Can behavioural banking drive financial literacy and inclusion?
In good times, the need to improve financial literacy is widely accepted by
banking industry leaders and consumers alike. This important topic is
regularly discussed by experts at the World Economic Forum and built into
initiatives sponsored by the United Nations. Regarded as an economic good,
financial literacy is critical to achieving financial inclusion. What about
now, in decidedly less-than-good times? How are banks prepared to promote
financial literacy for millennials and especially Gen Z, as they face a world
in financial turmoil? ... The right systems helped the bank get up and running
just 18 months after its initial launch announcement. Powerful, reliable
technology also helped the company create a customer onboarding application
that can open a new account within just five minutes. “The technology is
extremely important for us,” says Frey. “It has to be fast, agile, and robust.
We needed a solid workhorse with a huge amount of flexibility at the
configuration level.” In 2020, Discovery will begin looking for ways to
incorporate rapidly developing technologies such as artificial intelligence
and machine learning into its solutions. Most important, however, is listening
to customers and ensuring that the bank delivers the most pleasant, rewarding
experience possible.
With DevOps, security is everybody’s responsibility. OK, so what’s next?
DevSecOps solutions are by nature designed to be preventative. The idea is to
remove complexity by baking robust security methodologies into software
development from the earliest stages. Get it right from the outset, and
reactive firefighting is greatly reduced. Conveniently, this model – “shifting
security left” to the coder rather than the expert in a fixed hierarchy – also
makes sense when developing on cloud platforms that assume rapid deployment
and collaboration. There is no development team, security team, or IT
deployment team because they are one and the same person. In theory, that’s
how security misconfigurations can be caught before they do harm. However,
when it comes to cloud development, “shift left” is more talked about than
practised. This situation has crept up on organisations that haven’t realised
how programming culture has changed rapidly in the cloud era. “There is a lack
of control in this model. With the shift into cloud development and the fact
that coders can always get a better answer of Stack Overflow and GitHub, it’s
become practically impossible to track the supply chain. It’s a governance
problem,” says Guy Eisenkot
Surface Duo: Microsoft's $1,400 dual-screen Android phone coming September 10
Microsoft is counting on users seeing the Duo as filling an untapped niche.
But for people used to thinking about carrying no more than two devices --
usually a PC/tablet or phone -- where does the Duo fit? In its first
iteration, with a seemingly mediocre 11 MP camera, an older Snapdragon 855
processor and a relatively heavy form factor (about half a pound), the Duo is
not going to replace my Pixel 3XL Android phone. And with a total screen size
when open of 8.1 inches, the Duo is just too small to replace my PC. Panay and
team are touting the Duo as a device that will give people a better way to get
things done, to create and to connect. As was the case with the currently
postponed, Windows 10X-based Surface Neo device, Microsoft's contention is two
separate screens connected via a hinge help people work smarter and faster
than they could with a single screen of any size. Officials say they've got
research and years of work that backs up this claim. I do think more screen is
better for almost everything, but for now, I am having trouble buying the idea
that a hinge/division in the middle of two screens is going to make any kind
of magic happen in my brain.
The clear Sky strategy
You need to have your eyes to the horizon and your feet on the floor. At all
times. And it’s quite a discipline to do that. You see a lot of people who are
consumed about managing the now, and then if you look at the last few months,
there’s not been a lot of forward thinking. Then you also see other people
who, perhaps the longer they are in their roles, spend more and more time
thinking about the future horizon. That’s all very alluring and appealing, but
they disconnect with the immediacy of what’s important today. You must try to
think of both of those things and also encourage everybody else to think of
their own role in that way. So, if you’re in broadcast technology today and
you’re running that function or department, how do you get your colleagues to
look at the future broadcast technologies and at the same time equip people to
shoot with their iPhones and get the news out quickly? What you end up with is
this networked brain. Everybody in Sky should be thinking about where the
company should go, but also “How do I personally make sure I’m doing what is
needed?”
Did Intel fail to protect proprietary secrets, or misconfigure servers? Lessons from the leak
Regardless of the circumstances, there are key takeaways from the incident.
First and foremost, the unauthorized disclosure of source code and other
sensitive intellectual property could potentially be a boon for those seeking
to steal corporate secrets. “Intel’s technology is almost ubiquitous, and the
leaked device designs and firmware source code can put businesses and
individuals at risk,” said Ilia Sotnikov, VP of product management at Netwrix.
“Hackers and Intel’s own security research team are probably racing now to
identify flaws in the leaked source code that can be exploited. Companies
should take steps to identify what technology may be impacted and stay tuned
for advisory and hotfix announcements from Intel.” “While we often think of
data breaches in the context of customer data lost and potential PII leakage,
it is very important that we also consider the value of intellectual property,
especially for very innovative organizations and organizations with a large
market share,” said Erich Kron, security awareness advocate at KnowBe4. This
intellectual property can be very valuable to potential competitors, and even
nation states, who often hope to capitalize on the research and development
done by others.”
Researchers Trick Facial-Recognition Systems
The model then continuously created and tested fake images of the two
individuals by blending the facial features of both subjects. Over hundreds of
training loops, the machine-learning model eventually got to a point where it
was generating images that looked like a valid passport photo of one of the
individuals: even as the facial recognition system identified the photo as the
other person. Povolny says the passport-verification system attack scenario —
though not the primary focus of the research — is theoretically possible to
carry out. Because digital passport photos are now accepted, an attacker can
produce a fake image of an accomplice, submit a passport application, and have
the image saved in the passport database. So if a live photo of the attacker
later gets taken at an airport — at an automated passport-verification kiosk,
for instance — the image would be identified as that of the accomplice. "This
does not require the attacker to have any access at all to the passport
system; simply that the passport-system database contains the photo of the
accomplice submitted when they apply for the passport," he says.
The problems AI has today go back centuries
The ties between algorithmic discrimination and colonial racism are perhaps
the most obvious: algorithms built to automate procedures and trained on data
within a racially unjust society end up replicating those racist outcomes in
their results. But much of the scholarship on this type of harm from AI
focuses on examples in the US. Examining it in the context of coloniality
allows for a global perspective: America isn’t the only place with social
inequities. “There are always groups that are identified and subjected,” Isaac
says. The phenomenon of ghost work, the invisible data labor required to
support AI innovation, neatly extends the historical economic relationship
between colonizer and colonized. Many former US and UK colonies—the
Philippines, Kenya, and India—have become ghost-working hubs for US and UK
companies. The countries’ cheap, English-speaking labor forces, which make
them a natural fit for data work, exist because of their colonial histories.
AI systems are sometimes tried out on more vulnerable groups before being
implemented for “real” users. Cambridge Analytica, for example, beta-tested
its algorithms on the 2015
The State of AI-Driven Digital Transformation
Governments are transforming service delivery through AI as well. In China, a
number of AI pilot programmes are rolling out across the court system,
including an “AI robot” that can answer legal questions in real time, tools to
automate evidence analysis and the automated transcribing of court proceedings
that would remove the need for judicial clerks to double as stenographers.
These technological developments point to a future in which routine court
procedures are mostly handled by machines, so that judges can reserve their
attention for more complex and demanding cases. The other major use of AI
would be in the areas of security and data privacy. In fact, the Forrester
study found that 61 percent of firms in APAC are already enhancing or
implementing their data privacy and security-related capabilities using AI.
For example, financial services giant AXA IT has been leveraging machine
learning and AI to thwart online security threats. They’ve partnered with
cybersecurity firm Darktrace whose Enterprise Immune System learns how normal
users behave so as to detect dangerous anomalies with the help of AI. Data lie
at the heart of AI. The success of AI-driven digital transformation,
therefore, relies greatly on the ability to draw insights from big data.
How to Keep APIs Secure From Bot Attacks
Many APIs do not check authentication status when the request comes from a
genuine user. Attackers exploit such flaws in different ways, such as session
hijacking and account aggregation, to imitate genuine API calls. Attackers
also reverse engineer mobile applications to discover how APIs are invoked. If
API keys are embedded into the application, an API breach may occur. API keys
should not be used for user authentication. Cybercriminals also perform
credential stuffing attacks to takeover user accounts. ... Many APIs lack
robust encryption between the API client and server. Attackers exploit
vulnerabilities through man-in-the-middle attacks. Attackers intercept
unencrypted or poorly protected API transactions to steal sensitive
information or alter transaction data. Also, the ubiquitous use of mobile
devices, cloud systems and microservice patterns further complicate API
security because multiple gateways are now involved in facilitating
interoperability among diverse web applications. The encryption of data
flowing through all these channels is paramount. ... APIs are vulnerable to
business logic abuse. This is exactly why a dedicated bot management solution
is required and why applying detection heuristics that are good for both web
and mobile apps can generate many errors — false positives and false
negatives.
Blazor vs Angular
Blazor is also a framework that enables you to build client web applications
that run in the browser, but using C# instead of TypeScript. When you create a
new Blazor app it arrives with a few carefully selected packages (the
essentials needed to make everything work) and you can install additional
packages using NuGet. From here, you build your app as a series of components,
using the Razor markup language, with your UI logic written using C#. The
browser can't run C# code directly, so just like the Angular AOT approach
you'll lean on the C# compiler to compile your C# and Razor code into a series
of .dll files. To publish your app, you can use dot net's built-in publish
command, which bundles up your application into a number of files (HTML, CSS,
JavaScript and DLLs), which can then be published to any web server that can
serve static files. When a user accesses your Blazor WASM application, a
Blazor JavaScript file takes over, which downloads the .NET runtime, your
application and its dependencies before running your app using WebAssembly.
Blazor then takes care of updating the DOM, rendering elements and forwarding
events (such as button clicks) to your application code.
AI company pivots to helping people who lost their job find a new source of health insurance
In addition to making health insurance somewhat easier to get, the Affordable
Care Act funded navigators who helped individuals choose the right insurance
plan. The Trump administration cut funding for the navigators from $63 million
in 2016 to $10 million in 2018. During the 2019 open enrollment period for the
federal ACA health insurance marketplace, overall enrollment dropped by 306,000
people. "While that may not seem like a lot, the average annual medical expense
is around $3,000 per person, and a shortfall of covered patients could represent
over $900,000,000 of medical expenses will not be paid by health insurance,"
Showalter said. When states banned elective medical procedures temporarily
during the early months of the pandemic, this cut off an important revenue
stream for hospitals and many laid off workers. Some of these layoffs included
patient navigators who helped patients enroll in health insurance, particularly
Medicaid. Showalter said that all Jvion customers have had at least a few
navigators on staff but not enough to reach every patient in need of assistance.
Quote for the day:
"A good general not only sees the way to victory; he also knows when victory is impossible." -- Polybius
