Ovum Research: PSD2 to Cause a Decline in Online Volumes by 2027

Ovum, a market research and consulting company, has released a study that shows how PSD2 will drive single card payments down by 37% until 2027.

The research Instant payments and the post-PSD2 landscape, commissioned by Icon Solutions, provides insights into how PSD2 will lead to a decline in card transactions and an increase in frictionless payment methods such as Instant Payments in Europe.

The new European Payment Service Directive will cause ecommerce card usage to stagnate at current levels of around EUR 260 billion annually, instead of hitting the EUR 411 billion mark predicted without PSD2. On the other hand, the directive will boost frictionless payment methods, like Instant Payments and ewallets, which are expected to overtake cards.

As ecommerce card payments decrease by 37%, digital wallets and Instant Payments will become the two dominant payment methods as early as 2024, absorbing an average of 29% of expenditure across Europe.

The shift from ecommerce to digital channels will pressure merchants into adopting an omnichannel approach and to support new payment methods, the study shows.

The research, conducted by Ovum and commissioned by Icon Solutions, covers ten Europe-based markets and uses data from a European payments database, built from several sources including, national banks, national statistics agencies, and payments associations.

Cybersecurity’s Next Frontier: CBInsights Report

A wonderful thanks once again to Anand Sanwal and the team at CBInsights for great data.

CB Insights has been used data to identify over 80 private companies in cybersecurity that are using AI and categorized them into the nine main areas in which they operate. Two unicorn companies valued at over $1B are included in the map: the automated endpoint protection company Tanium and the predictive intelligence company Cylance.

Scroll down to see the market map and full table of companies included.

Category Breakdown

Anti Fraud & Identity Management: This is the most populated category within the cybersecurity AI market. Startups in this category mainly help secure online transactions by identifying fraudsters. For example, the company FeedZai utilizes machine learning algorithms to proactively detect fraud in financial transactions. Similarly, companies like Socure can detect fraudulent users on websites and in mobile applications also using machine-learning algorithms.

Mobile Security: Included in this category are startups such as Appthority, which provides a cloud-based platform that automatically identifies and grades risky behavior in mobile apps including known and unknown malware, new malware used in targeted attacks, corporate data ex-filtration, and intellectual property exposure. Similarly, Skycure’s predictive technology leverages massive crowd knowledge to proactively identify threats to secure mobile devices.

Predictive Intelligence: Companies such as the unicorn company Cylance aim to couple sophisticated math and machine learning with a unique understanding of a hacker’s mentality, and by doing so offer technology and services that are predictive and preventive against advanced cyber threats. Likewise, the company SentinelOne uses predictive execution modeling to detect and protect network devices against targeted, previously unknown threats in real time.

Behavioral Analytics / Anomaly Detection: Startups in this category include Darktrace which uses advanced mathematics and machine learning to detect anomalous behavior in organizations’ systems and networks in order detect cyber-attacks. Unlike software that puts locks on doors, Darktrace’s approach allows enterprises to protect their information and intellectual property from state sponsored, criminal groups or malicious employees who are already inside the network as well as from external attacks. Companies such as BehavioSec offer a behavioral biometric systems that creates digital fingerprints from an end-user’s behavior through monitored keystrokes, mouse behavior, and anomaly detection to ensure security of IT organizations, e-commerce, and more.

Automated Security: Startups in this category include unicorn company Tanium, which couples an application of AI known as natural language processing with endpoint protection on a massive scale. Tanium empowers security and IT operations teams to ask questions about the state of every endpoint across the enterprise in plain English, automatically retrieve data on their current and historical state, and execute change as necessary within seconds. Other companies include Demisto which offers systems that are designed to automate security tasks across 100+ security products and weave human analyst activities and workflows together.

Cyber-Risk Management: Companies in this category range from cyber-insurance oriented companies to those that are security policy and compliance focused. For example, Cyence empowers the insurance industry to understand the impact of cyber risk in the context of dollars and probabilities. Other companies include Cybersaint, which offers solutions for streamlining the cyber-risk compliance process. Slightly different, but still within the business of managing cyber risk is the company Wiretap, which helps secure enterprise social networks, as well as collaboration tools, by securing against intellectual property and confidential data leaks, insider threats, HR policy violations, compliance issues, and external sharing risks.

App Security: Companies in this category are focused on securing specific enterprise applications rather than entire networks. This includes both web-based and dev-ops oriented applications, and more. This category includes companies such as Authbase, which provides frameworks to help developers secure applications by finding, fixing, and monitoring web, mobile, and networks against current and future vulnerabilities; the company Cryptosense, whose software employs a unique mix of formal analysis and machine learning to find security flaws in cryptographic systems; and Cyber 20/20, which monitors network traffic for suspicious activity within applications and automatically submits them to a machine learning platform, where they are analyzed and shown to be malicious or not.

IoT Security: These startups include SparkCognition, which develops AI-powered asset-protection software for the safety, security, and reliability of the IoT. Bastille Networks utilizes machine learning algorithms to secure the IoT on corporate campuses by identifying airborne threats such as hidden recording devices or transmitters in a conference room, and allow for a preemptive response to data theft. CUJO is a smart firewall that protects a user’s connected home from criminal hackers by using a combination of cloud services, machine learning, and mobile apps to manage the network.

Deception Security: illusive networks provides solutions that combat Advanced Persistent Threats by proactively deceiving and disrupting in progress attacks. CyberFog (dba CyberSwarm) offers a deception tool that detects and fights cyber attacks by creating a neural network of thousands of fake computers, devices, and services that act like a fog and work under the supervision of machine learning algorithms.

Market Map

Click on the image below to enlarge. Categories are not mutually exclusive and companies may operate across multiple categories. This market map is not meant to be exhaustive of companies in the space. See the full list of companies below the category breakdown.

Cyber-Ai-Market-Map-6.17-body-image-3

Forecast Report: Banks Fines Greater Than EUR 4.5 bln under GDPR

Consult Hyperion together with AllClear ID have released a report that forecasts banks to face fines totalling EUR 4.7 billion in the first three years under the new GDPR.

Furthermore, the report GDPR: Banks, Breaches and Billion Euro Fines also predicts the number of data breaches in the European financial services sector over the next three years and corresponding fines under GDPR (General Data Protection Regulation). As result, financial institutions may experience 384 data breaches with fines as high as EUR 260 million per breach.

The figures were compiled from an analysis of historic data breach figures, adjusted for the size of financial institution. GDPR sanction levels were then applied to the data. It was assumed that breaches were at the lower end of the GDPR fine scale, which is EUR 10 million or 2% of global annual turnover.

Under GDPR financial penalties for a data breach are substantial. Institutions can receive fines of up to 2% of the previous year’s global annual revenues for a first offence and 4% for repeat offences where the regulator has previously ordered remedial action. There are also possible criminal penalties for executives deemed responsible.

Furthermore, GDPR’s 72-hour breach notification requirement means managing and responding to a data breach in an open and effective manner is critical. Regulators have significant discretion in the level of penalties they can levy, and are required to take planning, customer notification and mitigation into account in the decision.

To compound the issue, new European regulations such as PSD2, ePR and AMLD4/5 will mandate institutions hold more data and make it available over open interfaces, just when data loss becomes especially dangerous.

With less than a year before GDPR goes live the report advises banks to take urgent action to meet GDPR and other legislative requirements to avoid financial and reputational loss.

ecommerce in Malaysia to rise 23% YOY

AT Kearney, the management consulting company, has just released its 2017 Global Retail Development Index in which it expects the Malaysian ecommerce market to grow by 23% year on year until 2021. The company also ranks Malaysia in 3rd place among the top 30 developing countries for retail investment, behind China and India.

Figures from on a government-backed investment plan of USD 280 million to roll out high speed broadband infrastructure to rural areas have been used as the basis of the report. The plan was initiated in 2016 and is expected to be a core for the ecommerce expansion in Malaysia.

Malaysia’s increasing higher disposable income, as well as the government’s investment in infrastructure (growing retail growth in the tourism sector) is another set of key factors. In 2016, the country’s retail industry grew by 3.8% thanks to a 6.1% increase in private consumption.

The company also highlighted Malaysia’s plan to become a cross-border ecommerce hub with the opening of the first Digital Free Trade Zone in partnership with Alibaba, which will allow SMEs to process their online transactions through the Chinese group.