Dinis Guarda interviews Sandra Tobler, IT specialist and co-founder of Futurae about the challenges of cybersecurity in Fintech as well as the solutions.
Sandra Tobler is an entrepreneur and IT specialist co-founder of Futurae. She has worked for IBM in various international roles since 2007. mIn 2016, Sandra co-founded Futurae together with two PhDs from ETH Zurich's System Security Group.
Futurae works on seamless end-user authentication and transaction confirmation. As board member of Startupticker and other engagements, Sandra continuously fights for better framework conditions for the Swiss startup ecosystem and in particular a thriving cybersecurity space in Switzerland.
Sandra Tobler Interview Focus
1. An introduction from you - background, overview, education...
2. Career highlights
3. Your company / companies, organisations and focus?
4 Fintech context
5. What are your views on our society, technology and digital transformations?
6. What are your goals and how do you see the future of work and the main trends in tech and society?
7. With Covid-19 what ways do you envision to redesign our society with technology and social impact?
8. What are your visions for the present and future?
Sandra Tobler Highlights and Quotes
- I studied international relations and I have worked for IBM and S-GE and was in the last role responsible for the economic representation of the Swiss representation in San Francisco. In my roles at IBMI learnt a lot about the IT industry and solutions. Four years ago, I decided to start my own business, Futurae.
- In my opinion, I would say that Switzerland has a great education system, really inclusive and qualitative compared to, for example, the US. With the COVID-19, there has been a boost in online education and edtech solutions and I think now also decision takers in the education sector understand that technology isn’t just a cosmetic thing but something that will have to stay longer.
- Fintech and insurtech in Switzerland. There is a growing movement in fintech and insurtech, especially because of the financial heritage there is in Switzerland. That gave a strong understanding for the industry and foundation for new startups to appear. One big advantage of the Swiss Fintech ecosystem compared to other countries is again the financial heritage that entrepreneurs understand the industry in and out. Many of the first fintech builders and adopters were in fact experts coming from banks or institutions faced with legacy systems and issues around those. These moved to the fintech space to fix problems they have spotted in the traditional banking. For example, improvements in the customer experience, the adoption of new technologies, etc.
- In cyber security you need to be sure you can act fast to address changing threat models. Since digital systems take over more and more compared to analog ones this is gaining increased importance and in banking and fintech this aspect is even more important compared to other industries. The old way of doing cyber security doesn’t work anymore. In the old days IT projects take months and years. With the modern exposures you need to work with services that can adapt in a lot faster way to those changes in operating system or threads. Login systems are still often outdated and do not provide the user experience users are expecting today.
- In Cybersecurity, talent is the most important resource and finding the right talent pool is difficult since there is an inherent shortage in the industry. This is where the startup come into play. As a bank it is most probably the most affordable and efficient to work with a Cybersecurity startup that has very specialized know-how in an area. If you cannot hire talent directly, work with them in long-term partnerships.
- We provide a modular two-factor authentication, transaction signing and fraud detection platform with various options for banks and financial institutions, software and hardware based ones. We secure mobile and web banking but also banking via smart home devices. We are specialised in retail or private banking where you have very frequent usage but also for use cases where people do not come every day to check their bank accounts. Those that only go online to their service a few times a year typically forget their passwords what translates into massive support costs for password resets. We can also offer passwordless experiences there. Our API based solution adds new layers of security thanks to our advanced technologies and layered approach. Always offering best usability with user-centric novel approaches using sensor signals and privacy-preserving context.
- We built a platform for strong authentication, we don’t know who the user is (e.g. we do not do the identity part), we are totally blind to provide the best privacy to our clients. These clients log in on our platform and through there they can log in in all their different financial accounts.
- Open API for integrated use cases. Not only open finance is really interesting since the most interesting integrations are cross industry. It also brings new challenges. Services put the user in the centre. PSD2 supports this trend massively in the European countries. APIs help with the consumer experience in open banking. Futurae supports banks being compliant with the SCA terms of the PSD2 regulation making the transaction signing process smoother and at the same time more secure for the users than for instance via a SMS code.
- There are a few reasons why some banks struggle to adopt technology. I once spoke to a C-Level of one of the largest British banks and I asked what they do in the area of Cybersecurity or Fintech specifically. I was told C-levels of banks are too busy with stakeholders meetings and day-to-day operations to look into technology trends or even consider implementing new technologies or solutions. Things might also change tremendously since the Covid-19 situation forced many incumbent organisation to offer services entirely digitally.
- I never agreed that Fintech technology were to replace incumbent financial service institutions but especially in my area mostly the only chance to bring infrastructure forward is for incumbent organisations to work together with more adaptive innovators. It's not about Fintech or banks, some very innovative approaches combine the two elements. It would be unfortunate if banks miss out on the opportunity and do not adopt some of the B2B fintech solutions or learn through such collaborations because it has been proven that that’s the only way to win speed, iterate fast and improve the infrastructure.
- Governments are lagging behind even more compared to other industries regarding adopting new technology and solutions. But also other sectors were less under pressure like the financial services one like education, healthcare who did not fully grasp the concept yet to join forces with the startup ecosystem to ultimately support building a thriving local technology ecosystem and at the same time modernize legacy systems.
- The most incidence that we see for instance through data breaches in our space cybersecurity is when companies try to build their own cybersecurity infrastructure and think it is interesting price wise and they would manage. In the end it exposes them more and it also costs them a lot more than joining with an industry expert and product innovator in the field. Companies underestimate how expensive and time consuming it is to dedicate resources to a topic that is not their core expertise. Building a new security system from the ground up could take years. And there is always the risk of turn over for key personnel which exposes the organisation even more. Companies like ours, specialized in very specific niches within cybersecurity, can provide valuable insights and tools that are tested and already working with many other similar customers.
- COVID-19 has fostered the rapid adoption of digital services from consumers that were sceptical but also from companies that saw digitization as nice-to-have before. Many companies understood now that consumers expect to have access to financial services in a straight-forward seamless way even though bank branches are closed. And that has also boosted cybersecurity challenges and concerns. For companies like Futurae, working in the cybersecurity industry, is an exciting time right now.
Sandra Tobler Profile
Sandra Tobler is an entrepreneur who worked in the IT space for many years. She has worked for IBM in various international roles since 2007. She then joined S-GE and later the state secretary of foreign affairs where she built the expertise for the IT industry and consulted Swiss IT companies with internationalization strategies. She also opened for the organization an economic representation in San Francisco.
In 2016, Sandra co-founded Futurae together with two PhDs from ETH Zurich's System Security Group.
Her company Futurae brings future-proof security to digital products. They modernise end-user authentication and PSD2 compliant transaction signing offering a platform of modular software and hardware based solutions for web and mobile banking and customer portals with user-centric novel approaches using sensor signals and privacy-preserving context. Futurae continuously adds modules to their offering, including transaction monitoring or protection for social engineering attacks.
Futurae today's customers are in the financial and insurance industries like the Swiss stock exchange or the largest robo-advisor in Europe for whom they secure transactions, eBanking, mobile banking or customer portals, in telco, ehealth and hospitals and universities. Futurae was incorporated in Zurich by best-in-class Cybersecurity and usability researchers coming from the System Security Group of ETH Zurich. Futurae was named Cool Vendor in Identity and Access Management, by Gartner and Cybertech100.
Sandra Tobler Accolades:
- 2018 Futurae Cool Vendor in Identity and Access Management, Gartner
- 2019 Sandra was named for the second time in a row one of Switzerland's 100 Digital Shapers by BILANZ magazine and ranked 4th in the list of Entrepreneurs of the Year (Handelszeitung/SKO)
- 2020 Winner of the Efma-Capgemini Financial NewTech Challenge 2020 in the category "Retail and Commercial Banking"
- 2020 Futurae listed among the World most innovative CyberTech 100 Companies, providing secure authentication to financial institutions.
Futurae Technologies AG Company Profile
Futurae Technologies AG was founded by ETH Zurich security researchers and business leaders (as an ETH spin-off) and offers a suite of adaptive modular multi-factor authentication and transaction signing tools that provide a high degree of security, all the while never compromising on the user experience while protecting the user’s privacy.
The suite offers a full range of authentication for Web and Mobile Application that grant companies complete flexibility i.e. from Hardware, to novel Software-based solutions together with protection from Social Engineering attacks. The innovative Adaptive-MFA using ubiquitous sensors, One-Touch, QR-Code (online and offline), TOTP, Single Device as well as IoT Authentication and Hardware token. In addition, Futurae human-centric technologies also enable swift and uncomplicated integration into a company’s existing infrastructure and reduce overall operating costs.
Futurae is focused on its strong MFA portfolio offering its leading-edge technologies as a SaaS offering or on-premise installation, as well as through its secure Mobile App, SDK, or White Label solution. With headquarters in Zürich, Switzerland – and a software stack engineered from scratch with the latest technologies – Futurae represents a local security partner that enables its customers global ambitions.
Futurae serves highly regulated companies, such as hospitals, eHealth companies, as well international companies in the financial services, education or public sector.
Futurae again amongst the world's most innovative #CyberTech100 companies providing cyber defence to financial institutions.
Links and sources
Cybersecurity Startup Futurae's CEO Sandra Tobler About Building an International Network
Authentication Solutions for a Secure Future: Futurae / Episode 165
Sandra Tobler, Co Founder & CEO, Futurae Technologies AG
Futurae Technologies - Founder story: When a dog is not enough to protect your assets!
Hernaldo Turrillo is a writer and author specialised in innovation, AI, DLT, SMEs, trading, investing and new trends in technology and business. He has been working for ztudium group since 2017. He is the editor of openbusinesscouncil.org, tradersdna.com, hedgethink.com, and writes regularly for intelligenthq.com, socialmediacouncil.eu. Hernaldo was born in Spain and finally settled in London, United Kingdom, after a few years of personal growth. Hernaldo finished his Journalism bachelor degree in the University of Seville, Spain, and began working as reporter in the newspaper, Europa Sur, writing about Politics and Society. He also worked as community manager and marketing advisor in Los Barrios, Spain. Innovation, technology, politics and economy are his main interests, with special focus on new trends and ethical projects. He enjoys finding himself getting lost in words, explaining what he understands from the world and helping others. Besides a journalist, he is also a thinker and proactive in digital transformation strategies. Knowledge and ideas have no limits.