The last few weeks I’ve been busy with the various in-person events I attended (first Money20, thenDigiPay2021), but I’m not complaining. It’s energizing to speak in front of a live audience, while also reaching people online. On the 8th of October, I participated inNext Difi 2021, a hybrid event, dedicated to banking and fintech innovation, digital finance, cybersecurity, blockchain, and more.
I had the pleasure to moderate the Banking and fintech innovation, and cyber security and risk management panel. I enjoyed intriguing discussions with members of DSK, Acronis, and Sirma Business Consulting. They shared exciting insights, so make sure you watch the recording (link below 😉 ).
I also participated in the Innovative Technologies, New Players, and Transformed Business Models panel, where I gave a presentation on Card Payments Security Standards. In particular, I discussed the PCI DSS, 3DS, and PIN security standards. I shared an overview of what they are, who needs them, and what common misconceptions most people have about them.
A big ‘thank you’ to b2b Media for organizing the event and for inviting me to participate. See you again on the Fifth Edition!
A full recording of Next Difi 2021 can be found here:
It’s confirmed: live events are slowly making their long-awaited comeback, and they have become so much better! Just a few weeks ago, we attended Money20/20, where we were hyped to see our fintech friends in person and to find many new ones.
To give a flying start to October, we also attended DigiPay Conference 2021on the Ist of the month. DigiPay is the event when it comes to secure and convenient digital payments in Bulgaria, and was packed with professionals from the payment and banking sector, who brought us up to speed with the newest fraud and security trends in digital payments.
To begin with, the audience enjoyed a valuable panel on Open Banking, where banks and fintech companies discussed the challenges they meet in its face, the new solutions it presents, and the extent to which the payment sector is, or isnot, utilizing the new opportunities.
Speakers then discussed digital payments in regards to identification and customer journey, where we observed valuable insights and statistics, as well as exciting innovations to look out for.
To get a more elaborate overview of the Real Time Fraud Prevention panel and the related Live Demonstrations panel, I sat down with their moderator – our CEO and Founder, Pavel Kaminsky.
Pavel, overall, how did you find the organization of the event and the topics discussed?
I think it went great. We had around 100 people attending in person, and around 200 joining online. The panels were organized in a logical way, with enough time for discussion and for the audience to participate and ask questions. I noticed the panels are getting more exciting compared to previous years – the audience is more involved, the professionals – more detailed, and the issues raised – truly relevant. The moderators were handling things well and contributed to the discussions. Catching up with friends in-between panels was also awesome.
What about the panel you moderated?
It was the best one : )
Haha, no doubt there. Care to elaborate, though? Could you tell the readers more about the topics that were discussed?
Sure. I moderated Real Time Fraud Prevention panel. We had six speakers, who had prepared strong presentations that I observed with interest. We saw the newest trends in cybercrime when it comes to online payments, including the ways cybercriminals are bypassing the 3D password, which was added as a multi-factor authentication scheme, but is already exploited by cybercriminals.
Speakers then discussed how difficult it is to combat fraud in real time transactions, as instant payments = instant fraud, and how trying to prevent all fraud types and tools is an unrealistic approach. Instead, being able to adapt to current threats, adopting flexible case management, not relying solely on AI, and focusing on threats most relevant to one’s organization proves to be a much wiser strategy according to our speakers.
I was curious to also see a seminar, demonstrating a bank-level payment security program, which not only focuses on compliance and software but also on training employees and constantly testing their knowledge in practical ways. Such dedication to security is very impressive.
Towards the end of the panel, the audience found out how DeFi can be a more secure payment solution, mostly because there’s no centralized control, therefore no opportunity for human error. At the same time, we were reminded we shouldn’t see DeFi as 100% safe. Unfortunately, there are exploitation risks involved, that shouldn’t be underestimated.
To finish off, the panel concluded with a blockchain talk, discussing how blockchain solves many cybersecurity issues, but it presents new ones, and we already have examples of scams. This summarized the panel nicely – we concluded that there are no perfect solutions to solve all security issues, and while blockchain and other innovations can greatly reduce risk, it is never eliminated.
After that, I moderated a second panel with live demonstrations, where speakers gave the audience a live show for fraud prevention and showed them current trends in phishing attacks.
That was a nice summary, thank you. Besides the lack of a magical pill for payment security fraud, I noticed another ongoing theme that came up in all the talks – the human factor.
Yes, absolutely. All security and fraud prevention experts highlighted that we shouldn’t forget that on both ends of technology we have a human being. Compliance with established security standards and investing in good software solutions are important. However, focusing solely on getting more certificates and buying the most expensive product will not prevent your employee from making a costly mistake, or your customer from clicking on a fraudulent link.
Cybercriminals have realized for a long time now that trying to attack an organization is not easy, but attacking its customers often is. What came up over and over again throughout the panel is that many fintechs and banks fail to educate their employees and customers on how to recognize and report fraud, and how to carry out safe digital transactions.
As I mentioned, I was impressed by the dedication of some of the speakers, who presented us with the ways they keep their employees educated on cybersecurity. Unfortunately, overall I rarely see an organization that really focuses on the human factor when creating a security program. I sincerely hope the panel raised awareness on that.
Correct me if I’m wrong – this is a topic you have been discussing for a while now?
Yes, and I was glad it came up during the panel, because underestimating the human factor is a serious flaw of most payment organizations, and it’s vital to talk about it more. I’m more than happy to help all my clients achieve compliance with PCI DSS and consult them on how to follow the requirements, but it’s no less important for them to teach their users not to click on suspicious links and recognize and report fraud.
Indeed! Any final remarks?
I’d like to say thanks to Raya Lecheva – the main person to ‘blame’ for DigiPay, along with all the organizers and participants who made it happen. Being able to meet in person, discuss, network, and simply communicate with such inspirational professionals within our industry, was invaluable. I’m already looking forward to DigiPay 2022, bigger and better.