Technologies and trends in security for mobile payment platforms in the 5G world

In the rapidly evolving landscape of mobile payment platforms, the advent of 5G technology has ushered in a new era of convenience and connectivity. As consumers increasingly rely on their smartphones for financial transactions, the security of mobile payment platforms has become a paramount concern. This shift towards a cashless society has not only transformed the way we make payments but has also presented novel challenges and opportunities for cybersecurity experts. In this dynamic environment, this article explores the cutting-edge technologies and emerging trends that are shaping the security landscape of mobile payment platforms within the 5G world, shedding light on the innovations and strategies designed to safeguard our financial transactions in an era of unparalleled connectivity and digital transformation.

Recently we have engaged in an interview with Ruchin Kumar, Vice President of South Asia at Futurex. He spoke about technologies and trends in security for mobile payment platforms in the 5G world and much more.

To what extent has technology addressed penetration, financial literacy, and inclusivity issues in India?

Recent estimates place smartphone penetration in India at over 70%. That represents a tremendous increase over the past decade. Many fintech startups and application developers have seized opportunities for innovative new mobile payment services. There are many remarkable cases of Indian fintech companies’ value skyrocketing. As a result, India is a hub for new fintech and payment solutions. This has created more options for consumers to benefit from more accessible mobile financial services.

How do 5G, digital payment interfaces, UPI, and ONDC impact India's financial landscape?

It would be not easy to overstate the importance of the NPCI’s unified payments interface (UPI). Historically, UPI broke new ground in facilitating mobile payments between customers, merchants, and individuals’ bank accounts. It has created a solid foundation for India’s fast-growing payments infrastructure. Concretely, UPI’s open, API-driven architecture provides a consistent interface with which new mobile payment solutions can be developed and delivered to consumers.

RBI is aggressively promoting CBDC. What are the prospects for India's financial landscape with the introduction of CBDC? Can it serve as a solid alternative to cryptocurrency?

Central bank digital currency (CBDC), known to India as the digital rupee or e₹, can be an alternative to cryptocurrency. It is not uncommon for cryptocurrency markets to fluctuate rapidly at times; in contrast, the e₹ is backed by RBI. It is encrypted, tokenized currency transacted from smartphone mobile wallets. The tokens come in the same denominations as paper cash. They can be converted to bank deposits or cash without a loss or gain in value. They are also expected to have a similar degree of anonymity. RBI has launched retail and wholesale pilot programs for the digital rupee, and progress seems to be progressing quickly.

Are there any security challenges in the CBDC? What are those challenges?

The way to protect any payment infrastructure is through hardware-backed cryptography. This includes hardware security modules, key management tools, and cloud services. These solutions provide physically and logically secure environments for encryption and key management tasks. Deploying them is crucial to protecting sensitive data, such as digital tokens in a mobile wallet. Fortunately, the Indian payments space adheres to international compliance standards for payment security, such as PCI DSS.

What are RBI guidelines to mitigate security threats to CBDC? How can Futurex help to secure CBDC?

In the bulletin RBI & Fintech: The Road Ahead, RBI states that organizations in the payments sector must develop and maintain robust data security infrastructure and adhere to high levels of compliance. Both data security and compliance depend on hardware security modules (HSMs). HSMs are physically and logically secure environments where cryptographic operations (like encryption and key storage) can run securely. For over 40 years, Futurex has pioneered new developments in HSM technology, being the first (and in many cases the only) HSM manufacturer to provide device clustering, HSM virtualization, dedicated key management, and global cloud services. Our cloud cryptography service maintains data centers within India to help organizations achieve low latency and high availability, all while meeting data localization needs.

With digital transactions becoming popular, there is a shift away from cash transactions. What, according to you the status of cash transactions is going to be in the coming years?

The digital rupee will have an equivalent value to its paper counterpart. The digital rupee is also expected to reduce India’s reliance on paper cash. Reduced cash reliance leads to reduced printing, transporting, and storing costs. The official launch of the digital rupee is likely to coincide with an increase in smartphone penetration and online connectivity, making it highly accessible and inclusive.

What are the new advancements in Tokenization, Contactless Payments, P2P transfers, and Digital Banking? What lessons has Futurexlearned from digital payment frauds and mistakes related to digital illiteracy?

Futurex recently developed a new method of tokenization that removes the reliance on “token vaults.” These vaults represented an unnecessary vulnerability, as they stored the original tokenized values. Any organization wishing to improve security around their tokenization would be well-advised to go vaultless. Regarding contactless payments, I would mention the somewhat recent CPOC standard, short for Contactless Payments on COTS (with COTS, in turn, referring to “commercial-off-the-shelf” devices). CPOC is a set of standard requirements developed by PCI as a security framework for contactless payments. CPOC impacts many developers working on contactless payment applications and is another area where we have proactively developed solutions.

The financial landscape is constantly evolving, and developments in BigFin and BigTech are subject to change over time. How do you see large financial institutions and large technology companies influencing the global economic landscape in the future?

Looking at recent history, emerging cyber threats keep pace with new technological advancements. The reports of increasing cybercrime around the world are no exaggeration. That’s why Futurex adopts a proactive approach to data security. After 40 years in the cryptography industry, we’ve learned to anticipate trends before they emerge. This allows us to refine essential solutions today while developing new ones that will be essential soon. We recommend a similar proactive approach to any enterprise wishing to maintain the trust of its partners and customers in the long term.