In the present scenario, banks operate in a highly dynamic environment. Digital advancement along with cyber security has emerged as the new tranquillity for the financial services, says Atul Singh, Regional Director, India Subcontinent, Banking and Transport Solutions, Gemalto, in conversation with Elets News Network (ENN).
Kindly give a brief overview of Gemalto?
Gemalto is the world leader in digital security services. Headquartered out of Amsterdam (Netherlands), Gemalto delivers technology solutions to businesses and governments, authenticating identities and protecting data to enable safe communication between connected devices whether personal or public or on the cloud.
Our innovation driven organisation is formed of 14,000+ employees and 27 research and software development centres located in 49 countries. In India, we have been present for two decades since 1996 and operate out of four locations – Delhi, Gurugram, Mumbai and Noida. Gemalto recorded 2015 annual revenues of 3.1 billion.
Gemalto is working with almost every major bank in India to deploy EMV chip cards as per the Reserve Bank of India (RBI) guidelines. Globally, our network of over 80 partners and 20 banking card personalisation centres, provide the responsive local service for rapid rollout in new and developing markets.
Our organisation has been working with almost all the major telecom operators in India. We have implemented telecom solutions for some big operators in India.
With presence in over 100 government programmes, we help agencies rollout robust digital identity solutions. We also provide solutions to secure eGov services, identity documents, travel documents and border management.
With mobile banking taking its time to win customers’ confidence, how your solutions can help banks earn that trust swiftly?
Today, banks operate in a highly dynamic environment. Mobile banking is a natural consequence of technological disruption. It is the demand for safe, secure and convenient mobile banking combined with the capability of smartphones that has encouraged the banks to roll out their own mobile apps.
But today’s consumers have escalating expectations of app services and banks have to stay ahead of these challenges to keep their consumers happy. According to a global survey conducted by Gemalto, of consumers between the age of 16 and 24, it was found that 48% respondents were not willing to compromise on security.
Anticipating the growing use of technology for banking transaction, the Reserve Bank of India (RBI) has directed banks to implement a robust cyber security/resilience framework to address emerging concerns. Following the directives, RBI has also set up an IT Examination panel to examine the cyber security initiatives of banks.
One such way is the implementation of multi-layered defences. Multi-layered security can be applied in the following techniques:
- Firstly, every financial institution should implement end-to-end protection strategy to secure all end user touch points.
- Secondly, to secure all monetary and data exchanges, financial institutions need to implement strong authentication across all check points starting from the parent body to all the intermediaries like exchanges, treasury, service providers or network operators.
- Thirdly, while implementing protection layers for customers and back-end-systems, security professionals need to implement real-time monitoring of transactions to analyse communications, identify trends, and therefore prevent any fraudulent transaction
- While, we give ample amount of importance to transactions, the last and the most important layer of security is implementing a strong encryption policy. This is the first-hand layer of security for data at rest and in transit.
- For any financial institution, customer data is the most important asset. It is the customer data that can be easily and cheaply intercepted by cyber-criminals for a number of reasons – ranging from data theft to cyberblackmail. With encryption, banks can maintain control of their data, even when it is deployed in the cloud or in their data centre. By moving security controls as close as possible to the data, banks can ensure that even after the perimeter is breached, the information remains secure.
How is Gemalto ensuring a foolproof digitally secure world unlike competitors of your field?
Gemalto has a longstanding global experience, and our digital security solutions are widely trusted across different industries including banks, telecom, enterprise, automotive and government bodies.
With the acquisition of SafeNet that has its core strengths in data protection solutions, we have combined our expertise to secure a complete infrastructure: network, users, data, and software at the core and at the edge. This is the key differentiator that sets us apart from competing products.
In India, Gemalto works with leading public and private sector banks by offering a secure mobile financial environment. We also closely work with leading eCommerce service providers to make shopping secure and convenient for their customers.
As a global leader in digital security, what challenges do you see India is yet to cope with?
80% of Indian banks are susceptible to security threats because they do not maintain their database safely. They need to ensure that access to this data is controlled and secure. For this they need to follow certain protocols that will protect their sensitive information without sacrificing on productivity or data protection. The protocols are:
- Maintaining data confidentiality of sensitive data by encrypting it
- Securing the encryption keys responsible for data encryption
- Granular access and will grant data on need to know basis
- Using multifactor authentication to access the sensitive information
- Managing encryption keys in efficient manner based on defined policies
- Adding many layers of security like tokenization and secure key exchange for communication over and above data encryption
- Using encryption for not only preventing the breach in an effective manner but will also ‘Secure the Breach’ in case it happens
Gemalto works with major public and private sector banks in India. We have recently partnered with Yes Bank who has deployed Gemalto’s SafeNet Network HSM to secure mobile payment transactions under the Unified Payments Interface (UPI). With this association, we aim to ensure the highest levels of security for users of the platform and aid government’s endeavour to turn India into a cashless economy.
Is Gemalto contributing to any Indian government scheme as well?
Gemalto is involved with over 100 government programmes worldwide including electronic-ID cards, passports and driver’s licenses. Gemalto played a key role with industry in the creation of the India national smart card standards –SCOSTA (Smart Card Operating System for Transport Application). Gemalto has rolled-out more than 25 million e-Driver’s Licenses and eVRC (Electronic Vehicle Registration Certificates) in collaboration with several state governments.
In the banking and financial front, Gemalto has played an important role in implementation of the Jan Dhan Yojna with National Payments Corporation of India (NPCI), and Unified Payment Interface (UPI) with the Reserve Bank of India (RBI) by enabling security modules for securing data and monetary transactions.