Connect with us

Hi, what are you looking for?

HEADLINES

Utimaco, Securemetric Technology highlight best practices to ensure data security

How can organizations secure data infrastructure in today’s digital banking world? And what is the current data ecosystem?  

In today’s digital world, banks and financial service institutions (FSIs) are responsible for protecting consumers’ critical data to avoid economic and reputational loss. However, existing infrastructures continue to evolve due to the  industry’s digitalization, and more consumers are now utilizing digital platforms for their daily transactions. According to the Bangko Sentral ng Pilipinas (BSP), such situations risk data security and identity protection. 

How can organizations secure data infrastructure in today’s digital banking world? And what is the current data ecosystem?  

In an event organized by Utimaco, a global platform provider of trusted cybersecurity and compliance solutions, in partnership with Securemetric and CorewareTechnology, titled ‘Building a Foolproof Infrastructure in Today’s Digital Banking World,’ Utimaco leaders shared insights and best practices to ensure a guarded digital future.

Understanding the data ecosystem  

Advertisement. Scroll to continue reading.

Card payment systems usually use what is commonly known as the “Four-Party Model.” This involves the cardholder, a consumer with a payment card provided by a bank or other financial institutions, and the merchant, a business, or an individual who receives card payments in exchange for products and services. Automated Teller Machines (ATMs) belong to this category as they accept payment cards.  

Key parties also include the issuing bank, which provides payment cards to the card owner on behalf of the card networks. In this model, the issuer is the one who pays the acquiring bank for the purchased products and services by the cardholder, who then pays back the issuing bank according to the contract terms.   

Lastly is the acquiring bank. It is a financial institution that contains the merchant’s bank account. Contracts with the acquirer enable merchants to accept payments from any issued card. While the model is simple, the four parties exchange critical data, which can be at risk if not secured.  

Using cryptographic methods for data security  

The industry uses cryptographic methods to protect consumers’ private information when stored or in motion online during a transaction. This includes encryption and tokenization. The former involves an algorithm that alters the data into an unrecognizable form known as ciphertext, a decryptable with a key. Meanwhile, the latter transforms the information into an indistinguishable set of characters referred to as tokens. If stolen, tokens present no value without the tokenization system.  

Advertisement. Scroll to continue reading.

Role of HSMs in securing transactions  

Hardware Security Modules (HSMs) are devices to create, protect, and manage cryptographic keys in a secure domain during transactions. And HSM applications differ in the four key parties of the data ecosystem. The chip for EMV transactions in its payment card serves as a micro-portative HSM for a card owner. However, for the merchant side, the use of HSMs depends on the scale and nature of a business. Smaller vendors can rely on point-of-sale (POS) terminals built with secure memory and cryptographic hardware that can act as HSMs. Major retailers, on the other hand, would require network-attached HSMs to ensure secure transactions. 

Meanwhile, the issuing bank needs robust HSMs to generate, protect, and manage the keys to activate and process payment cards. For the acquirer, HSMs handle all the merchant’s financial channel keys and process the cryptographic flow in the issuer’s direction. 

“HSMs are essential to protect the ciphered transactions across the four corners of the data ecosystem. It acts as a safe in a financial institution’s network and houses the keys needed to decrypt consumers’ critical data. Now that banking transactions are increasing; data security and identity protection are more at risk from cybercriminals. This makes HSMs vital to the key parties in the data ecosystem,” said Deval Sheth, Managing Director for Asia Pacific at Utimaco.  

Protecting payments with Utimaco  

Advertisement. Scroll to continue reading.

Utimaco offers reliable HSMs that can securely process transactions in the financial industry. One of these devices is the Atalla AT1000, a FIPS 140-2 Level 3 and PCI PTS v3 certified payment HSM. Among the financial institutions that integrated this HSM is a digital payment services platform and an e-money company in Pakistan called NayaPay.  

With this, the financial institution aims to secure customers’ data, identities, and finances while adhering to compliance and regulation standards. After integrating Atalla AT1000, NayaPay gained robust and flexible protection at every transaction, cut the cost of ownership through consolidated HSM infrastructure, and met security and compliance requirements, among others.  

“The Atalla AT1000 can secure critical data and associated keys for non-cash payment transactions in retail, cardholder authentication, and cryptographic keys of payment service providers, acquirers, processors, issuers, and even payment networks,” added Sheth.  

Advertisement. Scroll to continue reading.
Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The survey found that generative AI is perceived as the key to unlocking competitiveness. 57% of BFM CEOs surveyed stated that gaining a competitive...

HEADLINES

Oracle Interconnect for Google Cloud will be initially available for customer onboarding in 11 global regions, allowing customers to deploy general purpose workloads with...

HEADLINES

Meranaw entrepreneur Aslia Ilian Dimaocom leads the Pindoguan Farm Producers Cooperative (PFPC) in Lanao del Sur. The small cooperative produces rice and Maranao delicacies...

Biz Solutions

As a steadfast partner fueling the growth of the (IT-BPM) industry, Globe Business is rolling out a free training voucher program to uplift the...

HEADLINES

Some of the most common online transactions include paying bills, making online purchases, and conducting banking activities. With the convenience of digital platforms, people...

HEADLINES

For customers seeking value and reliable, reloadable UNLI internet, Globe At Home and Lalamove offer a 10% discount on motorcycle and sedan deliveries for...

ELECTRONICS

Here are essential considerations when buying your first family home.

HEADLINES

A majority of surveyed SMBs are planning to use or are currently piloting Al to help with customer service (62%), merchandising (64%), inventory management...

Advertisement