Data security in an omnichannel world

As more consumers are getting comfortable storing card and VPA (Virtual Payment Account under UPI) details online, the security of the underlying database needs to be ensured.
  • Updated On Feb 16, 2021 at 12:33 PM IST
By- Tanya Naik

India’s e-commerce industry is on a phenomenal growth trajectory and is expected to reach USD 99 billion in size by 2014, growing at a CAGR of 27 percent during 2019-24 as per ‘Global Internet: e-commerce’s steepening curve’- a report by Goldman Sachs.

COVID-19 is undoubtedly driving a significant share of the current e-commerce transactions through digital payments, preparing consumers for a long-term shift. The surge in e-commerce and digital payments in 2021 will be consistent across the country. This exponential rise has deepened concerns about potential cybersecurity risks for consumers and businesses, as well as new kinds of data security breaches. More than 900,000 spam messages, 700 malware attacks, and 48,000 malicious domains were discovered in the first four months of 2020, according to an Interpol report — all related to COVID-19.

Advt
Online data and payments security, whilst acknowledged, needs laser-sharp focus from e-commerce businesses. Let us first understand the entities involved in e-commerce payments through the following illustrated model:


With important payment information being passed between these entities, data security at every step needs to be managed. Some important security protocols include - TLS encryption through SSL certification, ensuring PCI DSS compliance for encryption and storage, tokenizing card credentials, managing two-factor authentication. Additionally, with India moving to a GDPR equivalent legislation, storage, and usage of critical personal data whilst managing data localization and data transfer restrictions is paramount.

As more and more customers get more comfortable storing card and VPA (Virtual Payment Account under UPI) details online, the security of the underlying database needs to be ensured. Most companies use an online, or cloud, storage system with encryption to store customer payments vault. If these details are compromised thru vulnerabilities, for the average fraudster, buying card details on the dark web is the easiest and fastest way to get card information. The Breach Level Index, a global database that tracks data breaches, reported over 14 billion data records that have been leaked since 2013.

Advt
For merchants, thus it pays to invest in fraud detection and prevention either directly or via payment processing entities to minimize the risk of chargebacks and losses. Payment providers with fraud detection services can offer online merchants the required security and the reduced risk of losses.

Moving into 2021, as online shopping becomes a way of life for customers in India, businesses online or about to go online have an opportunity here to impact their bottom line and reach newer markets and get more customers in a cost-effective manner through the e-commerce business. Integrating a robust and dependable payment processor integration is an important consideration, one that will keep your brand reputation and data security intact in an otherwise vulnerable online world.

The author is Head - Online and Omnichannel Business, Pine Labs.

  • Published On Feb 16, 2021 at 12:31 PM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App