So today Yes Bank has announced a partnership with Taisys for a Wafer SIM which you can attach to your regular SIM for making mobile payments. The brilliance of this concept is that it addresses two fundamental problems – a) irregular data services in parts of India b) security for transactions. Even more importantly, this might be the first salvo in the fight from hardware players who want to change the security paradigm when it comes to banking and payment solutions in India.
Indian payment solutions , be they banks or private players, face the same problem of balancing ease of use versus security of payments and data. Hardware solutions can be customised further to be banking provider independent or can be integrated into the next generation of smartphones so that we can choose and select our payment methods
At the same time, from a security perspective , we need to improve the software side of security authentication. For far too long, we have relied on OTPs and PIN numbers while we actually need to move to a smoother method of authentication. This could be through two paths – a) greater data collection from customer which brings up privacy issues and b) alternative authentication methods which reduces customer ease
People have suggested using biometric authentication such as Iris scans/ fingerprint scans and algorithms which will track how you type. Biometric authentication still requires much improvement and doesnt work on clouded irises/ cracked fingers. What we need is banks to go for methodologies which allow them to test the customer’s knowledge of previous transactions- for example, a cafe where he/she regularly has lunch at or a takeaway place where they last ordered pizzas from. Using data they already have from previous transactions, payment providers can help customers navigate security hurdles.
However some customers may feel that this intrudes on their privacy and that banks are abusing their trust. In such a scenario, payment providers can consider a partnership with social media platforms such as Facebook/ Google for a photo based identification where people are asked to identify friends/ family members from images which would serve as an authentication protocol.
That said, we can see that payment providers may have to merge both approaches(software and hardware) to come up with a comprehensive solution which can help users both while they are in urban regions and in places where connectivity is poor but transaction security is still important