Ramesh Mallya, Chief Technology Officer (CTO) of DBS Bank India
India’s banking sector has been undergoing a seismic shift. The rise of India’s digital stack, affordable data, and the social distancing brought about by the pandemic have together compelled consumers to go online, accelerating digital adoption across sectors, particularly in banking. As familiarity with and use of new technology increase, the importance of a robust security framework becomes incontestable, and banking is no exception. A three-pillar strategy—encompassing proactive security measures, threat intelligence, and continuous customer education—is crucial for building trust and mitigating risks.
The first pillar focuses on inherent security features, as greater digitalisation brings a heightened need for security. Banks must implement end-to-end encryption, secure APIs, and continuous monitoring tools for early threat detection. Technology has democratised access to banking services and significantly increased convenience by integrating banking into the consumer’s digital experience. However, while striving for a seamless user journey by minimising transaction steps, banks must balance expediency with security. Unlike sectors such as e-commerce, banking cannot aim for a completely frictionless experience, as additional steps to verify, authenticate, or approve transactions can help prevent consumers from letting down their guard—whether by approving unwanted payments or clicking on links without checking the details. In such cases, additional security layers such as multi-factor authentication, video KYCs, tokenisation, device fingerprinting, and biometric identification can help prevent unauthorised access. Meanwhile, measures such as dynamically adjusting security layers based on transaction context can help reduce the risk of breaches. As the pace of technological progress accelerates and cybercriminals devise more ways to bypass defences, financial institutions must continuously refine this balancing act—setting up guardrails while ensuring a smooth customer experience.
Banks are the first line of defence against financial cybercrime; therefore, the importance of the second pillar—proactive intelligence on potential threats, suspicious activity, and early warning signs—cannot be overstated. A comprehensive defence strategy includes robust network security, encryption (both at rest and in transit), and decentralised data storage to minimise the risk of breaches. Continuous monitoring and the use of advanced analytics, AI, and machine learning can aid in real-time anomaly detection and response. Periodic reviews of coding practices and security audits help identify vulnerabilities and prevent their exploitation by malicious actors. Finally, having a holistic disaster recovery plan in place is essential to normalising operations post-incident—an indispensable safety net in today’s unpredictable environment.
The final pillar of a strong cybersecurity strategy involves institutionalising a robust, ongoing plan for customer education and awareness campaigns, ensuring that users are well-informed about best practices for safe online banking. This can include everything from emphasising the importance of strong, unique passwords to workshops and video tutorials on recognising and handling phishing attempts.
India’s digital banking evolution demands a symbiotic approach: cutting-edge technology, reinforced by regulatory rigour and customer education. Safer Internet Day on 11 February presents a valuable opportunity to reaffirm how banks must balance innovation with integrity, ensuring that we build a resilient ecosystem where security and progress are two sides of the same coin—making trust the cornerstone of the digital financial revolution.
As featured in Entrepreneur India
Asia’s Safest Bank, 2009 – 2024, Global Finance
Best Bank in the World 2022, Global Finance
World’s Best Bank 2021, Euromoney
India’s Best International Bank 2021, Asiamoney
World’s Best Banks - #1 in India 2021, Forbes
World’s Safest Commercial Bank 2021, Global Finance
