Managing risks that arise from eCommerce sector

By: Rana Gupta, Vice President of APAC Sales for Identity and Data Protection at Gemalto

A study conducted by Moody’s Analytics in 2013 estimated that the greater use of electronic payments added nearly US$1 trillion in global economic growth over a five-year span between 2008 and 2012. That growth in GDP was equivalent to creating 1.9 million jobs. The benefits of e-commerce are not confined to individual companies. From a macro perspective, e-commerce will, no doubt, help to enhance economic efficiency by cutting costs of businesses, facilitate price discovery of goods and services, and contribute directly to price stability and increased competition.

However, there is a concern that the exponential rate of e-commerce growth may be far surpassed by mainstream security measures set in place to properly regulate online commerce and prevent consumer identity fraud. Every time a new e-commerce innovation is released, a new security risk is posed for consumers. In view of how the growth affects security, the burden of determining how to transact safely online and how to secure the process has fallen hardest on respective parties.

Government departments in different Asian cities have, therefore, carefully considered the approach that it should adopt in view of its dual role both as a regulator and facilitator to promote a healthy development of e-commerce. For example, the Hong Kong Monetary Authority (HKMA) in Hong Kong and the Controller of Certifying Authorities appointed by the Central Government in India, both aim to promote and facilitate e-commerce services through the wide use of e-bill platform, e-cheque initiative or digital signatures as well as to put in place a robust legal and regulatory framework to manage the risk that may arise from e-commerce.

With the driving forces of regulatory compliance launched by government departments, enterprises, especially those in banking, financial services and insurance (BFSI) sectors, are taking the next step. According to the Indian branch of Transition Systems, a regional distributor of technology products with offices distributed all around Asia, customers in BFSI vertical select security solutions like Hardware Security Module (HSM) solution, cryptographic token technology, one-time password token, Two-Factor Authentication solution in order to address the government’s requests.

This is because security access cannot be ensured with something as simple as a 6-digit password entry anymore. To ensure businesses handle sensitive data in a secure way, either an end-to-end encryption system must be installed or payment processing should be outsourced to a service provider that tokenizes sensitive data externally. Token technology takes a credit card number, for example, and replaces the 16 digit card number with a custom token. The token mirrors the format of the original data, but is non-descriptive. Tokenization requires the use of a gateway, which is where the sensitive data is stored.

Leave a Reply

Your email address will not be published. Required fields are marked *