Booming Adoption of Digital Payments Bring New Security Risks

Booming Adoption of Digital Payments Bring New Security Risks

by October 15, 2020

In Asia Pacific (APAC), adoption of digital payments has been on the rise over the past couple of the years but COVID-19 has significantly accelerated consumers’ shift towards digital commerce with no signs of turning back. This rapidly evolving payment landscape is bringing new security risks companies must consider and address.

Consumers shift to digital

In the Philippines, digital payments have soared since the country’s quarantine restrictions have been the world’s longest after being first imposed in March 2020. The country’s largest provider of mobile money services, GCash, reported in May 2020 that the total amount of payments through its platform had increased eightfold from the previous year.

In Vietnam, banks are seeing a jump in digital banking usage and digital payments amid COVID-19. In the first seven months of 2020, Vietnam International Bank (VIB) saw the number of transactions made on its mobile banking app MyVIB skyrocket by 120% and regular users increase by 80%. Similarly, the Ho Chi Minh City Development Joint Stock Commercial Bank (HDBank) reported that 40% of its customers performed online transactions on its digital banking platforms in August, up 25% from before the pandemic.

And in Indonesia, digital transactions on four major e-commerce sites are projected to double to US$29 billion in 2020, more than double the total transaction value of last year, according to a study from Bank Indonesia.

Emerging security risks

The rapid ascent of digital payments in APAC and across the world is introducing new challenges and threats such as cyberattacks, digital crimes, data breaches of payment systems and online fraud.

Forrester Consulting, which conducted last year a research commissioned by Visa, found that financial services companies have recognized the new risks arising from consumers’ adoption of technology. Out of the 566 respondents it surveyed, 68% expressed concerns about fraud in mobile banking payments, 60% for mobile wallets, and 58% for peer-to-peer payments. Financial services companies cited identity verification, data privacy/data theft management, and transaction monitoring as their three top fraud concerns.

Another study conducted recently by Silicon Valley analytics firm FICO found that 78% of banks in APAC have seen their fraud losses increase with the introduction of real-time payment platforms, including P2P transfers and mobile payments. Almost a quarter (22%) believe that fraud will rise significantly this year.

The next-generation of payment HSM for digital payments

To help address the new risks presented by digital payments, French high-tech company Thales launched last year its fifth generation of payment hardware security module (HSM), called payShield 10k.

An HSM is a physical device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. In payments, common functions of an HSM include Personal Identification Number (PIN) generation, management and validation; card, user and cryptogram validation during payment transaction processing; payment credential issuing for payment cards and mobile applications; and more.

An HSM should provide the highest-level of security and should meet global schemes such as FIPS 140-2, PCI HSM, as well as regional security requirements such as MEPS in France and APCA in Australia.

Specifically built with digital payments in mind, payShield 10k delivers a suite of payment security functionalities including transaction processing, sensitive data protection, payment credential issuing, mobile card acceptance and payment tokenization, to secure both face-to-face and digital remote payments.

payShield 10k comes with stronger tamper protection, as well as improved performance to support real-time payments, and broader cryptographic support to enable payments through Internet-of-Things (IoT) and connected devices.

payShield 10k also addresses the latest mandated security requirements and best practices for organizations including EMVCo, PCI SSC, GlobalPlatform, Multos, ANSI and the various global and regional payment brands and networks.

Thales claims its payment HSMs are the most widely deployed in the world and are supported by the largest number of payment application providers. Thales HSMs currently secure an estimated 80% of global point-of-sale (POS) transactions, the firm says.


Featured image credit: Background photo created by Dragana_Gordic –