At the end of the June 2019, two major technology events took place in Asia. The first was Seamless Asia, which focused on the future of finance and commerce. The second, MWC Shanghai, centered around ‘Intelligent Connectivity’ – bringing together topics from 5G to AI.

The events may have had different focuses but the key trends in fintech echoed across them. So, what can we take away from two of the biggest technology events in Asia?

Accepting payments via Mobile phones

SoftPOS solutions allow NFC and QR Code-enabled mobile devices to accept contactless paymentsThe convergence of telecoms and payments was a big theme at both conferences. With recent research demonstrating that Asia is driving the growth of the mobile payments market worldwide, this comes as no surprise. The staggering popularity of QR Code payments and mobile wallets also continue to rise, demonstrating high consumer demand for quick and easy services.

Mobile phones can also be used to accept payments, opening new doors for merchants. SoftPOS solutions allow NFC and QR Code-enabled mobile devices to accept contactless payments. These new payment acceptance methods are growing in usage as they give businesses of all sizes cheap and simple ways to accept digital payments. The introduction of these ways to pay demonstrates Asian merchants’ and consumers’ willingness to adopt new and innovative technologies, ahead of much of the world.

Importance of customer authentication

Along with the rising popularity of mobile payment solutions comes the increased importance of strong customer authentication. Conversations at Seamless Asia centered around the delicate balance between adding new security measures without creating more points of friction for consumers. We were delighted to give a presentation on EMV 3-D Secure (3DS): a messaging protocol which improves communication between the issuing bank, acquirer and merchant.

This means that basic account holder information can be automatically shared in a frictionless way to perform risk-based authentication. This cuts out complex additional steps for consumers, reducing cart abandonment, false declines and resulting in better sales for retailers.

Facial recognition-based payment systems

Biometric authentication is a big trend due to the increased convenience and security that it offers consumersEMV 3DS wasn’t the only focus point of authentication. Across the board, new types of payments authentication are making waves in Asia. Biometric authentication is a big trend due to the increased convenience and security that it offers consumers. It can also be integrated into a variety of form factors, giving end users a range of seamless and secure payment methods. Facial recognition-based payment systems are just one of these emerging options. Consumers can now pay using just their face to buy fried chicken or travel on the subway.

And this isn’t the only biometrics-based payment system being introduced into the daily lives of Asian consumers. Biometric smart cards are one of the biggest trends in payments currently, delivering the convenience of contactless payments with an additional layer of trust. The availability of biometric payment methods mean that terminal, device and card manufacturers are becoming more creative to fit with consumers’ diversifying expectations.

5G to benefit payment ecosystem

Hot topics at MWC Shanghai from the wider technology market also have big implications for the payments sector. Take the introduction of 5G. Research from Deloitte shows that Asian countries are winning the 5G race, which promises to benefit the payments ecosystem. Increased connectivity and speed could mean shorter transaction times for consumers, quicker and more stable connectivity between merchants and acquirers and even an end to offline payments.

Using big data to monitor for ‘out of the ordinary’ purchases has been useful for retailers to minimize losses from fraudAnother growing technology making its way into the retail space is the use of AI. Using big data to monitor for ‘out of the ordinary’ purchases has long been useful for retailers to minimize losses from fraud. However, the next step is to use AI to not only prevent losses but increase revenues.

Personalizing shopping experience

Using intelligent data collection, merchants can use machine learning to drive product recommendations. This allows them to personalize the shopping experience by deriving meaningful conclusions from behavioral analytics. As well as providing added value for consumers, this boosts profitability rates. Research from Boston Consulting Group found that retailers’ implementation of personalization strategies can drive revenue growth by 10%.

At the center of these upcoming trends is digitalization. With new and intelligent ways of purchasing and authenticating, the Asian payments market is leading the way to take more transactions online than ever before. However, system upgrades to implement the next generation of technology present new challenges. Support from a trusted implementation partner can be key to minimize unexpected delays and costs on the path to service launch.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Water Plant Attack Emphasizes Cyber’s Impact On Physical Security
Water Plant Attack Emphasizes Cyber’s Impact On Physical Security

At an Oldsmar, Fla., water treatment facility on Feb. 5, an operator watched a computer screen as someone remotely accessed the system monitoring the water supply and increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. The chemical, also known as lye, is used in small concentrations to control acidity in the water. In larger concentrations, the compound is poisonous – the same corrosive chemical used to eat away at clogged drains. The impact of cybersecurity attacks The incident is the latest example of how cybersecurity attacks can translate into real-world, physical security consequences – even deadly ones.Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. The computer system was set up to allow remote access only to authorized users. The source of the unauthorized access is unknown. However, the attacker was only in the system for 3 to 5 minutes, and an operator corrected the concentration back to 100 parts per million soon after. It would have taken a day or more for contaminated water to enter the system. In the end, the city’s water supply was not affected. There were other safeguards in place that would have prevented contaminated water from entering the city’s water supply, which serves around 15,000 residents. The remote access used for the attack was disabled pending an investigation by the FBI, Secret Service and Pinellas County Sheriff’s Office. On Feb. 2, a compilation of breached usernames and passwords, known as COMB for “Compilation of Many Breaches,” was leaked online. COMB contains 3.2 billion unique email/password pairs. It was later discovered that the breach included the credentials for the Oldsmar water plant. Water plant attacks feared for years Cybersecurity attacks on small municipal water systems have been a concern among security professionals for years. Florida’s Sen. Marco Rubio tweeted that the attempt to poison the water supply should be treated as a “matter of national security.” “The incident at the Oldsmar water treatment plant is a reminder that our nation’s critical infrastructure is continually at risk; not only from nation-state attackers, but also from malicious actors with unknown motives and goals,” comments Mieng Lim, VP of Product Management at Digital Defense Inc., a provider of vulnerability management and threat assessment solutions.The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online “Our dependency on critical infrastructure – power grids, utilities, water supplies, communications, financial services, emergency services, etc. – on a daily basis emphasizes the need to ensure the systems are defended against any adversary,” Mieng Lim adds. “Proactive security measures are crucial to safeguard critical infrastructure systems when perimeter defenses have been compromised or circumvented. We have to get back to the basics – re-evaluate and rebuild security protections from the ground up.” "This event reinforces the increasing need to authenticate not only users, but the devices and machine identities that are authorized to connect to an organization's network,” adds Chris Hickman, Chief Security Officer at digital identity security vendor Keyfactor. “If your only line of protection is user authentication, it will be compromised. It's not necessarily about who connects to the system, but what that user can access once they're inside. "If the network could have authenticated the validity of the device connecting to the network, the connection would have failed because hackers rarely have possession of authorized devices. This and other cases of hijacked user credentials can be limited or mitigated if devices are issued strong, crypto-derived, unique credentials like a digital certificate. In this case, it looks like the network had trust in the user credential but not in the validity of the device itself. Unfortunately, this kind of scenario is what can happen when zero trust is your end state, not your beginning point." “The attack on Oldsmar’s water treatment system shows how critical national infrastructure is increasingly becoming a target for hackers as organizations bring systems online for the first time as part of digital transformation projects,” says Gareth Williams, Vice President - Secure Communications & Information Systems, Thales UK. “While the move towards greater automation and connected switches and control systems brings unprecedented opportunities, it is not without risk, as anything that is brought online immediately becomes a target to be hacked.” Operational technology to mitigate attacks Williams advises organizations to approach Operational Technology as its own entity and put in place procedures that mitigate against the impact of an attack that could ultimately cost lives. This means understanding what is connected, who has access to it and what else might be at risk should that system be compromised, he says. “Once that is established, they can secure access through protocols like access management and fail-safe systems.”  “The cyberattack against the water supply in Oldsmar should come as a wakeup call,” says Saryu Nayyar, CEO, Gurucul.  “Cybersecurity professionals have been talking about infrastructure vulnerabilities for years, detailing the potential for attacks like this, and this is a near perfect example of what we have been warning about,” she says.  Although this attack was not successful, there is little doubt a skilled attacker could execute a similar infrastructure attack with more destructive results, says Nayyar. Organizations tasked with operating and protecting critical public infrastructure must assume the worst and take more serious measures to protect their environments, she advises. Fortunately, there were backup systems in place in Oldsmar. What could have been a tragedy instead became a cautionary tale. Both physical security and cybersecurity professionals should pay attention.

What Are The Positive And Negative Effects Of COVID-19 To Security?
What Are The Positive And Negative Effects Of COVID-19 To Security?

The COVID-19 global pandemic had a life-changing impact on all of us in 2020, including a multi-faceted jolt on the physical security industry. With the benefit of hindsight, we can now see more clearly the exact nature and extent of that impact. And it’s not over yet: The pandemic will continue to be top-of-mind in 2021. We asked this week’s Expert Panel Roundtable: What have been the positive and negative effects of Covid-19 on the physical security industry in 2020? What impact will it have on 2021?

Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More
Expert Roundup: Healthy Buildings, Blockchain, AI, Skilled Workers, And More

Our Expert Panel Roundtable is an opinionated group. However, for a variety of reasons, we are sometimes guilty of not publishing their musings in a timely manner. At the end of 2020, we came across several interesting comments among those that were previously unpublished. Following is a catch-all collection of those responses, addressing some of the most current and important issues in the security marketplace in 2021.