AI, identity, real-time payments resetting cyber threat landscape: Report
A report warns that AI, embedded finance and real-time payments are reshaping cyber risks, leaving traditional security models inadequate for today's interconnected financial ecosystem
)
The lag between structural change and security model adaptation is the "window" that sophisticated threat actors are actively exploiting | Image: Canva
Listen to This Article
The rapid transformation of banking and financial services is creating a fundamentally new cyber threat landscape, according to a report that argues traditional security models are no longer sufficient to serve today's interconnected ecosystems.
The Digital Threat Report 2025-26, released on Monday, notes that conventional cybersecurity architectures were designed around centralised systems where trust boundaries were defined.
Today's financial ecosystem, however, is built around interconnected platforms, embedded finance, AI-driven decision-making and real-time payments, dramatically expanding the attack surface, says the new report by the Ministry of Electronics and Information Technology (Meity, Indian Computer Emergency Response Team (CERT-In), the Computer Security Incident Response Team in Finance (CSIRT-Fin) and SISA.
"Modern financial attacks are moving from direct compromise to trust-chain manipulation across biometric onboarding, partner apps, AI decisioning, real-time payments, APIs, programmable finance, and third-party ecosystems. Attackers are exploiting the gaps between systems, institutions, and workflows, where no single control owner has full visibility," the report said.
According to the report, this is resulting in a new threat model where a breach is no longer isolated to credentials or transactions, but embedded across identity, AI, APIs, payment logic, and supply chains.
Also Read
The convergence of real-time irreversibility, AI-driven decisioning, programmable financial logic, continuous identity planes, and ecosystem-dependent operations creates a threat environment where speed, complexity, and interdependency all compound simultaneously.
"Regulatory compliance frameworks are catching up, but they are catching up to an architecture that is itself still evolving," it said.
The lag between structural change and security model adaptation is the "window" that sophisticated threat actors are actively exploiting.
Conventional security architectures were designed for a world where control was centralised and trust was bounded, it said, but pointed out that such a design does not hold in the current operating environment.
The report warned that as digital services span multiple platforms, fragmented security and identity-based access increase risks, with a single compromised identity potentially enabling persistent, cross-platform access to multiple accounts and services.
"When identity becomes the primary control plane for access and transactions, built on biometrics, continuous authentication signals, and cross-system token chains, a single identity compromise no longer affects one account. It provides broad, persistent, cross-system access," it said.
Compliance monitoring that relies on control signals becomes 'weaponisable' as attackers can suppress logs, manipulate alert thresholds, and maintain the appearance of a clean posture while operating inside a compromised environment, according to the report.
The threat surface is no longer a perimeter. Instead, it is a distributed continuous shifting mesh of relationships across partners, platforms, models, APIs and infrastructure layers. None of which an institution fully owns or controls, said the Digital Threat Report for the banking, financial services and insurance sector.
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
More From This Section
Don't miss the most important news and views of the day. Get them on our Telegram channel
First Published: Jul 14 2026 | 8:05 AM IST
