Management Strategies

03:30 PM
Connect Directly

Patent Issues a Growing Concern for Banks

Financial services patents are moving front and center as banks seek to protect their competitive advantage while the courts and the U.S. Patents Office wrangle over the patentability of intangible banking processes.

"With IP today, most of it goes out the door before it's even captured," Drab asserts. "You need to determine what information you have that is of value and capture it quickly." Stamford, Conn.-based Xerox's DocuShare solution, he claims, provides this functionality.

Scanning tools also provide a method for searching out the vulnerabilities in a system, according to V.i. Labs' DeMarines, who notes that banks' IP is at even greater risk today because of the widespread use of Web-based applications. "Banks use scanning software to look for these vulnerabilities, such as the use of open-source software and back doors, in their applications so they can shut this down," he explains.

"I know of one bank that did this and they were surprised to see how much of their IP was exposed," DeMarines continues. "Banks worry a lot about customer data -- now they are starting to worry about the IP and the application itself. What if someone knows the application well enough to poke holes in it to get to the customer data?"

E-Soft's Walsh says the vendor provides security at the network level. Its solution sits just at the edge of a bank's network where it meets the Internet. It not only scans for viruses and prevents intrusion, it also looks for patterns and keywords, such as documents leaving the network labeled "confidential."

"The scanning engine can detect this word on a document if it's about to leave the network. It puts the file in quarantine and sends an auto alert to an administrator," Walsh explains. Beyond IP, the solution also can zero in on documents in transit containing customer PINs, Social Security numbers and other sensitive data.

Xerox's Drab stresses that banks must protect IP in both the digital and paper worlds. As such, it's vital to control the flow of data from output devices, such as printers and copiers, he says, noting that these are highly vulnerable end points that have long flown under the radar of many companies' IT departments.

"The NSA [National Security Agency] once called the copier 'the spy's best friend,'" Drab relates. "What happens when a document is printed or copied? This is a critical area because you can have all the network security in the world in place, but it means nothing once something is printed."

Drab adds that there is technology available that can track printed documents and help prevent them from being copied. For instance, he says, firms can use holograms, microtext (text that is embedded into a document at 1/100th of an inch) and invisible infrared coding embedded into a document to ensure the authentication of the original document.

"Of course, no matter how much security you have, nothing protects 100 percent," Drab warns. That is why banks and other financial institutions must be able to rely on legal measures to keep their IP safe.

Monitoring the Insider Threat

As with other data security, an important component of protecting IP is monitoring employees, says Finnegan Henderson's Lim, who points to non-compete clauses and confidentiality agreements as important tools. "These must dovetail with your IP strategy," she asserts. "It's important for financial institutions to have clear documentation that they own the process. When you file for a patent, you assign the right to the invention to the company [not the employee]. These are just good business practices."

That's if a bank can determine who does and doesn't qualify as an "employee." "Many banks use outsourcers, employ temporary workers, have partners -- and all need to access the bank's network in some manner," comments Deutsche Bank's Marovitz. "Banks are going to need a semi-permeable/selectively permeable membrane for access control. As organizations become global, the boundary between who is an employee and who isn't becomes more complex."

It's important to address these issues up front when hiring new employees or entering a partnership with a third party and to remain proactive, adds Fish & Richardson's Hudnell. "This is a legal issue and you have to make sure you have the protocols in place to ensure there are no problems down the line," he says. "These legal agreements must also be updated periodically."

But safeguarding what's inside an employee's brain isn't the same as securing a database, points out CashEdge's Sokolic. Despite protocols to protect IP, "They still have all that knowledge in their heads," he says. "This is a risk you take when you hire someone."

IN LIGHT of recent litigation, banks must understand the importance of protecting their innovations with patents

3 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology
BS&T's 2014 Elite 8 executives are leading their banks to success, whether it involves leveraging the cloud, modernizing core systems, or transforming into digital enterprises.
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.