Add Thesis

FinTech: The role of Perceived cybersecurity and Organizational trust

Investigating from a customer perspective technological acceptance in Sweden

Written by D. Laurent, R. Sinz

Paper category

Master Thesis

Subject

Business Administration>Banking & Insurance

Year

2019

Abstract

Master Thesis 2.3.2 Fintech and Information Security Although the ever-changing regulatory environment has first become a catalyst for promoting Fintech phenomena to become the focus of attention, it essentially touches on one of the outstanding challenges of “financial technology”: information security. Due to the nature of the business involved in financial technology, information security has become more prominent. The first argument ultimately relies on the fact that fintech is dealing with the financial industry and they enter the environment as non-traditional service providers. The second argument relies on the characteristics of the financial technology business model. Fintech companies have the right to always be available because it not only represents the core of their business, but also the reason for their existence (Kryparos, 2018, p. 48). However, there is a dilemma between "always available" and security. The expression "always available" reflects the clear promise made by fintech companies, but it is still questioned by cybercrime. The old-fashioned view of achieving security relies on security through obscurity, in which case isolation and limited access are praised. With the rise of the Internet, this “security through obscurity” strategy seems highly imaginative and no longer feasible in an environment where both open networks and web technologies are leading (Kryparos, p. 47). These characteristics, fully accepted by fintech companies, once again confirm the tension between the proposed solutions and the challenges they face. Fintech companies can provide solutions to meet customer needs that have been disrupted by traditional financial institutions so far (Kryparos, 2018, p. 43). However, the problem caused by simplifying the customer experience is that the entire attention has been shifted to the customer side, and finally echoed with financial technology to ensure that the "availability" and "security" paradigm provide feasible solutions. The solution needs to be available, designed to be secure, and customer friendly (Kryparos, 2018, p. 47). At the same time, the concept of time to market, especially in the fintech ecosystem, is a key determinant of surpassing competitors (Kahn 2005, cited in Kryparos, p. 49). The solution needs to answer real-life questions at the same time, keep in mind the needs of consumers, and finally deliver it at the best time. The complexity of demand may have the opposite effect, because overtaking competitors may lead to cutting corners. Reducing orders here simply means choosing the fastest way to achieve the goal, and in the fintech ecosystem, this will be interpreted as launching a product or service without ensuring its safety. 2.3.3 Cybersecurity and information security: commonalities and definitions As mentioned earlier, cybercrime has received a lot of attention in recent years, especially in various incidents that have occurred on the international stage. Therefore, the emergence of cybercrime has caused another problem. The definition and classification of the following terms are currently being discussed: network security and information security. In this line, Von Solms and Von Solms (2018) exchanged ideas on this topic by wondering "what goes where". In order to provide evidence-based arguments, the two scholars sought to inspire the commonalities and definitions of these two words. Von Solms and Von Solms (2018, p. 5) purposefully selected two well-known sources to strengthen their argument. Therefore, network security is defined in accordance with ISO/IEC 27032:2012 and ISACA CSx Network Security Fundamental Research Guidelines. According to the first source, ISO/EIC 27032:2012; cyber security is interpreted as "protecting the confidentiality, integrity and availability of cyberspace information." At the same time, information security is expressed as "the protection of confidentiality, integrity and availability of information" (ISO/IEC 27032:2012(E)). The subsequent main definition lies in contextualization. On the one hand, cybercrime is enclosed in cyberspace, while information security is “ubiquitous”. Therefore, these definitions provide a starting point for scholars to explain. From this perspective, Von Solms and Von Solms (2018, p. 5) mentioned the ISACA CSx Network Security Basic Research Guide to further elaborate on the connection between network security and information security. The guide pointed out that "in fact, network security is part of information security." In addition, Von Solms and Von Solms (2018, page 5) compared these terms and emphasized that based on the ISACA CSx Cyber ​​Security Fundamental Research Guidelines, information security covers all types of information, while in contrast, cyber security and digital assets The protection is related. To some extent, digital assets include the sum of physical or non-physical assets. The inclusion of dual dimensions allows consideration of the protection of the physical installation (network, hardware) and the processing of information due to the transmission of the interconnected network. As a result of the first two points, network security was proposed by Von Solms and Von Solms (2018, p. 6) Read Less