While those legacy systems are preferred for their stability, reliability, availability, and security properties, in adapting the frontends and services many security and privacy issues can occur. Clearly, this issues are arising as those systems have been designed decades ago, without considering the enormous amounts of data that they are required to handle and also considering different threat scenarios. Moreover, the trend towards using new technologies such as Distributed Ledger Technologies (DLT) has also emerged in the financial sector. As the nodes in DLT systems are decentralized, additional security threats come to light.
The focus of this work is the security of financial technologies in the FinTech domain. We provide relevant categorization and taxonomies for a better understanding of the main cyber-attack types, and suitable countermeasures. Our findings are supported by using security-by-design principles for some selected critical financial use-cases, and include a detailed discussion of the resulting threats, attack vectors and security recommendations.
Category / Keywords: applications / DLT, blockchain, cyber-attack taxonomy, FinTech, threat modelling, cyber-attack countermeasure Date: received 15 Nov 2020 Contact author: ralph ankele 2015 at live rhul ac uk, branka stojanovic@joanneum at, kai nahrgang@joanneum at Available format(s): PDF | BibTeX Citation Version: 20201119:093718 (All versions of this report) Short URL: ia.cr/2020/1440