« Back to articlePrint this article

$100 million: The heavy price of cyber security

January 17, 2017 12:03 IST

Benefits of demonetisation come at a heavy price for Fintech firms. They will spend a massive amount on securing and reinforcing their cyber security apparatus this financial year. Karan Choudhury reports.

HLCyber Security

IMAGE: A security research expert displays a device that can record and transmit credit card chip information at the 2016 Black Hat cyber-security conference in Las Vegas, Nevada. Fintech companies are getting in touch with firms in America, Israel and Russia to ensure the best protection for their back-end processes. Photograph: David Becker/Reuters.

For financial technology companies such as those offering mobile wallets or payment gateways, the benefits of demonetisation come at a heavy price. To be precise, $50-100 million (Rs 340-680 crore). This is the amount the digital transaction system will spend this financial year on securing and reinforcing their cyber security apparatus.

Two-and-a-half months after demonetisation, protecting the surge of users and the business has become of utmost important at fintech entities for long-term gain. Sector experts say these companies are getting in touch with firms in America, Israel and Russia to ensure the best protection for their back-end processes.

"Third-party security audits are very important to know where the gaps are in cyber security. All companies, small and big, have started spending more on cyber security -- investing in lobbying servers, monitoring systems, back-up systems, among other things. Companies from the US, Israel and Russia are in the forefront of providing cyber security tech," said Nitin Sachdev, vice-president, technology, at Chi Networks.

According to business chamber Assocham, fintech companies would increase their spending on this to around $100 million.

"Companies, together with banks and the government, must make appropriate investment in software and hardware, along with training employees about cyber security, to minimise financial data breaches that have been on the rise due to lack of data encryption," said D S Rawat, secretary general.

Companies in the segment, said the body, need to win customers' trust and that means completely secure, private and reliable services, 3-D or OTP (one time password) security options, data back-up systems and others to spread awareness among people. 

The government is also planning to make the rules tighter in this regard, so that there is no lag on network security.

"We are taking a whole lot of initiatives around it. We have set up a digital payment segment in CERT-In (Indian Computer Emergency Response Team), we have issued advisories on how merchants and bankers need to conduct themselves. We have told the banks that if they see any unusual movement on their payments system, they should report to us immediately. Drills are being conducted and security audits as well," law and information technology minister Ravi Shankar Prasad has said.

Mobile wallet companies say they are devising new ways and doing regular checks at their back-end operations.

"How much ever cyber security money is required is the first call on our resources. For the past 12 months, we have been writing our own algorithm for anomaly detection. Today, we have 500 checks that keep on happening in the background in real time as we do the transaction," said Govind Rajan, chief executive at FreeCharge. 

"On cyber security, we have always been ahead of the competition," claims Upasana Taku, co-founder, MobiKwik.

Karan Choudhury
Source: source image