Yes Bank CIO Explains Why India Needs its Own Data Mart More Than LLMs - Related to banks, reduce, bank, risk, api

‘AI Can Reduce the Risk of API Breaches’

India’s digital landscape is rapidly evolving, and application programming interfaces (APIs) are playing a crucial role in this transformation. They serve as essential connectors and breathe life into machine learning organisations.

However, with increased dependence on APIs, comes a significant rise in security challenges. The more interconnected systems become, the greater are the potential vulnerabilities that can be exploited. This is where Artificial Intelligence (AI) steps in.

APIs are the backbone of modern applications, powering everything from mobile banking to e-commerce platforms. This makes them prime targets for malicious actors. Notably, successful attacks can potentially lead to data breaches, financial losses, and service disruptions.

Pratik Shah, managing director of India and SAARC at F5 Networks, told AIM. “APIs account for nearly 90% of global web traffic, and the number of public APIs has grown by 460% over the past decade. However, their growing adoption has also made them prime targets for cyber threats, including broken authentication, injection attacks. Server-side request forgery and many more.”.

“India’s journey towards becoming a global digital leader hinges on the strength of its underlying infrastructure — APIs. These interfaces are the backbone of our digital economy, connecting critical sectors like finance, healthcare, e-commerce, and. Government services,” he added.

Shah revealed that the Indian Computer Emergency Response Team (CERT-In) reported a 62% rise in API attacks in just the first half of 2024. These attacks are not merely technical breaches; they represent real economic threats, compromising trust, data, and. Business operational stability.

As per a recent study by Indusface on the State of Application Security in 2024, APIs faced 68% more attacks than websites. DDoS attacks on APIs in particular have surged by 94% quarter-over-quarter, making it 1,600% more than what websites experience. In addition, bot attacks on APIs have increased by 39%.

Since 2023, CERT-In has incorporated training programs in its annual reports for government officials, the finance and banking sectors, and others, to emphasise the importance of API security and the use of AI to enhanced protect APIs.

In addition, they released a whitepaper in collaboration with Mastercard on using AI to secure APIs in the future.

With the advent of AI advancements and the scale of innovation, traditional methods are no longer the most effective forms of security.

“Unlike traditional security mechanisms that rely on static rules, AI enables automated mitigation by proactively blocking, throttling, or challenging suspicious traffic without interfering with legitimate customers,” Shah further mentioned.

“Additionally, AI models continuously integrate the latest threat intelligence, allowing organisations to stay ahead of evolving attack vectors, including zero-day vulnerabilities.”.

Sharing an example of how his organization, F5, tackles this, Shah mentioned that they have developed an AI-driven platform that integrates API discovery, vulnerability detection, and real-time monitoring.

Considering the applications deal with massive amounts of telemetry data, AI can automate the process of detecting anomalies in real time. Helping businesses protect themselves long before a breach can occur.

“AI’s predictive capabilities allow business leaders to proactively secure APIs, maintaining trust, compliance, and operational efficiency across their digital systems,” he noted.

Meanwhile, sharing his thoughts on this with AIM, Nassim Asrir, co-founder at ZeroZenX, mentioned, “I believe that AI-powered cybersecurity tools can play a significant role in securing APIs, but it is crucial to have a balanced perspective on their capabilities.”.

“However, it is crucial to recognise that while AI can greatly reduce the risk of API breaches it cannot eliminate the threat entirely. AI is a tool designed to detect and mitigate known and unknown external threats, but it is not infallible,” Asrir added.

The Future of AI-Powered API Security in India.

The future of API security in India is intertwined with the continuous advancement and adoption of AI.

Sameer Meher, a cybersecurity expert at EY. Told AIM, “AI is playing a big role in keeping APIs secure in India. With digital transactions and data sharing growing rapidly, AI helps detect threats in real time, spot unusual activities, and stop attacks before they cause damage.”.

As AI technology evolves, we expect even more sophisticated solutions for threat detection, vulnerability management, and authentication.

By embracing AI-powered API security, India can build a robust and resilient digital ecosystem, fostering innovation and trust in the digital economy.

Si l’Apple Intelligence débarque enfin en France. Disponible via la version bêta de l’iOS , Apple semble toujours faire face à un retard au niveau...

During a press conference at the White House Monday, US President Donald Trump and Taiwan Semiconductor Manufactur...

The launch of ChatGPT sparked a generative AI craze, igniting a tech revolution that has forced companies to rapidly innovate to ...

AWS Automates KYC and Fraud Detection—Makes Banks Failproof

The Indian Economic Survey 2025 indicated the growing adoption and impact of generative AI within India’s banking sector. It pointed out that several financial institutions and banks in India are increasingly leveraging AI to enhance their operations, improve customer experiences, and streamline services.

However. Alongside these advancements, challenges related to security and scaling remain. This is what AWS is trying to solve, offering solutions designed to address these concerns.

In an , Kiran Jagannath, head of financial services and conglomerates at Amazon Web Services (AWS) India and South Asia. Revealed that banks are now open to using generative AI services.

, AWS is helping BFSI companies integrate generative AI securely and efficiently. Many fintechs and FSI firms have already begun their generative AI journey using AWS with key adopters, including Dhan, HDFC Securities, Fibe, and. Axis Bank.

He shared that for the stockbroking fintech startup Dhan, KYC timelines were long, and the corporation wanted to address this issue. The corporation used generative AI to shorten these timelines, automating 25% of the KYC process and reducing wait times by 50%. “They achieved this with a 30% reduction in operational costs,” Jagannath added.

The startup developed a chatbot solution based on LLM and retrieval-augmented generation (RAG) technology, utilising Amazon Lex. Amazon Bedrock knowledge base, and Amazon Bedrock agents. The GenAI chatbot integration automated KYC queries, with multilingual voice and text support, enabling 24/7 customer support with the flexibility to route conversations to live agents, accompanied by a summary of the chat history, based on the user’s preference.

Regarding another customer. Razorpay, Jagannath expressed the enterprise used generative AI to reduce payment failures. “Payment failures are still quite common today, and they have a significant impact. Whether in e-commerce or other sectors, a failed payment means a potential loss of sales for the customer.”.

The firm in the recent past launched Ray Concierge, an AI onboarding system that simplifies the often complex process of setting up payment gateways.

Moreover, he added that generative AI has several applications in the BFSI sector, including fraud detection. Customer experience, document summarisation, and process automation. Jagannath further explained that the financial sector handles vast amounts of data and documentation, and AI helps speed up processes such as underwriting, insurance proposes processing, and customer support.

Jagannath stated that many payment providers today operate on AWS. And even on the enterprise side, AWS collaborates with several end-customers. “Every UPI payment, whether it is ₹5 or ₹5,000, impacts core banking systems. These platforms were not originally designed to handle such high transaction volumes. So, we are working with these end-customers to improve resiliency.” He stated, citing RBI data, that over 47% of the world’s real-time payments happen in India.

Speaking of resilience, he expressed that the AWS ensures resiliency and. Scalability through its availability zone (AZ) architecture. “Cloud computing provides automatic scaling, allowing AWS to handle failures seamlessly without customer intervention,” he expressed.

He revealed that each AWS region, such as Mumbai and. Hyderabad, consists of multiple AZs. These AZs contain one or more physical data centres, which are isolated from each other by using different power grids, water insights, and other infrastructure. They are also interconnected with high-bandwidth, low-latency networks, ensuring minimal delay in communication.

The redundancy across AZs makes it extremely difficult for an entire AWS region to go offline unless a major disaster occurs. AWS automates failovers between AZs, meaning consumers experience no visible downtime.

Moreover, he added that AWS is one of the most secure clouds and. Follows the security-by-design approach. “We have various concepts, like landing zone, where we help our people, especially banks, develop these security guardrails and. Policies,” Jagannath presented.

A landing zone is a pre-configured environment where security policies and guardrails are automatically applied. He explained that developers can write code within these security boundaries, ensuring compliance with policies from the start.

Jagannath believes that more enterprises and. clients will adopt generative AI services if they receive proper training. He stated that AWS has trained about million individuals in India.

“We do a lot of outreach to our developers across whether they’re working for large banks or working for large system integrators, it doesn’t matter for us, because they are the ones who are the pillars of foundations on how to adopt technology.”.

Moreover. In 2025, AWS showcased plans to invest $ billion into cloud infrastructure in the AWS Asia-Pacific (Mumbai) Region in Maharashtra to further expand cloud computing capacity in India. This investment is estimated to contribute $ billion to India’s gross domestic product (GDP) and support more than 81,300 full-time jobs annually in the local data centre supply chain by 2030.

“Our investments and operations in India are enabling individuals of all segments to experiment and build technology applications and platforms. Re-invent industries and their business models, and power their growth,” Jagannath concluded.

Orange et Mistral AI annoncent une collaboration stratégique pour renforcer le développement et l’adoption de l’intelligence artificielle en Europe. C...

Building on these developments, the launch of ChatGPT sparked a generative AI craze, igniting a tech revolution that has forced companies to rapidly innovate to ...

Yes Bank CIO Explains Why India Needs its Own Data Mart More Than LLMs

India continues to face a critical debate: Should the country invest in developing its own foundational LLM or focus on building applications on top of those developed by others? Mahesh Ramamoorthy, CIO of Yes Bank, believes there is no right or wrong answer, but a complicated way forward.

At Razorpay FTX’25, Ramamoorthy emphasised the need for a structured approach involving regulatory oversight and public-private partnerships, outlining the complexity of building an LLM.

“At the base of everything is data,” he stated, explaining that financial institutions. For instance, have access only to their own data and operate under stringent compliance regulations. This limited scope makes developing a comprehensive, unbiased AI model difficult.

While technological expertise exists in India. A key challenge lies in training these models effectively. The current regulatory framework further constrains access to data. Banks and financial institutions rely on consent-based mechanisms, such as credit bureaus, which restrict their ability to aggregate diverse datasets.

“As regulated entities, we are aligned to compliance expectations, which means that our ability to seek data beyond what we have or beyond the credit bureaus is essentially consent-based,” Ramamoorthy noted.

To address this challenge, Ramamoorthy proposed a triage approach involving regulators. Private financial entities, and technology firms. He focused on the need for a centralised entity that can aggregate data from multiple findings while ensuring privacy and compliance.

“That entity can build a credible database beyond what we see today in the credit bureaus,” he explained, adding that this would allow banks and. Financial institutions to develop domain-specific AI models without compromising data security.

He further highlighted the importance of making this data a national asset. “As a country, we need to have our own data mart, which can be used as a sovereign property, rather than looking at third parties for it,” he mentioned.

Ramamoorthy stressed that a regulatory framework is crucial to ensure fair and. Responsible AI development. “Such things require a fair bit of regulatory oversight framework,” he unveiled, advocating for a structured mechanism where data usage is consent-based and well-governed.

He acknowledged that initial steps toward building AI infrastructure are already in motion, but integrating regulators such as the Reserve Bank of India (RBI), the Securities and Exchange Board of India (SEBI), and. The Insurance Regulatory and Development Authority of India (IRDAI) will be crucial.

“In the next 12-18 months, I can see some significant call-outs coming here,” he predicted, noting that emerging business models will shape the way AI is developed and deployed in India.

Ramamoorthy remains optimistic about India’s AI journey. While challenges exist, the country is well-positioned to build its own foundational models. He pointed to the potential role of credit bureaus in expanding their portfolio to contribute to AI model development.

“Could they be expanding their portfolio? Because they’re also regulated by the RBI in some form. So, can they be used to expanding their business portfolio with different partnerships?” he pondered.

“We’re not going to be far behind on that. But frameworks, regulations, and entities will be key to our success. I don’t think we should rely extensively on outside of India. We should build on that.”.

Yes Bank has been optimistic about implementing AI in several of its offerings. It is shifting from traditional robotic process automation (RPA) to a more advanced, AI-powered approach. Yes Robot, launched during the COVID-19 pandemic, continues to be a key customer engagement tool. It supports service requests and enables product cross-selling and upselling.

The bank follows a structured cloud strategy focused on scalability, resilience, and security. By working with multiple cloud service providers, Yes Bank has improved operational efficiency through cost optimisation, elastic computing resources, on-demand scalability, and automated recovery processes.

As part of its ongoing quest to continue upgrading its AI, Google is making some changes to Gemini -- making a paid feature free to everyone and givin...

Co-founder and CEO of Perplexity AI. Aravind Srinivas, has joined Astra as an angel investor, lending his expertise and resources to the AI startup. F...

At the Mobile World Congress (MWC) 2025 held in Barcelona, Jio Platforms Limited (JPL), along with AMD, Cisco. And Nokia, on Monday unveiled that it ...