transaction records, they become prime targets for cyberattacks and data breaches. Globally, the rate of ransomware attacks in the financial services sector has increased from 55 percent in 2022 to 64 percent in 2023 according to the “Sophos The State of Ransomware in Financial Services 2023” report. Furthermore, high-profile security breaches at major corporations such as Yahoo, Uber, Equifax, and Google have highlighted the vulnerabilities within digital infrastructures and the dire consequences of inadequate security measures. Consequently, robust cybersecurity measures are imperative to prevent massive financial losses, legal repercussions and any damage to the reputations of Fintech companies.

In this exploration of building trust in Malaysian fintech, we delve into the pivotal role of cybersecurity with the aid of Artificial Intelligence (AI) in order for banks and fintech companies to find a way forward that allows for technical innovation and performance without compromising security. Utilising AI, fintech organisations can streamline their security measures by automatically detecting anomalies, new patterns, unusual behaviour and fraud trends in the system in real time to interact with other systems for intrusion alert. Companies can also opt to use genetic algorithms as an inexpensive cybersecurity tool to have an efficient fraud detecting system. This tool has been utilised collectively with support vector machines for bankruptcy prediction, have collaborated with neural network algorithms for accurate credit card fraud detection and have jointly been used with artificial immune systems to minimise the rate of false alarms in fraud detection. As cyber criminals are already leveraging automation to make attacks more effective and persistent, adopting cutting-edge technology must be integrated into security tools to allow fintech companies to keep pace with digital perpetrators.

Credit: Olivier Le Moal / Shutterstock

Alongside this, Fintech businesses who seek to strengthen their cybersecurity posture can implement a Zero Trust security model which operates on the principle of “trusting nothing and verifying everything”. According to Zscaler, a top provider of cloud security solutions, over 90% of IT executives who have initiated their transition to the cloud have either adopted, are in the process of adopting, or are considering adopting a zero-trust security framework. The Zero Trust approach revolutionises traditional security paradigms by advocating for the constant verification of every user and device attempting to access an organisation’s network resources, irrespective of their location or perceived trustworthiness. By eliminating the inherent trust previously granted to users and devices within the network perimeter, zero-trust models significantly reduce the attack surface and mitigate the risk of lateral movement by malicious actors. Through strict access controls, encryption, and continuous monitoring, organisations can protect cloud environments against cyber threats, ensuring data confidentiality, integrity, and availability.

As Fintech firms continue to expand their digital footprint and adopt emerging technologies such as artificial intelligence, blockchain and cloud computing, they must remain vigilant in identifying and mitigating cybersecurity risks proactively. Furthermore, the government plays a vital role in promoting the growth and safety of Fintech firms to ensure a healthier digital economy. Royal Malaysia Police (PDRM) has developed its own Cryptocurrency unit to focus on cases involving fintech and the Malaysian Digital Economy Corporation (MDEC) has developed a programme namely, Fintech Booster to assist local and foreign Fintech companies to develop products and services. By prioritising cybersecurity initiatives, Malaysian fintech companies can cultivate a secure and resilient ecosystem that can sustain long-term growth in the digital financial landscape.

Written by: Umaira Sofeya

About MYFinT Malaysian Youth FinTech Association (MYFinT) is a non-profit youth organisation dedicated to to empower, motivate and inspire the young generation in all industries to gain exposure to the latest trends and development in FinTech industry.