Security paramount if Visa is to go beyond plastic
The bulk of fintech companies participating in Visa’s sandboxes in Hong Kong are using its customer data to develop security measures.
The bulk of fintech companies participating in Visa’s sandboxes in Hong Kong are using its customer data to develop security measures, says Caroline Ada, the payments company’s country manager for Hong Kong and Macau.
“Payments security has become much more important,” she said as payments becomes about more than plastic credit cards, especially in emerging markets, where transactions are increasingly conducted over smartphones outside of traditional financial infrastructure.
Visa’s ambition is to be seen as a technology company, rather than a financial services company, albeit in tech that enables payments among connected devices.
“Payments is becoming more invisible,” Ada said, noting it takes place increasingly across digitally connected devices, as opposed to the swipe of a plastic card at a physical point of sale. The use of smartphones in emerging markets means the number of points of sale accepting Visa payments has doubled worldwide in the past few years.
The ‘internet of things’ means payments are becoming ubiquitous – but also more prone to a hack, as many devices lack the security of a smartphone.
The trend to keep the system safe is tokenization, an emerging industry standard that Visa first began to deploy with ApplePay in 2014 in the U.S.
Tokenization is a process in which a valuable piece of data, such as a password, with a harmless equivalent, a ‘token’, often a random number.
The benefit of tokenization is that even if one aspect of a person’s sensitive data is hacked, such as a credit-card number, the rest of their information can also be tokenized; the hacker might steal one piece of data but the token doesn’t unlock others.
In the case with ApplePay, Visa converts a credit card’s 16-digit account number into a code of random numbers.
In addition to providing security, this allowed the data to be stored at the point of sale, sparing ApplePay and the like the burden of having to warehouse the data.
Ada says that the risks to hacks are visibly increasing, noting the recent ransomware attacks by WannaCry and the NotPetya attack against Ukraine, all of which are wreaking havoc worldwide.
“Consumers are going to associate payments with our brand, and they’re going to ask if it’s safe,” Ada told DigFin.
“Some fintechs are focusing on making safer payments,” Ada said. “They’re working with our APIs, and with banks’ APIs.” She declined to name fintechs in Visa’s Hong Kong sandbox, but said they are using machine learning and big data to help financial institutions identify risk.