Austin,ย 23 June โย Michaelย Marcotte, the founder,ย chairman, and CEO of enterprise-grade digital authentication firmย artius.iD, was warned that a successfulย biometricย dataย breach at a leading bank could put us on the brink of the next globalย financial crisis.ย ย
The intervention follows recent comments by the CEO of HSBC UK, Ian Stuart, who last month told UK policymakers the bank is โbeing attacked all the timeโ by online criminals, leading to cybersecurity becoming the bank’s biggest expense, amounting to hundreds of millions of pounds (The Guardian). This highlights the imminent danger banks are currently facing and the necessity for urgent action.
But Marcotte, who co-founded the US National Cybersecurity Center and Chaired its Rapid Response Center, thinks the risk posed by banksโ biometric data is flying under the radar. Banks are currently storing this data in a centralized way, providing a single avenue through which hackers can expose vast volumes of highly sensitive data.
He argued that a large-scale breach of this data could lead to group litigation from customers on a scale large enough to destabilize a bank and the wider financial ecosystem โ and urged banks to decentralize this data by pushing it onto customersโ devices.
Michaelย Marcotte, founder,ย chairman, and CEO ofย artius.iD, said:ย โBanks are spending hundreds of millions to bolster their cyber defenses โ everything from zero trust architecture to AI-drivenย threat detection, and even quantum-resistant cryptography. But sometimesย itโsย far better, and vastly cheaper, to remove the need for protection in the first place.ย
โThe reams of biometric data banks are storing right now on centralized systems is a big red bullseye for hackers. It offers a single vector through which one successful attack could deal catastrophic damage. This is the biggest cyber threat banks face today โ and yet bank executives and their regulators are largely blind to it.
โThe operational and reputational costs to a bank of a large-scale biometric data hack would be enormous โ but this would be nothing compared to the cost of the group litigation they could be hit with by the customers whose fingerprints and facial and vocal data are breached. If this were to happen at a JPMorgan or an HSBC, it would bring them to their knees, and the fallout for our entire global banking system could be apocalyptic.
โAnd yet the solution is simple. All thatโs needed to de-risk this data is to decentralize its storage โ pushing it onto customersโ own devices where it belongs. The technology is available to do this โ and we need to see the banking industry catch up, and stop putting our biometric data and our financial security at risk.โ
About Michael Marcotte
Michaelย Marcotteย is co-founder of US National Cybersecurity Center (NCC) and founder,ย Chairman, and CEO ofย artius.iD. He joined the EchoStar family of companies in 2006, where he served as Global CIO, Global CDO, and President (Hughes Cloud Services). NASDAQ-listed EchoStar is one of the worldโs largest satellite communications and Internet services companies,ย operatingย a fleet of geostationary communications satellites.ย ย ย
Marcotte left EchoStar in 2014 to apply expertise at a range of organizations across technology, venture capital, and government. His roles have included Chairman of the NCC’s Rapid Response Center, Board member of OEDIT, and senior advisor to several heads of state and US Senators.
