Secure Ecosystem Critical to Keep Digital Payment Doors Open

By Anamika Sahu, Managing Editor, siliconindia  |  Saturday, 12 September 2020, 00:33 IST

If the prediction by Payments Council of India and PwC is true, then India is going to contribute considerably to the world’s digital payments market. With a contribution of 2.2 percent, the value of such transactions is expected to reach $12.4 trillion globally by 2025. Another study by Assocham- PwC claims that digital payments in India will more than double to $135.2 billion in 2023.
This surely reflects a huge opportunity for the digital payment industry in the country. However, with frequent news of cybercrimes and ramsonware attacks, the consumers may restrict themselves from using this mode of transaction which may act as a break on this growth trajectory. I spoke to Sujay Vasudevan, Vice President, Cyber & Intelligence Solutions, South Asia, Mastercard to know how the industry is working on creating a safe & secure environment for the customers. He also explains how financial institutions can ensure no backdoor entry of criminals into your technology network. Sujay also spoke about how Mastercard is using technology to help SMEs and women entrepreneurs.

1.Do you think with the growing adoption of digital payments, security of payments will become paramount?

Absolutely! As people continue to look for safer and contactless ways of transacting, it is evident that digital payments will become an essential part of our lives. The pandemic has led to a significant increase in adoption of digital payments and witnessed a large number of first- time users as well. Fraudsters are exploiting both the situation and the limited awareness by increasing social engineering attacks such as phishing and vising, virus and malware attacks, and are able to extract crucial financial data to perpetrate the fraud. Overall exposure to cybersecurity risks have also increased and an evidence to this is that, India saw a 37 percent increase in cyberattacks in the first quarter of 2020, as compared to the fourth quarter of last year.

A post-COVID-19 environment is set to see an accelerated shift in the consumer’s preference for digital banking and hence it becomes more important for industry to ensure that digital banking methods are secure while being simple and seamless. In order to mitigate some of the major risks like data breaches, targeted ransomware attacks, and others, businesses will need to allocate their budgets correctly to building a stronger security infrastructure.

At Mastercard, safety and security of payments is our topmost priority and we are carefully crafting solutions for customers and end users across the spectrum. We are leveraging Artificial intelligence (AI) and machine learning (ML) that are playing an increasing role in cybersecurity, with security tools analysing data from millions of cyber incidents and using it to identify potential threats or a new variant of malware. Another benefit of machine learning is that it immediately identifies and reacts to any fraudulent activity, preventing potential issues from disrupting the businesses.
We are also working with our customers and partners to educate them and encourage the use of globally accepted standards as security is not just the responsibility of one entity but the entire ecosystem.
2.Security is a major concern for all sizes of the enterprise, even governments. What actions would you suggest them looking at the growing cybercrimes and ransomware attacks?
It is critical for organizations and governments to work together to build awareness and ramp up security and authentication efforts. Security isn’t the responsibility of one entity but the entire ecosystem. Also, no single entity can achieve to build a safe and secure payment ecosystem single-handedly.
We live in an increasingly interconnected world. On average, a household has around 8 connected devices and an organization has 100s. The attack surface that a cybercriminal can exploit grows with every device and so does the complexity of managing cyber security. It is imperative for organizations to continually invest in data security and be equipped with resources to shield against emerging threats with the constant digital and data growth.
Another challenge with the interconnectedness is one’s cyber vulnerability is not defined only by the robustness of one’s own defences, but also by the defences of connected parties. We are increasingly seeing 3rd party breaches becoming the gateway for Cyber criminals gaining access to large corporates, which means that cyber security needs to extend beyond organizations and is something the entire ecosystem needs to come together on.
Mastercard’s new acquisition, RiskRecon, is able to monitor the cybersecurity performance of organizations using open-source intelligence by employing passive, non-invasive techniques to discover the organization’s public systems and to analyse the cybersecurity risk posture of those systems. Additionally, given the methodology of using open-source data of publicly accessible systems, these scans can be completed on oneself and also on related parties without any access to data or integration with existing systems. This helps in increasing the frequency of the scans without any disruption to business. We believe that these capabilities will help organization identify gaps before the criminals and also address risks with the (aforementioned) expanding scope of cyber security.
3. Frauds in online banking & payment means closing doors for customers to come back to the platform again. How can financial institutions ensure there is no backdoor entry for anyone using technology?
Concerns of cybersecurity are certainly a barrier to faster adoption of technology, especially for first time adopters like the small business and kirana stores in India. In fact, the small business association SCORE reported that 43 percent of all cyberattacks target small businesses. This can take a young and struggling business completely out of the game.
Further, any incidence of fraud will prevent such enterprises and consumers to make a long- term sustainable shift in transaction behavior towards digital. Furthering trust in digital transactions therefore becomes a key task for financial institutions.
At Mastercard, we have scaled our work in delivering global standards of safety, security and a best in class user experience to fit India’s needs. We seek to replicate within a domestic environment the highest levels of security and criticality, leveraging our latest mobile and AI tools.
The right use of new-age technology helps in addressing the risk of fraudsters who track unmonitored, point-of-interaction, and standalone devices. Measures like multifactor authentication by adding biometrics, dynamic authentication technologies, such as 3D Secure; and artificial intelligence and machine learning (AIML) can help in detecting and containing fraudulent transactions faster and quicker. Similarly, adopting new methods of payments like contactless cards, QR codes and tokenization can also help in mitigating risks and making digital payments safe and secure.
Another significant aspect of the safety of digital transactions is financial literacy and consumer education that plays a vital role in e-services like e-Commerce, e-governance e- panchayat, e-learning, and others. It makes a huge difference not only to the socio-economic levels of a community but to the country, because true progress comes from inclusive growth.
4. Chatbots, robotics, AI, ML and IoT are seeing an increasing penetration in the financial industry. What is your take on this? How should the industry prepare themselves for it?
The role of new-age technology such as chatbots, robotics, AI, ML and IoT has grown from being a mere component in the strategic framework, to driving, shaping and redefining the finance industry. From a broader perspective, such advanced technologies will enhance the customer experience, provide customized services at scale, and serve as a critical catalyst to achieve financial inclusion by providing lucrative opportunities to the unbanked. It plays a critical role in breaking barriers such as lack of financial awareness, limited tech- comfort of the consumers and regulatory uncertainties.
The BFSI sector has been pioneering major changes by introducing targeted, innovative solutions to enhance the overall experience of the consumers realizing the scope and impact brought about by these cutting-edge technologies. By harnessing the full potential of emerging technologies, the financial industry can improve the customer experience by building trust, loyalty, and revenues that are the keys to success.
At the same time, there is a fine line between understanding a customer and invasion of privacy. The level of data that can be collected by an app on a phone is staggering and it is imperative that these technologies are developed responsibly. Security and privacy by design around all aspects of data – from collection, storage, processing, access, sharing and destruction - need to be inherent to any solution. The industry needs to adopt an uncompromising and ethical approach to how the data is used and protected.
At Mastercard, are working on technologies and applications to facilitate faster, smarter and safer cashless payments. We are working closely with financial institutions and supporting merchant partners and the Fintech community to identify and experiment with future technologies in areas including digital payments, data solutions, financial inclusion, alternative payments, and safety and security.
5. How is Mastercard using technology to support SMEs and women entrepreneurs?
We believe that technology has the potential to reshape and redefine successful inclusive growth. With the help of digitization, small business and women entrepreneurs come into the fold of the formal economy and can get access to formal credit and other financial services.
We recently announced a commitment of 250 crores ($33 million) to help reboot such enterprises in India and enable business recovery. As part of this commitment, we are rolling out multiple initiatives to:
  • help small businesses get online by growing digital payments awareness and providing low-cost acceptance solutions – online and offline – that are simple, safe and secure;
  • drive inclusive growth by enabling small merchants and kirana stores (starting with those owned by women) with access to credit, knowledge and tools that will drive operational efficiencies; and
  • empower women entrepreneurs by increasing their business acumen.
Mastercard has been actively engaged with the Confederation of All India Traders’ (CAIT) since the last five years to grow digital payments awareness, and support on-boarding of merchants for digital commerce.
To unlock the economic potential of women, we are working with various institutions to bring more women into fintech, support women business owners, and cultivate more women entrepreneurship. The Mastercard Centre of Inclusive Growth works with various partners like Access, Accion, Industree Foundation, and Mann Deshi Foundation among others to facilitate the faster adoption of digital payments by women entrepreneurs and small merchants.
Globally, Mastercard has shared risk mitigation tools like Risk Recon self-scan capability, for free to the healthcare industry and we are now extending this to SMEs in India. This product will enable customers to scan their own websites for potential cyber vulnerabilities by simply running it from a portal, much like how one uses an antivirus for devices.

ON THE DECK

siliconindia