/security

News and resources on cyber and physical threats to banks and fintechs worldwide.

Discussion
Fidor Bank to test fingerprint cards
Hayden Kaya

Hayden Kaya

  Didn't NatWest pilot this back in 2019, wasn't sure on the use case back then and still not sure given the rise in mobile wallet paymets and increases in contactless limits (in the UK at least)
How to take ownership of SCA by understanding Authentication vs. Authorisation
Ketharaman Swaminathan

Ketharaman Swaminathan

  Great post. SCA in the form of 2FA / 3DS has been a thing in India for 15 years. It's "one size fits all". Exemption is not a thing. Going by that sole experience of SCA, I didn't know 3DS has a good degree of flexibility. 2FA has been a conversion killer in India, with failed payments touching 40% at their peak. Going by the nuanced implementation of SCA in EU, I no longer feel it might be a recipe for disaster as I'd thought so far.
NatWest launches Confirmation of Payee API for business customers
Ketharaman Swaminathan

Ketharaman Swaminathan

  "Businesses ... will need to have the technical capability and resources within their business to implement the API". Banks took the same stance on Merchant Account. By making it possible for businesses without said qualifications to accept credit card payments, PayPal, Stripe and Square became amongst the most successful fintechs of all time.  Now, with the same stance, banks are opening up the CoP field to fintechs who will make it easy for businesses to implement Confirmation of Payee functionality without the qualifications demanded by banks. I wonder why banks take this stance repeatedly. Is it because (A) They do not realize the consequences of their stance (B) They do not have the tech chops to be able to develop a solution in a way that will remove the need for businesses to have tech chops, or (C) They do it consciously to create space for fintechs in which they can invest via their venture capital subsidiaries, as they have done in Stripe, Plaid, etc.
NatWest launches Confirmation of Payee API for business customers
Damien Dugauquier

Damien Dugauquier

  I am really curious to watch the take-up of CoP in the UK. It makes a lot of sense and solves a real problem for customers. I hope it will be more successful than Paym - which was also a great solution to a real problem but interestingly seems to struggle in terms of adoption.