All posts by Nicole Kobie

Check Point spots two flaws in Microsoft Azure


Nicole Kobie

30 Jan, 2020

Check Point security researchers spotted flaws in Microsoft Azure that could have let hackers take control over the cloud servers.

The work was part of a wider project looking at cloud infrastructure, dubbed “Attack the Cloud”, in which Check Point wants to “break the assumption that cloud infrastructures are secure”.

With Microsoft Azure, the researchers spotted two flaws. The first was in Azure Stack, and could have let criminals take screenshots or see other sensitive information by taking advantage of a vulnerability in the “DataService” function, which didn’t require authentication.

“This security flaw would enable a hacker to get sensitive information of any business that has its machine running on Azure,” the researchers said. “In order to execute the exploitation, a hacker would first gain access to the Azure Stack Portal, enabling that person to send unauthenticated HTTP requests that provide screenshots and information about tenants and infrastructure machines.”

The second flaw was in the Azure App Service, where businesses provision and deploy apps and business processes, and could have allowed hackers to take control of a server.

“The end result would be that a hacker could potentially take control over the entire Azure server, and consequently take control over all your business code,” the researchers said.

The researchers could get into applications, see data and take over accounts by creating a free user in Azure Cloud and running malicious functions.

“Exploiting this vulnerability in all of the plans could allow us to compromise Microsoft’s App Service infrastructure,” the researchers explain. “However, exploiting it specifically on a Free/Shared plan could also allow compromising other tenant apps, data, and account.”

Check Point disclosed the findings to Microsoft in January and June last year, with patches for both issued at the end of 2019. The first flaw was awarded $5,000 from Microsoft’s bug bounty programme; the second earned $40,000.

The researchers emphasised in a report on the second flaw that while the cloud is “considered safe”, it can still have vulnerabilities: “The cloud is not a magical place.”

Google demos real-time speech to text translation


Nicole Kobie

29 Jan, 2020

Google has demonstrated a real time translation and transcription tool powered by AI, that will take lectures and other long-form voice in one language and output it in another. 

Part of Google Translate, the tool will let a smartphone act as interpreter, listening to speech via the microphone and transcribing translated text in real time. So far, the system only supports a few languages, including English, French, German and Spanish. The demo showed English being translated to Spanish. 

“With this, your Android mobile phone will effectively turn into an almost real time translator device for long-form speech,” Google said at the demonstration according to reports, adding it could “unlock continuous speech translations in this world at scale” in the longer term.

However, the transcription and translation won’t happen on your device. Instead, the audio recording will be uploaded to Google’s servers – so you’ll need a decent Wi-Fi connection or solid data package, as well as a willingness to share the audio with Google, to use this tool. 

Google didn’t say when the feature would arrive. 

The Google Translate tool was unveiled as part of a showcase of Google’s AI projects at its San Francisco office, which also included a neural network used to track and monitor whales using underwater microphones, which is now being used in Canada.  

“With this information, marine mammal managers can monitor and treat whales that are injured, sick or distressed,” said Julie Cattiau, product manager for Google AI, in a blog post. “In case of an oil spill, the detection system can allow experts to locate the animals and use specialised equipment to alter the direction of travel of the orcas to prevent exposure.” 

That machine-learning system was trained on 1,800 hours of underwater audio recordings that were labelled and supplied by Fisheries and Oceans Canada. 

The AI demonstrations come a week after Google CEO Sundar Pichai wrote a column urging sensible regulation of artificial intelligence to avoid misuse of the technology. 

Avast expands opt-out after data-sharing investigation


Nicole Kobie

28 Jan, 2020

Avast has been caught up in yet another privacy scandal, with a joint investigation by PC Mag and Motherboard revealing the extent to which the security firm is collecting user browser histories and selling the data on to third parties. 

Last year, Avast browser extensions were spotted collecting browsing data to sell to advertising firms, sparking Chrome, Opera and Firefox to pull the add-ons from their marketplaces, though some have since returned.

Avast said at the time that it removed any identifying information from the browsing history. The PC Mag and Motherboard investigation suggested it’s possible to re-identify that data once it’s in the hands of marketers. 

The investigation revealed that Avast sells the collected data via its Jumpshot division to third parties such as marketing companies. The browsing history being collected includes every click, keyword search, and entered URLs, harvested not only from browser extensions but also from users of Avast’s free antivirus software. 

The collected data is “de-identified” by stripping out personal details, and tagged with an identifying code. However, research casts doubt on whether any large sample of user data can be truly anonymised. Jumpshot’s data does not directly identify any specific individual, but when it is combined with other data, it’s simple to see who is clicking what, the investigation claims. 

For example, if a data harvesting company or marketer bought data from Avast and also from a website you’re logged into (for example Amazon), the information provided would make it possible to link the Avast data to your Amazon account, therefore revealing your identity, and tying it to your entire browsing history. The data seen by the investigators includes searches, GPS coordinates on maps, visits to social media accounts, and even what video was watched on a porn site. 

The investigation showed Jumpshot was selling that data to companies that aggregate such information, with customers buying access to that “all clicks feed” for millions of dollars. 

Avast stopped sharing such data collected via extensions after the revelations last year, and in July 2019 started asking users for permission before sharing their browsing data with Jumpshot. It will now also ask all existing users of its free antivirus to opt-in to data sharing in February. 

An Avast spokesperson said the company stopped sharing browser extension data with Jumpshot in December, only using collected information for core security tasks.

“We ensure that Jumpshot does not acquire personal identification information, including name, email address or contact details,” the spokesperson added.

Avast also noted that users have always had the ability to opt out of such data sharing: “As of July 2019, we had already begun implementing an explicit opt-in choice for all new downloads of our AV, and we are now also prompting our existing free users to make an opt-in or opt-out choice, a process which will be completed in February 2020.”

The spokesperson added: “We have a long track record of protecting users’ devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.”

This isn’t the first data privacy scandal to hit Avast: in 2018, Avast pulled an update to its CCleaner tool over data collection concerns

NHS shifts two national services to the cloud


Nicole Kobie

28 Jan, 2020

The NHS has migrated two of its national services to the cloud, hoping to cut costs while improving security and efficiency of services.

The NHS e-Referral Service (e-RS) and NHS 111 Directory of Services (DoS) are the first major NHS systems to make the migration under the government’s cloud-first policy, with both using AWS.

The aim is to cut costs at both services, but there are other benefits, says Neil Bennett, director of services at NHS Digital. “Costs are lowered, reducing pressure on the public purse, there is better security and reliability, as well as greater flexibility, performance, scalability and availability, to name a few,” he said.

The e-RS is a booking service that handles 18 million referrals annually, letting patients from more than 1,100 GP practices choose clinics, hospitals and dates and times for appointments. It’s now enabled for booking and managing such appointments via the internet, but that won’t be available until later this year when NHS Identity takes over authentication, the NHS said in a statement.

The DoS helps connect patients to the appropriate service for the health concerns, helping relieve pressure on urgent and emergency care. It handles 16 million searches annually.

Migrating such important services without disrupting patient care was key, explained Bennett: “This was a tremendous collaborative effort across many different teams here and with external partners, to migrate such large systems with a minimum of disruption to users, in a reasonably short timescale.” 

Alongside cutting costs and improving services for patients, the migration to cloud is a key part of the NHS’ sustainability strategy, said Ben Tongue, sustainability manager at NHS Digital.

“Large cloud operators like AWS provide significant energy and carbon savings against enterprise and legacy systems,” he said. “We are working with AWS to achieve full transparency on the energy use and carbon impact of the contract, so that we can continue to focus on ensuring that our storage systems are as energy efficient as possible, reducing carbon emissions and minimising environmental impact.”

Last year, the NHS unveiled a cloud framework to simplify procurement, hoping to help migrate more services as part of the government’s cloud-first policy. Patient records stored by EMIS are already making the shift to AWS, while Barts Health NHS Trust is moving its IT estate to the cloud via Capgemini, but research suggests many NHS trusts remain wary of the cloud.

Twilio powers Be My Eyes app to aid the visually impaired


Nicole Kobie

23 Jan, 2020

Cloud communications platform Twilio has revealed it’s powering Be My Eyes, an app to help visually impaired and blind people make their way in the world.

Be My Eyes pairs cameras and video chat to help 178,000 visually impaired people get help from more than three million volunteers. For example, the camera can be pointed at a sign, document, or even food packaging, letting the remote volunteer read it out.

The chat function can also be used with specific companies that support the app, which include Microsoft, Google and Lloyds Banking, making it easier for visually impaired people to get specialist help using their services, be it for banking, shopping, or booking tickets.

“Relying on friends and family for everyday tasks can be taxing on relationships and prevent people with visual impairments from achieving true independence,” said Alexander Hauerslev Jensen, chief commercial officer of Be My Eyes.

The free app has been in use since 2015 across both iPhone and Android. Upon launch, it gained 10,000 volunteers and 1,000 users overnight, suggesting there could be high demand. And as the user base grew, so too did lags in connection time, making the app less useful for those who needed it most.

At the time, Be My Eyes was using multiple providers for video connectivity. Now, it’s switched to Twilio Programmable Video for more stability and higher quality connections, reducing connection times in half. Now, Be My Eyes aims to help everyone within a minute of a request, with 90% of connections made within 30 seconds.

“Be My Eyes is a Twilio-powered community support platform that solves a visually impaired person’s problem in a fraction of the time that it would take via audio,” said Jensen. “When you’re asking for help, a little bit of time can feel like an eternity. Every second we can shave off wait times means more trust, more engagement, and a stronger bond in our community. A 50% reduction in connection time can mean a world of difference for the user and the Twilio platform enables us to achieve this.”

The partnership comes under the remit of Twilio.org, the cloud company’s social enterprise division. “Twilio.org was established to help social impact organisations use the power of communications to create positive change on a global scale, and it’s inspiring to see Be My Eyes doing just that,” said Erin Reilly, chief social impact officer of Twilio.

“Be My Eyes is enabling people with visual impairments to live independent lives, no matter where they reside in the world,” Reilly said. “Their innovative use of Twilio enables Be My Eyes to make sure that their users get help when they need it.”

FireEye expands cloud security with Cloudvisory acquisition


Nicole Kobie

22 Jan, 2020

Security firm FireEye has acquired Cloudvisory, aiming to bring cloud visibility tools to its offering.

The buyout was for an undisclosed sum and is FireEye’s seventh acquisition. Last year, the security firm bought Verodin for $250 million (£190.4 million) and in 2014 bought Mandiant for $1 billion.

“Customers need consistent visibility across their public and hybrid cloud environments, as well as containerised workloads,” said Grady Summers, Executive Vice President of Products and Customer Success at FireEye. “Cloudvisory delivers this visibility and allows FireEye to apply controls and best practices based on our frontline knowledge of how attackers operate.”

Cloudvisory’s system was created to provide visibility into network traffic, spot and fix misconfigurations, and keep an eye out for compliance issues. On the security front, it claims to detect, block and quarantine attacks.

Summers notes that’s key, as most companies see security as a leading concern with using the cloud. “Security is top of mind for almost all organisations as they migrate critical workloads to the cloud,” Summers adds. “With the addition of the Cloudvisory technology, FireEye is able to offer a comprehensive, intelligence-led solution to secure today’s hybrid, multi-platform environments.”

The acquisition will see Cloudvisory’s capabilities added to FireEye’s Helix, letting customers see all of their cloud environments from one single dashboard, expanding monitoring and compliance.

“Joining FireEye offers Cloudvisory a unique opportunity to combine our innovative approach to cloud visibility and FireEye’s unrivaled insights into the threat landscape,” said Lisun Kung, Cloudvisory co-founder and Chief Executive Officer prior to the acquisition. “We’re excited by the potential to quickly scale and help more organisations secure their cloud and container workloads.”

Alongside the acquisition, FireEye’s Mandiant division also unveiled a pair of new cloud-focused services.

The first is Cloud Security Assessments, available for Office 365, Azure, AWS and Google Cloud. These will look for common misconfigurations and other issues with cloud that attackers use to slip past security measures. “Through tactical coaching and comprehensive recommendations, organisations achieve increased risk visibility and enhanced functional capabilities,” the company said.

The second new service is Cyber Defense Operations, which offers hands-on support and training to help in-house detection and response take a step up. The process begins with an evaluation to highlight goals and capabilities, such as threat hunting.

Then Mandiant personnel will offer training, analysis and other support within the client’s environment. “Through this process, areas for maturation are identified and pursued, helping to identify and resolve visibility gaps and procedural issues,” the company says.

“Our Cloud Security Assessments and Cyber Defense Operations consulting services are two new offerings to help clients protect their key assets before, during and after an incident,” said Jurgen Kutscher, EVP of Service Delivery at FireEye.

Barts Health NHS Trust shifts to cloud with Capgemini


Nicole Kobie

21 Jan, 2020

Barts Health NHS Trust has turned to Capgemini to help modernise its ICT estate using the cloud.

The three-year agreement will see Capgemini work across all five hospitals in the Trust, rolling out end-to-end cloud services across sites in Central and East London. One of the largest in the country, the Trust manages hospitals in Mile End, Whipps Cross, and Newham, as well as the Royal London and St Bartholomew’s hospitals.

The aim is to modernise the Trust’s existing estate, shifting away from legacy systems in favour of cloud technologies. That includes the assessment and migration of mission-critical workloads to different cloud providers, as well as wider management tools and security systems, Capgemini said.

“As the largest NHS Trust, and one of the pioneers in taking a step towards modernising its IT infrastructure through migrating the services to the cloud, the Trust will benefit from a more secure, scalable and agile operating environment that is more cost effective than current legacy IT infrastructure,” said Matt Howell, head of Public Sector at Capgemini in the UK.

The move is part of wider plans to modernise Barts’ technology to benefit patients and staff, said Sarah Jensen, CIO of Barts Health Trust. “With their existing experience in providing cloud hosting services and digital transformation solutions to the NHS, we are excited about the journey we have started together and are confident our partnership will continue to add value in our ever-challenging environment which ultimately leads to better care for patients.”

The deal follows last year’s efforts to build a Cloud Solutions Framework to make it easier to find suppliers for NHS and other public-sector organisations; Capgemini UK is one of the suppliers listed in the framework. The framework has four different lots — covering everything from consultancy to end-to-end cloud — with a handful of suppliers in each.

“The result is a specialist pool of 24 leading suppliers, which provide the greatest expertise and value-for-money to the public sector,” said Phil Davies, procurement director at NHS Shared Business Services, at the time.

Exploited Internet Explorer flaw won’t be patched until next month


Nicole Kobie

20 Jan, 2020

Microsoft has warned that millions of people still using the Internet Explorer browser could be at risk from a zero-day flaw that is actively being exploited by hackers.

The flaw, which is in a scripting engine of the browser, makes use of memory corruption to execute code. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user,” Microsoft noted in its security guidance. “If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”

That could let attackers install programs, access data, or create new accounts, the company noted.

“One way in which the vulnerability could be exploited is via a web-based attack, where users could be lured into visiting a boobytrapped webpage – perhaps via a malicious link in an email,” security and industry analyst Graham Cluley noted in a blog post.

Cluley added that the flaw appeared to be related to a similar vulnerability in Mozilla Firefox spotted earlier this month. The discovery of both flaws was attributed to Qihoo 360, with the security firm tweeting last week as it reported the Firefox flaw that there was also an IE version.

Microsoft said it was aware of “limited targeted attacks” using the vulnerability. Microsoft said it was working on a fix, and suggested it would come with the next Patch Tuesday, which is due out on 11 February.

While users will have to wait for a patch, Microsoft noted that anyone running IE on various versions of Windows Server may be protected by default settings called Enhanced Security Configuration. Microsoft also suggested a workaround for other users, which involves restricting access to JScript.dll, though that will have to be undone when the update is issued.

“Blocking access to this library can prevent exploitation of this and similar vulnerabilities that may be present in this old technology,” notes guidance by the CERT coordination centre at Carnegie Mellon. “When Internet Explorer is used to browse the modern web, jscript9.dll is used by default.”

The best mitigation is to switch to a modern browser, with Microsoft referring to IE as a “compatibility solution” for older apps rather than a browser to push out widely to staff. However, according to Net Applications’ Market Share figures, 7.4% of web users are still on IE — two percentage points more than Microsoft’s Edge, which was first released in 2015.

Cloud hardware sales slide, but still dominates wider IT market


Nicole Kobie

16 Jan, 2020

Sales of hardware for cloud infrastructure slid slightly over the past year as part of overall weaker sales in IT, according to IDC, but they still exceeded spending on non-cloud infrastructure for the second time ever.

The analyst firm said cloud IT infrastructure spending declined for the second quarter in a row in the third quarter of 2019, down 1.8% from the same period last year.

While public cloud infrastructure declined 3.7% on the year, that segment is still worth $11.9 billion in quarterly sales. And while sales for public cloud dropped versus the same period last year, they were up by 24% from the quarter before.

“As the overall segment is generally trending up, it tends to be more volatile quarterly as a significant part of the public cloud IT segment is represented by a few hyperscale service providers,” IDC reported, adding that public cloud makes up most of the spending.

With such volatile quarterly figures, it’s easier to look at the market on an annual basis, and IDC noted public cloud IT infrastructure had stable growth since the analyst firm began tracking the segment. “In [the third quarter of 2019], vendor revenues from private cloud environments increased 3.2% year over year, reaching nearly $5 billion. IDC expects spending in this segment to grow 7.2% year over year in 2019 to $21.4 billion,” the company predicted.

IDC splits infrastructure into three areas: ethernet switches, compute platforms, and storage. While compute will remain the largest segment for cloud infrastructure spending, it’s expected to see growth of just 3% in 2019, while storage will be flat. The Ethernet switches segment is predicted to climb 11% on the year.

IDC said that the IT infrastructure industry was reaching the point where cloud will outstrip spending on traditional, non-cloud systems. Up until this last quarter, cloud spending topped non-cloud only once, back in the third quarter of 2018. In the last quarter, cloud hardware spending topped 53%.

“However, for the full year 2019, spending on cloud IT infrastructure is expected to stay just below the 50% mark at 49.8%,” IDC added. “This year is expected to become the tipping point with spending on cloud IT infrastructure staying in the 50+% range.”

IDC forecasts traditional infrastructure will make up 42% of sales by 2023, down from 52% in 2018. That’s in part due to spending on traditional environments declining, with IDC predicting it to fall by 5.3% over 2019.

“This share loss and the growing share of cloud environments in overall spending on IT infrastructure is common across all regions,” added IDC. “While the industry overall is moving toward greater use of cloud, there are certain types of workloads and business practices, and sometimes end user inertia, which keep demand for traditional dedicated IT infrastructure afloat.”

The future of business banking now


Nicole Kobie

15 Jan, 2020

Forget walking down the high street to queue at your bank branch to set up an account, make a deposit or do any other basics of business banking. Thanks to the rise of mobile and online banking, such tasks can be done with a few taps on a smartphone between meetings. But the future of business banking isn’t just digital – it’s about integrated services and linking up with third-party software to make your finances as streamlined as possible. 

That’s the idea behind open banking, which is a set of regulations that lets your financial data be shared, opening up the way for new services and apps. Indeed, it’s helped spark the rise of so-called “challenger” banks, which are normally digital only, each with intuitive apps, near-instant account setup and handy features such as instant notifications and automated roundups for saving pots. But as compelling as they are, the likes of Monzo, Revolut and N26 started their push into the world of finance via consumer accounts for individuals, leaving small businesses behind.

That’s no longer the case. Starling has signed 60,000 businesses (and is approaching a million consumer users), Tide passed the 100,000 mark last summer and Monzo’s business accounts are set to arrive any day now. However, traditional banks have also caught on and don’t want to lose their lucrative business clients to newcomers, unveiling their own take on the challenger bank idea with the like of Bó from RBS – think big brewers releasing their take on a craft beer. Whichever you choose, it means same-day account setup, easy-to-use apps, and integrated accounting and other software tools. 

SMBs long ignored

It’s high time banks paid better attention to SMBs. According to analyst firm EY, SMBs account for £1.9 trillion in turnover annually and make up 99% of private companies in the UK. But a survey from Adaptive Lab suggested SMBs feel undervalued by larger banks, with too high costs for not enough specialised services. No wonder then that British startup Starling decided early on to target SMBs. “We recognised it was an underserved segment of the market, where the incumbent banks dominate and where there hadn’t been much innovation,” says Alex Frean, head of corporate affairs at Starling. “We thought there was a real customer need out there.”

Oliver Prill, CEO of business challenger bank Tide, adds that his fintech startup started because the co-founders had previously gone through the difficulty of setting up a business bank account themselves. “It didn’t work smoothly,” he says. “The biggest motivation for switchers at the moment is the huge annoyance they have had with the big five banks… they’ve really had it with their bank.”

Why have incumbent banks failed to offer such services? “We come from a history of monolithic universal banks, where small business is one segment among many others without much mindset to look at it any differently,” Prill says. “We fundamentally believe that these are very different industries,” he continues, suggesting that one bank may not be able to serve consumers, corporations, sole traders and SMBs very well, let alone those operating across different industries. 

All this means that business banking is ripe for disruption – and the disruptors are at the gate. They’re helped by the rise of digital in SMBs and API-led fintechs, open banking regulations prising data out of incumbents, and also the Alternative Remedies Package, which means there’s money sloshing around to help boost fintech startups. And, so far at least, it appears to be working. 

Making the move

That said, despite the increasing options, a June 2019 survey from Accenture suggests a mere 15% of SMB customers intend to switch their bank in the next year, with only 25% saying they would be willing to move to a digital-only service. 

There are two types of customer that challenger banks need to convince: those starting new businesses and those switching from an existing company to a different financial provider. For Tide, about 70% of its customers are new-to-market, and 30% are switching. To win over the first tranche, challenger banks need better awareness, admits Prill. He says Tide opens 12% of all new business current accounts, but its own in-house research suggests there’s only brand awareness among 17% of new companies – that’s why Tide ads are plastered all over London at the moment. “For the new-to market, a bank has to be fast… and have a good reputation,” he says. “But you need to be aware of the bank in the first place.” Frean agrees, noting that the lack of high street banks means creating awareness is a challenge. “We have to go and find customers and make them aware of us,” she says.

And then there are switchers, those annoyed at their current banks. It’s not easy to switch, but open banking is making it easier. For consumers, trying out Monzo or Starling is easy: sign up for an account, order a card, install the app, and you can see if it’s a system you like without having your salary paid in or transferring over all your direct debits. It’s more difficult for businesses to try out a new bank fully, as switching everything over takes time and, therefore, money; you would have to be sure of a new service before taking the plunge.

To help, Tide wants to set up a system for trial switching, in which all your figures, transactions and so on are pulled into the Tide account as a data feed, with your existing account staying the same. That lets companies try a bank effortlessly without much risk. “The trial switching overcomes friction, but you need to have a real reason to switch,” Prill says. 

Worth the switch?

Alongside attractive apps with whizzy features, challenger banks are trying to convince SMBs to make the switch by helping with or even taking over admin such as payroll and accounting, either offering such services or software themselves or via a third-party provider. “It’s really around saving small businesses time,” explains Prill. “We look at the space not as business banking, but as everything a business owner would consider admin and finance.” Indeed, Tide sees itself not as a bank, but instead as a platform, letting others build products that SMBs can embed into their banking processes. “We want to be the operating system for an SMB, but not the application layer,” Prill says. 

And that’s where open banking and third-party partnerships come in. Rather than export transactions and then import them into your software of choice, tools such as Xero and FreeAgent are integrated into the app. When the right tool isn’t available, Tide builds one; so far, it’s created built-in systems for invoices as well as credit. Take invoicing, for example: an SMB needs to create, send and chase that invoice, noting when it’s paid and pushing the relevant information into an accounting system. “Across these different product sets – invoicing, credit, payments, accounting – is a connectivity chain that we orchestrate, we make it highly usable,” says Prill. 

Starling’s equivalent is the Marketplace. This is the epitome of the open banking idea, a digital library of services and tools that Starling customers can easily integrate with their account, from receipt tracking to lines of credit, as well as leading accountancy software Xero and FreeAgent. “They can immediately pull your files from your Starling account and populate your accountancy files,” Frean says. “We’re adding to the Marketplace all the time.” Of course, some of the key features aren’t high-tech. Starling and Tide offer cash deposits via the Post Office, with Frean noting that it’s one of Starling’s most popular features.

What’s next? 

Prill predicts the banking market will fragment even further, particularly for businesses. Rather than choose the best of few options from five or so big banks, we’re already seeing more competition from the likes of Tide, Starling and the rest. “In the long term, there will be many different models to suit different customer needs,” he says. “We think this is a sign of a healthy market, that there is not a monolithic culture but offering true choice.”

Such banks will become less about your finances, and more about all aspects of your company – that’s Tide’s idea with the “OS for SMBs” concept. Right now, invoices and accounting are built into challenger business accounts, but within the next several months, Tide plans to also offer company formations. “The data we collect to set you up with a bank account… we might as well set up the company for you,” Prill says. “We could register your domain and website for you too.

“I think we’ll continue to see traditional banking providers lose share,” Prill adds, promising more richness of services, as well as more variety – and that’s where artificial intelligence (AI) could come in, he suggests, with machine learning used to find and suggest the best services for your business from a multitude. So many features and services that small-to-medium sized businesses need help choosing between them? That’s a nice change from which of the five boring banks will stash your money.