Blog article
See all stories »

CashLess and LessCash - Security

Abstract – Drive against Cash or case against Cash is on its way with full swing across the globe and in India specifically this is going on a scale which is bigger then world war-2 (Just guessing). This effort is appreciated, welcome and needed but speed may be wrong. The security of subscriber’s data in terms of kyc information, transactions details and sensitive information like bank, mobile wallet, card details are pivotal and remain as a golden key to any financial system. Before we began our journey and ask customers to use any financial system/platform which offer users interfaces like Mobile App, Online interface or Mobile phone interface; there is serious need to understand what security has been built in it, what all tools, systems, software and techniques are used to ensure protection. As a user before attempting to use a cashless payment instrument a basic level understanding is needed and required to understand & build trust on the system.  Where we going to put our hard earned money-on needs to firstly be understood and trustworthy . When it comes to running online business, the most important question is “How will my customer pay me?” If you don’t have an answer to that question, then you may as well as pack up and go home. 

Introduction - If you are excited & passionate about getting and using your user digital wallet with any of wallet services provider in India or any where across the globe for your digital needs please read on.  Digital wallet or eMoney wallet can be vulnerable to cyber-attacks and hackers. Hackers could also escape with your sensitive financial information stored in your digital wallet. As payment technologies progress, so will the need for secured & safe methods for our day-to-day payments. Given the speed of accepting the change over the last couple of years, banks may feel they need to decide between complying or competing or refusing and loosing out, as fintech explore new technologies that meet the challenges of digitalisation and changing consumer behavior every day. I’m as paranoid about security and will never use any method which is not secured. I am happy about this as it’s also easy, low cost as easy as toping on ice cream with chocolate and berries. A strong Payment Gateway will provide the merchant with a wide array of payment options so that no transaction is lost because the customer doesn’t hold a suitable payment option.

Main Story – The Big picture on payments is that it consists of simple, secured and speedy networks as core technical elements. Technical terms around payments markets like crypto currency, Bitcoin, Mobile, Online, Instant, BlockChain (underlying technology in Bitcoin), BaaS (Banking as a Services) over BaaP (Banking as a Platform) might be scary for a normal person but there is need to bring them in front with easy & simple meanings. This should be done according to needs and should be a regulation as well all the digital wallets across the globe should not lack in hardware-based security layer along with software, which make them prone to hacking. In case where any digital wallet lacks the cyber security preparedness this wallet should come under radar of security checks. Global wallet companies like Alipay, WeChat and Apple Pay use hardware-based security layer, which make them more secure for online transactions. “You will be surprised because most of the banking or wallet apps around the world don’t use hardware security difficult to digest or understand why? They actually run completely in open software mode and user passwords can be stolen with ease; having said that I don’t mean to claim if hardware level security is not built in so that the wallet is not secured or should not be used.  

French digital payment security company Oberthur Technologies has introduced a dynamic CVV (card verification value) in place of the usual static CVV. The CVV is the familiar three-digit security code on the back of the card. The dynamic CVV, which uses a random number generator to update the CVV, attempts to reduce card fraud by changing the CVV every hour or even more frequently. Since "card-not-present" transactions make up 65% of all card fraud, this can be a useful security addition since a compromised CVV now only has a limited lifespan. What matter here is transaction volume & value? Process around processing also matters to up to an extent to ensure cost effectiveness comes into play. For this to happen effectively, planning and preparation is key for the next stage of the payments revolution. A key issue for consumers engaging in mobile commerce and payment transactions is information disclosure. The technological constraints of mobile devices, including small screen sizes and limited memory or storage capacity, can limit the amount of information that consumers have access to during a transaction; a small screen for example, limits the amount of text that can be displayed to a consumer.

Today, smartphones are the driving force behind a lot of innovation and changing consumer habits. For example, they are playing an increasingly important role in contactless payments, which are booming around the world. In the UK, the amount spent by shoppers using contactless rose by 166% in 2016, with half of Britain population now using contactless payments at least once a month. Financial institutions need to be innovative and keep up with the speed of digitalisation, whilst continuing to be stable and resilient. At the same time if we think that there is too much technology and less expectation then wait for virtual reality By 2020, according to the study conducted by the Analysis Group and commissioned by Facebook, $14.6 billion in revenue is due to come from Virtual Reality based technology. That’s based on lowest adoption rates. It could be as high as $126 billion. And thought on this that whole revenue will not touch fintech or banks will not be a good thought. Technology has evolved, will change further and will keep the same trend, which means it won’t stop. In the child hood when some of our friend uses to poke figure in nose; our comment was are you looking for treasure in there.

Now American insurance companies coming up with insurance technology or Insurtech based on this childhood joke and brining huge business cases on same concept. In this they have started offering dental insurance and mouth insurance based on data taken from toothbrush tracking. Security & privacy is gone for toes if security does not match the speed and pace. In the start of the post I mentioned technology is good and will happen without a doubt but other critical factors should also come along not just technology. A memorable African proverb “If you want to go fast, go alone but if you want to go far go together” keeps coming back in my mind.

Consumer expectations i.e. Faster Payments with the real-time insights as a result of Faster Payments, increasing competition where partnership is a huge step in helping them to ease out the pressure and cost & better management to generate new revenue streams is at heart of technology.  It is incredible to note and see how quickly new technologies change consumer habits and expectation which in turns help to improve quality of life. When the ATMs were started it pointed out 24X7 service era to access cash any time but what it really changed was consumer expectation around service availability not just cash. As payment technologies are evolving too fast, so too will the way we pay should also be. Now consumers expect everything instant it means being able send money to friends or set up regular payments knowing it will be an instantaneous and simple process.  Payment is basically a networking solution of choice for consumers, across the networks, which convert their tangible item into conceptual item. Consumer payments have empowered the telcos, cloud solution providers and Fintech’s for each use-case of payments. Consumer payments other then cash needs to be provided by far the best feature-set and the highest performance systems.

Conclusion - What makes a digital payment innovation fly or die. Given the change of pace over the last five years, banks and fintech (Yes Fintech’s too) may feel they need to decide between complying, competing or going to grave, as they explore new technologies that meet the challenges of digitalisation and changing consumer behaviour. Open banking services and developer-friendly APIs which are basic or underlying principals of BaaS and BaaP. One of the biggest concerns relating to security in payment accepting applications is the use of correct, reliable and secured payment method i.e use of card, Internet banking, mobile payments or instant payments. Failure to secure the sensitive information can cause a major damage to the service provider’s organization in terms of financial fraud, identity theft, legal regulations, loss of consumer confidence, etc. Security controls that can be employed in making a payment handling application should be more robust and frustrate the breakers at the hardware level before reaching at application level. As a condition of security policy regulatory framework to support fiscal responsibility, providers compliance departments must ensure that sufficient funds are maintained and set aside for initial and ongoing data security compliance responsibilities.

Making the customer central in the digital banking journey and humanising the digital experience protection of consumers confidential information, which is stored, processed and transmitted to fiscal transactions, including the collection of payments should appear super easy. Case study on creating a mobile-only bank should be reopen and look at from different prospective now. The impact of new technology on central banks: An assessment framework for innovations in retail payments needs to come out in open market to explore unbanked payment methods. 


Comments: (0)

Vinod Sharma

Vinod Sharma

CTO - FinTech Domain

Econet Wireless Zimbabwe

Member since

20 Jan 2016



Blog posts




This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all

Now hiring