CEBU, Philippines — As consumers continue to embrace the convenience of digital transactions, cybersecurity provider Utimaco warned banks and financial service institutions of a riskier environment that may affect a larger number of consumers if not properly addressed.
“Now that banking transactions are increasing; data security and identity protection are more at risk from cybercriminals,” warned Deval Sheth, Utimaco managing director for Asia Pacific.
In the Philippines, Utimaco is working with several stakeholders, such as Securemetric and Coreware Technology, to ensure a guarded digital future.
The company is intensifying its move to protect consumers in the Philippines from cyber criminals, such as the introduction of Hardware Security Modules (HSMs) to banking and financial institutions to curb hacking incidents.
HSMs are devices to create, protect, and manage cryptographic keys in a secure domain during transactions. And HSM applications differ in the four key parties of the data ecosystem. The chip for EMV transactions in its payment card serves as a micro-portative HSM for a card owner.
However, for the merchant side, the use of HSMs depends on the scale and nature of a business. Smaller vendors can rely on point-of-sale (POS) terminals built with secure memory and cryptographic hardware that can act as HSMs.
Major retailers, on the other hand, would require network-attached HSMs to ensure secure transactions.
Meanwhile, the issuing bank needs robust HSMs to generate, protect, and manage the keys to activate and process payment cards. For the acquirer, HSMs handle all the merchant’s financial channel keys and process the cryptographic flow in the issuer’s direction.
“HSMs are essential to protect the ciphered transactions across the four corners of the data ecosystem. It acts as a safe in a financial institution’s network and houses the keys needed to decrypt consumers’ critical data. Now that banking transactions are increasing; data security and identity protection are more at risk from cybercriminals. This makes HSMs vital to the key parties in the data ecosystem,” Sheth reiterated.
Sheth mentioned that Utimaco offers reliable HSMs that can securely process transactions in the financial industry. One of these devices is the Atalla AT1000, a FIPS 140-2 Level 3 and PCI PTS v3 certified payment HSM. Among the financial institutions that integrated this HSM is a digital payment services platform and an e-money company in Pakistan called NayaPay.
With this, the financial institution aims to secure customers’ data, identities, and finances while adhering to compliance and regulation standards. After integrating Atalla AT1000, NayaPay gained robust and flexible protection at every transaction, cut the cost of ownership through consolidated HSM infrastructure, and met security and compliance requirements, among others.
In today’s digital world, banks and financial service institutions (FSIs) are responsible for protecting consumers’ critical data to avoid economic and reputational loss. However, existing infrastructures continue to evolve due to the industry’s digitalization, and more consumers are now utilizing digital platforms for their daily transactions. According to the Bangko Sentral ng Pilipinas (BSP), such situations risk data security and identity protection.