Payment Gateways: Battling Cyber Threats and How?

The demonetization drive has been the greatest impetus for the FinTech startups and enterprises providing digital payment solutions. In effect, we see e-wallets like Paytm, Freecharge, Mobikwik being present at every other retail stores. Together, all the players have been actively campaigning to promote awareness of cashless transactions, increasing their presence and visibility across a host of industry verticals, with the sole intention of eradicating the demonetization woes faced by the population, while also changing the behaviour pattern for good.

However, standing in this dream run towards cashless economy, immune to money laundering and tax evasion, there are major security threats. Around the same time when the demonetization was announced, there was also news of several celebrities’ twitter account being hacked. While the social media hack was forgotten amidst the frenzy around Indian economy being crippled a month back due to shortage of cash, one shouldn’t be surprised when the hackers make digital platforms their next haunt. The same has been reflected in the recent security incident where the security of over 3.2 billion debit cards was sacrificed.

Is there really safety in numbers?

Given the fact that now more people are going to transact online, many of them will be new, for whom it would perhaps be the first time to shop or accept money online via a payment gateway or an e-wallet. Hackers on the prowl can simply utilize any of the means of psychological manipulation to get hold of people’s money. We already have spam mails and phishing attacks to take care of, more so now because the digital revolution is going to reach to an entirely new segment of users hailing from tier 2, 3 and 4 cities.

Hence, it is about time payment gateways and digital payment solution providers focus on innovation to battle cyber security threats and ensure the sanctity of a user’s intimate information. These platforms are, in fact, well aware of security breaches and hence, are constantly engaged in the perpetual pursuit of a stronger and robust platform, well-equipped to avoid security breaches.

Complying with the Industry Standards

The steps towards ensuring a strong digital architecture include these platforms encrypting, tokenizing and authenticated transactions to ensure bulletproof security. Authentication has already been a mandate by the Reserve Bank of India, and hence, we have the majority of platforms weeding out identity counterfeiting via SMS, part of the 2-way authentication process.

And that is merely the tip of the iceberg. Most of digital payment solutions providers adhere to Payment Card Industry Data Security Standard (PCI DSS) in order to ensure standardized security. Certain payment gateways have built their proprietary risk management and anti-fraud solutions. They prefer not to outsource these solutions to the third party vendors. Hence, such payment gateways can provide these anti-fraud solutions to small online merchants, that were till now, only provided to large merchants. This helps small merchants to grow their revenues without having high incidence of fraudulent transactions from buyers.

Time for a Revolution

The road to better cyber security requires close partnership between payment gateways, banks and regulators to foresee and evade cyber security breaches. This will leverage innovation in the private domain, while safeguarding public interest. Another framework may follow suit, with the Government revamping existing systems and processes to make them stand at par with the global standards to gain more acceptance of Rupay cards, Aadhar-led payments and initiatives such as BHIM app. Besides, the regulatory framework should encourage innovation and disruption by the FinTech and PSP enterprises. The government should encourage banks to incentivize such payment gateway companies that have their own proprietary risk management and anti-fraud solutions integrated with their core payments platform.

With the Digital India campaign, Indian Government has already initiated the much required campaign for spreading digital literacy. However, in the view of current scenarios, namely demonetization and the increased emphasis on digital currency, we need to take concrete steps to mitigate risks due to cyber security, especially when dealing with people’s hard earned money. We need more systematic approach towards not only having a robust and secure infrastructure, but also educating users on the perils that may accompany digital transactions. Since we are already running out of time, even a small step taken by the entire population of India would prove to a giant leap towards a much more secured digital infrastructure, better immune to cyber threats.

Have ideas to share? Submit a post on iamwire

One comment

  1. 1

    As online payments have increased due to the demonetisation so does the threat towards it. Hence as mentioned many online portals have brought about the PCI compliance which helps to safeguard the financial transactions and this PCI DSS compliance is also critical and needs to be employed with the right one for it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>