CMOS and beyond CMOS
Discover why imec is the premier R&D center for advanced logic & memory devices. anced logic & memory devices.
Connected health solutions
Explore the technologies that will power tomorrow’s wearable, implantable, ingestible and non-contact devices.
Life sciences
See how imec brings the power of chip technology to the world of healthcare.
Sensor solutions for IoT
Dive into innovative solutions for sensor networks, high speed networks and sensor technologies.
Artificial intelligence
Explore the possibilities and technologies of AI.
More expertises
Discover all our expertises.
Be the first to reap the benefits of imec’s research by joining one of our programs or starting an exclusive bilateral collaboration.
Build on our expertise for the design, prototyping and low-volume manufacturing of your innovative nanotech components and products.
Use one of imec’s mature technologies for groundbreaking applications across a multitude of industries such as healthcare, agriculture and Industry 4.0.
Venturing and startups
Kick-start your business. Launch or expand your tech company by drawing on the funds and knowhow of imec’s ecosystem of tailored venturing support.


Helping financial institutions cope with the digital era’s security threats

The financial sector – just like many others – is in the midst of a digital transformation. On the one hand, this brings a great deal of opportunities as it allows for the creation of innovative services such as mobile phone banking. Yet, the move to digital also brings a number of challenges that might jeopardize the sector’s trusted relationship with its customers. Cyberattacks, which are becoming increasingly complex and powerful, are one concrete example.

Since there is a lot at stake, TRU-BLISS investigated how banks can better cope with security threats in the digital era – both operationally, technically and legally.

“As banks bring their digital innovations to market, they are forced to make a continuous trade-off between introducing user-friendly products and applying strict security measures,” says Patrick Wynant (Febelfin). “We wanted to investigate which security measures are being used by financial institutions already, evaluate their effectiveness, and support banks to work together to face upcoming cybersecurity threats.” 

The outcomes

1. Prototyping an interbank risk warning system that allows banks to better cope with fraud

Fraud incidents are becoming increasingly complex, and are no longer isolated to a single bank’s activities. What is needed, is an interbank collaboration model that enables the timely and secure exchange of information – with guaranteed confidentiality. 

“We basically looked at two approaches,” says Nathan Van de Velde (iMinds - KU Leuven). “On the one hand, we laid the legal foundation for a platform that includes the exchange of personal data to share info on fraud incidents; for this approach, we’re currently ascertaining whether there is political backing for the proposed platform. The other path we explored makes use of an existing platform that does not leverage personal data; here, we restricted ourselves to conducting a platform audit.”

2. A requirements document that helps banks prepare for upcoming legislative changes in the digital domain

As a second legal research track, a requirements document has been developed that helps financial institutions assess the impact of – and prepare for – upcoming legislative changes in the digital domain. Examples of such legislative changes include the General Data Protection Regulation (GDPR) framework (which intends to strengthen and unify data protection for individuals within the European Union), the updated Directive on Payment Services (which provides the legal foundation for the creation of an EU-wide single market for payments) and the updated Anti-Money Laundering (AML) directive. 

3. The analysis and development of security metrics for safer web-based communications

Since the Internet is one of the main vehicles to get access to financial institutions’ digital services, TRU-BLISS analyzed and developed a number of security metrics for safer web-based communications, including:

  • A document that recaps today’s security best-practices (as well as their soft spots).
  • A website vulnerability tool that automatically and continuously tests financial institutions’ websites against a number of security parameters; the results are visualized in a dashboard that reflects potential weaknesses; as such, the tool allows banks to benchmark their web security posture against the European and global average and to follow up on improvements.
  • A holistic internal defense approach against ‘Advanced Persistent Threats’; the TRU-BLISS approach includes a state-of-the-art analysis of the APT problem, a reference architecture for near real-time analysis of internal network data (using rule, blacklist and anomaly-driven detection), and an operational prototype of this architecture.

Download Leaflet


Helping financial institutions cope with the digital era’s security threats.

TRU BLISS is an imec.icon research project funded by imec.

It ran from 01.04.2014 until 31.03.2016.

Project information


  • BNP Paribas Fortis
  • Belfius Bank
  • DNS
  • Febelfin
  • Belgian Internet Service Center (BISC)
  • Federal Computer Crime Unit (FCCU)


  • imec - DistriNet - KU Leuven
  • imec - COSIC - KU Leuven
  • imec - CiTiP - KU Leuven


  • Project Lead: Patrick Wynant
  • Research Lead: Nathan Van de Velde
  • Innovation Manager: Stefan Van Baelen
  • Proposal Manager: Ann Mennens