Securing Digital Payments: Imperatives for a Growing Ecosystem
The discussion was very enriching, with stakeholders from the government, industry and civil society participating in the event. The discussions mainly focused on:
- Most Pressing Challenges - Convince v/s Security balance, Lack of Sector Specific Security Standards, User Digital Literacy (esp Security), Lackof economic incentives, Lack of clear liability guidelines, capable security talent.
- Mobile proliferation - Massively, device dependent (Chinese models), increase in attack surface, fragmentation makes security harder toimplement and enforce, low amount high volume fraud, user literacy, etc.
- Regulatory Harmonisation - Yes, they can and should be, current process is largely law based, only public consultation, needs to move to amultistage holder model, ISO model is ideal - allows for industry, civil society and governments to participate at equal level, knowledge and perspective sharing. Core legislation/regulations with minimum standards and principles with detailed document made by multistakeholder body.
- Infrastructural liabilities - 4 main ones - - device, connectivity medium, payment and transfer switches (Gov & Private) and service provider server. Ways to overcome - Standards, Critical Infrastructure protection, Digital Literacy, High audit and liability requirements, Testing (Red Team/Blue Team)