10%

Try : Insurtech, Application Development

Edtech(5)

Events(34)

Interviews(10)

Life@mantra(11)

Logistics(1)

Strategy(14)

Testing(8)

Android(46)

Backend(29)

Dev Ops(3)

Enterprise Solution(22)

Frontend(28)

iOS(41)

Javascript(13)

Augmented Reality(17)

Customer Journey(12)

Design(13)

User Experience(34)

AI in Insurance(31)

Insurtech(59)

Product Innovation(37)

Solutions(15)

E-health(3)

HealthTech(8)

mHealth(3)

Telehealth Care(1)

Telemedicine(1)

Artificial Intelligence(109)

Bitcoin(7)

Blockchain(18)

Cognitive Computing(7)

Computer Vision(8)

Data Science(14)

FinTech(44)

Intelligent Automation(26)

Machine Learning(46)

Natural Language Processing(13)

InsurTalks Podcast with Andrew Warburton: Delivering value-added experiences in the New Normal

5 minutes, 26 seconds read

The outbreak of pandemic Covid-19 has disturbed the political, social, economic, and financial structures of the whole world. The analysis by the UN Department of Economic and Social Affairs (DESA) said the COVID-19 pandemic is disrupting global supply chains and international trade.

To understand the impact of this crisis on the Insurance and InsurTech industries, we interviewed Mr. Andrew Warburton, Sales Director, Winsure Financial to get a sense of the current situation and understand “the new normal in Insurance”. 

Mr. Andrew Warburton is a Sales Director for Winsure Financial in London, a company that specializes in providing innovative investment vehicles that can be distributed digitally to clients or through professional advisors. He is also an advisor for Insurtech Hub in Istanbul. With over 30 years of experience in the global Insurance/Banking industry he believes that Insurtech and fintech are the only way forward to be relevant in the new digital age. Andrew has an international Sales and Marketing background working in Senior Executive positions with large multinationals in 6 countries.

Connect with Mr. Warburton – LinkedIn

The excerpt from the interview with Mr. Andrew Warburton:

The Impact of COVID-19 in the Insurance Industry

Almost every business has been affected by COVID-19 severely. What are the direct and indirect implications on Insurance?

Indeed the COVID-19 pandemic has deeply impacted the market. In Turkey as well, there’s a drastic reduction in new businesses. There are 3 major areas of impact due to this crisis in Insurance-

Claims– There’s been a spike in claims especially in Travel, Health, and Life Insurance lines. Death rates in western Europe and the USA might have been up by 50% on a monthly figure. The impact may not be huge as more elderly people are parting away and they don’t have the same needs as that of younger families. However, Travel Insurance has been deeply affected due to lockdowns and people avoiding travel in general as a precautionary measure. 

Customer Engagement Another area where the Insurance sector is facing a problem is how to reach customers? Selling agents are no longer welcome knocking on the door due to the lockdowns. It is very difficult for banks and insurance companies to reach their customers in the normal fashion.

Economic Slowdown– Many people are drawing negligible salaries or in some cases no salaries at all. But they still have to pay insurance premiums which are an additional burden on them. 

Insurance is a kind of business where sale is prompted in some way. It may not be the case for some Insurance lines such as car insurance which is bought online in many countries. Without that prompt, probably people won’t buy insurance. Moreover, times like these where there is a cash crunch, insurance might be the last thing in people’s minds. 

Changing Customer Preferences

In a post-pandemic World, will insurance ever be bought offline? Or have we crossed the threshold for now buying policies purely online?

It’s quite a mixed bag of what we see around the world where some countries are quite advanced in digital sales. On the other hand, some countries still prefer manual processes. In this first wave of the pandemic, developing countries have not been impacted compared to the sort of lockdown. We have seen platforms like Alibaba, Amazon, and food delivery apps where people are spending more time on it and ordering food online. Insurance too will see a similar trend towards more online sales.

Customer Expectations from Insurance

Consumers, now more than ever are seeking value-added experiences with the products & services they buy. How will these expectations amidst this Pandemic backdrop impact new product innovation within insurance? 

Many insurance companies have a lot of data about their customers such as where they live, their buying habits, etc. For example, if they have a car how many miles do they do every day, where do they go, where’s the car parked or when do they go to the airport, etc. This data has not been used in the past but it enables us to determine premium based on which part of the district they live. There’s a lot of data available, but companies are not able to extract and use it to their benefit. Companies want to invest in Artificial Intelligence and Machine Learning to understand customer behavior and give a personalized experience. That is happening currently in health insurance and car insurance. Certainly, Insurers will look forward to investing in these technologies in the coming months.

Impact of COVID-19 in AI Adoption

Many Insurance regulatory bodies are introducing sandboxes for Insurtech startups to experiment with AI and new cost optimization technologies. How does this pandemic impact the Insurance industry in terms of AI adoption? Will AI remain a priority?

Certainly AI will still be a priority. Everybody believes that AI will have the most impact on the Insurance industry. Nobody could have predicted this pandemic coming. One cannot plan for situations like these. But AI will help us cope with the pandemic better. Coming to the sandboxes, it has made it much easier for the Insurtechs to connect with Insurance companies.

Risk Mitigation Strategies in Insurance

What are the strategies to mitigate risks in insurance?

Insurers are investing in AI-driven products which require digital platforms to reach to the customers. Digital channels such as chatbots will play a key role in getting potential clients, create leads, upsell or cross-sell, etc. Many Insurers in developed countries have not invested much in digitalization. Digitalization will be a key mitigation strategy.

The New Normal in Insurance

What will be the new normal/upcoming Insurtech trends across the globe?

There are three areas in technology that are popular- Artificial Intelligence, Internet of Things, and Blockchain. The world probably is not yet ready for blockchain but AI and IoT combined have a big impact. It’s a common misunderstanding that if AI is plugged into data, it’ll create magic tricks. But it doesn’t. Digitalization is the step one and creating data is step two. What you do next to make a difference is the key which is AI. AI can be used to detect fraud and calculate premiums. IoT can help connect with clients at home and blockchain will have a huge potential in the Insurance sector.


AI is going to be essential for Insurers to gain that competitive edge and adat to the new normal in the post-pandemic world. Check out FlowMagic— an AI-driven platform for Insurer workflows and Hitee — an Insurance specific chatbot for driving customer engagement. For your specific requirements, please feel free to write to us at hello@mantralabsglobal.com. 

Podcasts in this series:

Cancel

Knowledge thats worth delivered in your inbox

12 Tips To Secure Your Mobile Application

Cyber attacks and data theft have become so common these days especially when it comes to mobile applications. As a result, mobile apps that experience security breaches may suffer financial losses. With many hackers eyeing to steal customer data, securing these applications has become the number one priority for organizations and a serious challenge for developers. According to Gartner’s recent research, Hype Cycle for Application Security, investment in application security will increase by more than two-fold over the next few years, from $6 billion this year to $13.7 billion by 2026. Further, the report stated, “Application security is now top-of-mind for developers and security professionals, and the emphasis is now turning to apps hosted in public clouds,” It is crucial to get the fundamental components of DevOps security correct. Here are the 12 tips to secure your mobile application: 

1. Install apps from trusted sources:

It’s common to have Android applications republished on alternate markets or their APKs & IPAs made available for download. Both APK and IPA may be downloaded and installed from a variety of places, including websites, cloud services, drives, social media, and social networking. Only the Play Store and the App Store should be allowed to install trustworthy APK and IPA files. To prevent utilizing these apps, we should have a source check detection (Play Store or App Store) upon app start.

Also read, https://andresand.medium.com/add-method-to-check-which-app-store-the-android-app-is-installed-from-or-if-its-sideloaded-c9f450a3d069

2. Root Detection:

Android: An attacker could launch a mobile application on a rooted device and access the local memory or call specific activities or intents to perform malicious activities in the application. 

iOS: Applications on a jailbroken device run as root outside of the iOS sandbox. This can allow applications to access sensitive data stored in other apps or install malicious software negating sandboxing functionality. 

More on Root Detection- https://owasp.org/www-project-mobile-top-10/2016-risks/m8-code-tampering

3. Data Storing:

Developers use Shared Preferences & User Defaults to store key-value pairs like tokens, mobile numbers, email, boolean values, etc. Additionally, while creating apps, developers prefer SQLite databases for structured data. It is recommended to store any data in the format of encryption so that it is difficult to extract the information by hackers.

4. Secure Secret Keys:

API keys, passwords, and tokens shouldn’t be hardcoded in the code. It is recommended to use different techniques to store these values so that hackers cannot get away quickly by tampering with the application. 

Here’s a reference link: https://guides.codepath.com/android/Storing-Secret-Keys-in-Android

5. Code Obfuscation

An attacker may decompile the APK file and extract the source code of the application. This may expose sensitive information stored in the source code of the application to the attacker which may be used to perform tailored attacks. 

It is better to obfuscate the source code to prevent all the sensitive information contained in the source code.

6. Secure Communication:

An attacker may perform malicious activities to leverage the level of attacks since all communication is happening over unencrypted channels. So always use HTTPS URLs over HTTP URLs.

7. SSL Pinning:

Certificate pinning allows mobile applications to restrict communication only to servers with a valid certificate matching the expected value (pin). Pinning ensures that no network data is compromised even if a user is tricked into installing a malicious root certificate on their mobile device. Any app that pins its certificates would thwart such phishing attempts by refusing to transmit data over a compromised connection

Please refer: 

https://owasp.org/www-community/controls/Certificate_and_Public_Key_Pinning

8. Secure API request & response data

The standard practice is to use HTTPS for the baseline protection of REST API calls. The information sent to the server or received from the server may be further encrypted with AES, etc. For example, if there are sensitive contents, you might choose to select those to encrypt so that even if the HTTPS is somehow broken or misconfigured, you have another layer of protection from your encryption.

9. Secure Mobile App Authentication:

In case an application does not assign distinct and complex session tokens after login to a user, an attacker can conduct phishing in order to lure the victim to use a custom-generated token provided by the attacker and easily bypass the login page with the captured session by using a MiTM attack.

i) Assign a distinct and complex session token to a user each time he/she logs on successfully to the application. 

ii) Terminate the session lifetime immediately after logging out. 

iii) Do not use the same session token for two or more IP addresses. 

iv) Limit the expiry time for every session token.

10.  Allow Backup 

Disallow users to back up an app if it contains sensitive data. Having access to backup files (i.e. when android:allowBackup=”true”), it is possible to modify/read the content of an app even on a non-rooted device. So it is recommended to make allow backup false. 

11. Restrict accessing android application screens from other apps

Ideally, your activities should not give any provision to the opening from other services or applications. Make it true only when you have a specific requirement to access your flutter screens from other apps otherwise change to android:exported= ”false”

12. Restrict installing packages from the android application

REQUEST_INSTALL_PACKAGES permission allows apps to install new packages on a user’s device. We are committed to preventing abuse on the Android platform and protecting users from apps that self-update using any method other than Google Play’s update mechanism or download harmful APKs.

Conclusion: 

Mobile Apps have become more personalized than ever before with heaps of customers’ personal data stored in them every day. In order to build trust and loyalty among users and prevent significant financial and credential losses for the companies, it is now crucial to make sure the application is secure for the user. Following the above-mentioned mobile app security checklists will definitely help to prevent hackers from hacking the app.

About the Author:

Raviteja Aketi is a Senior Software Engineer at Mantra Labs. He has extensive experience with B2B projects. Raviteja loves exploring new technologies, watching movies, and spending time with family and friends.

Read our latest blog: Implementing a Clean Architecture with Nest.JS

Cancel

Knowledge thats worth delivered in your inbox

Loading More Posts ...