Landscape in the Making

Similar documents
Cyber Risk Mitigation for Smart Cities

Demystifying IaaS Adoption for Enterprise Applications

Strengthening Privacy Protection with the European General Data Protection Regulation

Big Data Capacity Planning: Achieving Right Sized Hadoop Clusters and Optimized Operations

Building Your Security Operations Center and Taking it to the Next Level

Getting the Most out of IoT with an Effective Data Lifecycle Management Strategy

Serverless Computing: A Compelling Opportunity for Today s Digital Enterprise

Shielding Enterprises from Evolving Cyber Attacks with a Digital Security Framework

Gaining Ecommerce-like Simplicity within a Drone-As-A-Service Framework

Innovation Labs. White Paper. Accelerate Your Digital API Program

n Explore virtualization concepts n Become familiar with cloud concepts

Transforming Railroad Asset Management: Going Smart with Predictive Maintenance

Making Software Inclusive and Accessible

1 Enterprise Modeler

Data Protection: Your Choice Is Simple PARTNER LOGO

Data Governance Simplifying Machine Learning Model Deployment

Multi-drone four-dimensional flight constraint management

Device-as-a-Service Model: Key to Workplace Transformation in the High Tech Industry

Data Warehousing. Paper

Service Oriented Enterprise Architecture and Service Oriented Enterprise

Leveraging Meta Data Management: Powering Cognitive Automation in Clinical Trial Processes

Robots in the Back Office: The Future of Recruitment Enterprises

CA Top Secret r14 for z/os

Bike MS: 2013 Participant Center guide

Bike MS: 2014 Participant Center guide

Continuity Logic Frontline Live

BIKE MS: 2015 PARTICIPANT CENTER GUIDE

Intelligent Systems in Retail. Powered by Windows Embedded

The Threat Hunting Route to Predictive Cyber Security

PayMobile. Features Overview

Session Initiated Protocol (SIP) and Message-based Load Balancing (MBLB)

SCAN INSPECT TRACK SOLVE

State of Mobile Payments. Tom Zalewski Aikon Consulting Dallas, TX

Architectural styles for software systems The client-server style

What are Information Systems?

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

Guide to Applying Online

MANAGED! PREPARE TO BE FEATURES HANDHELD USER DISPLAYS. Specifications MEASUREMENT STABILIZATION INDICATOR

Security and Communication. Ultimate. Because Intercom doesn t stop at the hardware level. Software Intercom Server for virtualised IT platforms

Security Solutions SALES GUIDE. for Connectivity Data Center Applications & Content. Your JUNIPER NETWORKS dedicated Sales Team

Going Mobile with. SYSPRO Espresso

Web OS Switch Software

How Deutsche Telekom protects customer data

Goals of the Lecture UML Implementation Diagrams

Panel for Adobe Premiere Pro CC Partner Solution

CA InterTest for CICS r8.5

n Learn how resiliency strategies reduce risk n Discover automation strategies to reduce risk

Avid Interplay Bundle

Using the Keyboard. Using the Wireless Keyboard. > Using the Keyboard

Future Safe Havens. Jon Crowcroft,

1&1 Next Level Hosting

OpenText RightFax Fax Server

USER GUIDE FOR VENDOR LISTING DATASHEET

Software development of components for complex signal analysis on the example of adaptive recursive estimation methods.

SCI Reflective Memory

Oracle Process Manufacturing

1. SWITCHING FUNDAMENTALS

Chapter 4 Threads. Operating Systems: Internals and Design Principles. Ninth Edition By William Stallings

BEA WebLogic Collaborate

Baan Tools User Management

BE Software Upgrades to ITALYCS 5. It s in the. Software

How Asigra Cloud Backup Protects Your Network

2017 LEARNING SYSTEM CONTACT INFORMATION FOR CLTD CERTIFICATION EXAM PREPARATION. learncltd.com. Joni Holeman, VP Education. APICS DC Metro Chapter

In this chapter, you learn the concepts and terminology of databases and

One advantage that SONAR has over any other music-sequencing product I ve worked

Politecnico di Milano Advanced Network Technologies Laboratory. Internet of Things. Projects

MOTIF XF Extension Owner s Manual

Neolane Social Marketing. Neolane v6.1

Security of Bluetooth: An overview of Bluetooth Security

Understanding the Federal IT Security Professional (FITSP) Certification

Python Programming: An Introduction to Computer Science

Baan Finance Financial Statements

GE FUNDAMENTALS OF COMPUTING AND PROGRAMMING UNIT III

System and Software Architecture Description (SSAD)

Bayesian approach to reliability modelling for a probability of failure on demand parameter

Modern Systems Analysis and Design Seventh Edition

IMP: Superposer Integrated Morphometrics Package Superposition Tool

2016 LEARNING SYSTEM FOR CSCP CERTIFICATION EXAM PREPARATION. learncscp.com

Optimization for framework design of new product introduction management system Ma Ying, Wu Hongcui

Customer Portal Quick Reference User Guide

Air Force Data Reference Architecture and Platform

CORD Test Project in Okinawa Open Laboratory

Task scenarios Outline. Scenarios in Knowledge Extraction. Proposed Framework for Scenario to Design Diagram Transformation

STRATEGIC. alliances & Services

Secure Software Upload in an Intelligent Vehicle via Wireless Communication Links

The Implementation of the National Probation Service Information Systems Strategy

IS-IS in Detail. ISP Workshops

Mindmapping: A General Purpose (Test) Planning Tool

Optimizing Out-of-band Management

Next generation IP- based multimedia services on cable TV networks

Weston Anniversary Fund

Python Programming: An Introduction to Computer Science

CMSC Computer Architecture Lecture 10: Caches. Prof. Yanjing Li University of Chicago

Elementary Educational Computer

Operating System Concepts. Operating System Concepts

APPLICATION NOTE PACE1750AE BUILT-IN FUNCTIONS

Workflow Management Systems

Custodial Integrator Automation Guide

GAAFR. Supplement. Now Available. Covering: pronouncements: Statement Nos. 67, 68, 69, and 70

Your support connection

Transcription:

Tokeizatio: A Fraudfree Paymets Ladscape i the Makig Abstract Baks are uder pressure to meet customers' demads for coveiet ad frictioless digital paymets. At the same time, they are required to esure the security ad safety of such trasactios a effective tokeizatio solutio is fast emergig as the aswer. There are various approaches to implemetig a tokeizatio solutio depedig o the diverse paymet offerigs offered by baks ad the extet of their participatio i the larger ecosystem. This paper describes the cosideratios, impacts, ad implicatios of build ad buy approaches to implemetig tokeizatio solutios.

Tokeizatio: What is i it for Baks? A effective tokeizatio solutio will eable baks to esure the safe ad secure coduct of paymet trasactios i ay cotext of moey movemet or commerce. With ew paymet form factors, chaels, ad paymet models drive by ope APIs, ad real-time paymet schemes drivig paymet iitiatives, tokeizatio is o loger restricted to card paymets. By removig sesitive data from the trasactio process, tokeizatio makes it impossible for fraudsters to misuse trasactio data. With icreasig regulatory focus o cosumer protectio, the potetial use cases ad busiess models for tokeized accout-based istat paymets will icrease. A effective tokeizatio solutio will help baks acquire the ecessary agility to leverage ew paymet form factors ad allow customers to make secure paymets, i tur ulockig expoetial value for baks. Implemetatio Approaches ad Models Depedig o their size ad scope of operatios, baks may choose to either maitai all the tokeizatio compoets ihouse or opt for a combiatio of outsourcig ad i-house operatios or outsource the complete process. For example, large baks may choose to maage all the tokeizatio elemets such as issuace, storage, trasactio processig, ad eve risk authorizatio services i-house, while mid-sized players may restrict themselves to buildig risk authorizatio services. Small baks, o the other had, may collaborate with a strategic parter for the complete solutio. Implemetatio models vary across the idustry with three stadard variats: O-premise tokeizatio: maaged withi the acial istitutios' IT ifrastructure deliverig a high degree of security but with sigi cat overheads Hybrid: mix of o-premise ad outsourced compoets for iche use cases but with loger time-to-market Cloud-based APIs for as-a-service models: outsourced to service providers outside the istitutios' IT ifrastructure but with limited exibility ad cotrol I our view, cloud-based tokeizatio services will become domiat i the ext few moths ad trasced well beyod the cards segmet. It will facilitate overlay services o faster paymet etworks ehacig coveiece ad creatig

expoetial value for customers through social commerce ad Iteret of Thigs (IoT) eabled paymets. No- acial use cases such as the use of tokes for loyalty coupos aboud ad multiple providers will grab the opportuity to offer such services. Key Cosideratios for Buildig a Tokeizatio Solutio Tokeizatio is a secure ad cost-effective alterative to data ecryptio as it miimizes applicatio level chages ad reduces the potetial for data exposure. Some key aspects that must be cosidered while buildig tokeizatio solutios iclude: Flexibility to support varied formats keepig i mid the sesitive data they will eed to hadle. Tokes must have the capability to adapt to additioal format costraits; for example, tokeizatio of credit card umbers may require the actual last four digits of the umber to be retaied i the toke. Sychroizatio services to esure data recovery ad data availability i applicatios that use toke services through periodic replicatio as servers may be distributed across differet data ceters. Architecture appropriate desig to esure superior performace, icreased scalability, ad higher security. Tokeizatio ad de-tokeizatio services should be available through APIs to eable itegratio of ew applicatios ad support secure data exchage. Autheticatio bi-directioal autheticatio for all applicatios prior to servicig requests to verify that the coectio was started with a trusted certi cate from a approved applicatio ad to validate the user who issues a request. Ecryptio of the sesitive data for storage i the toke database. Whe a de-tokeizatio request is made, the origial sesitive data should be erased immediately from the temporary memory ad the log les should record oly the last four or X digits of the origial data for trackig purposes.

Puttig it all Together: Approach to Implemetatio Before embarkig o implemetatio, baks must esure a clear uderstadig of the existig state, aalyze the busiess requiremets, coduct system aalysis, ad idetify possible use cases. Requiremets gatherig: Idetify the key capabilities required icludig but ot limited to PCI DSS compliace, data security, ad ecryptio ad the various use cases for which the tokeizatio solutio ca be leveraged. System aalysis: Aalyze ad map the systems that store ad access sesitive data (platform, database ad applicatio co guratios), ad idetify the processig depedecies betwee upstream ad dowstream applicatios. Applicatio-speci c requiremets: Idetify speci c requiremets madatory for itegratig the tokeizatio solutio with other systems, the database platform to be used, laguages to be used for writig applicatios, the autheticatio methods, ad the APIs to be developed to facilitate data exchage betwee applicatios. De e solutio capabilities: Based o aalysis of how the credetial data is to be used by differet applicatios, assess whether sigle- or multi-use tokes are required. Also, determie the expiry timelies for sigle-use tokes ad check whether multi-use tokes ca be used for differet trasactio cotexts such as i-store purchase, ecommerce, or peer-topeer (P2P) moey trasfer. Implemetatio optios: Based o busiess requiremets, use cases, aalysis of the applicatio systems withi the paymet processig platform, ad applicatio itegratio requiremets, decide whether to build ad deploy the solutio i-house or choose oe of the various solutios available i the market after a well-rouded aalysis. Baks that choose to use a third-party solutio must also decide whether to host it opremise or parter with a service provider. Several third-party tokeizatio solutios are available i the market. Some of the top players i this space are Gemalto, TokeEx, Hosted PCI, Thales esecurity, SafeNet Tokeizatio, Vaultive, Ic., ad Spreedly. These solutios are cloudcompatible ad have the capability to provide vault ad vaultless toke services. Baks lookig at third-party tokeizatio solutios must coduct a proof-of-cocept (PoC) to esure that the chose product meets compatibility ad ful llmet

requiremets for key features. Typically, a tokeizatio solutio must meet the followig requiremets: Itegratio with idetity ad access maagemet systems to esure veri catio ad cotrol of users who place tokeizatio ad de-tokeizatio requests Toke server with embedded data store ecryptio, key maagemet services, trasactio moitorig, securig commuicatios, ad veri catio of de-tokeizatio requests Scalability across geographies ad products to provide the same level of service performace despite icreased volume ad variety of data Quick respose to ew toke requests ad elimiatig delays i ful llig tokeizatio ad de-tokeizatio requests Support for multiple toke vaults (MS SQL, Oracle, MySQL), API services for toke service cosumig etities, ad vedor toke server failover capabilities Makig the Right Choice: Build or Buy? Baks will eed to take ito accout multiple cosideratios while decidig o whether to build the solutio i-house or opt for a third-party solutio. Table 1 depicts a high-level compariso of both optios across some key parameters. Table 1: Build versus Buy Compariso for Tokeizatio Solutio Implemetatio

Based o a evaluatio of speci c requiremets like preferece for sigle or multi-use tokes or differet toke formats, orgaizatios will eed to decide o whether to build or buy the solutio. Buildig the solutio i-house will reduce log-term costs of toke operatios ad reder the exibility required to customize the solutio. Moreover, it will also provide baks a opportuity to white-label the solutio to their parters. However, i-house developmet will take a loger time to roll out ad etail higher iitial ivestmet. As depicted i Table 1, each optio comes with its ow set of stregths ad weakesses. Baks must make a choice based o a assessmet of their critical parameters ad strategic objectives. The Bottom Lie The proliferatio of digital paymets has bee oe of the most promiet outcomes of the digital revolutio. However, this has icreased the ous o baks to esure secure ad safe customer paymets uderscorig the eed for a holistic tokeizatio strategy. Moreover, meetig risig customer expectatios i digital paymets will require baks to leverage exteded parter ecosystems ad offer overlay services, which will help create expoetial value for customers as well as busiesses However, a robust tokeizatio solutio is a prerequisite to offerig overlay services, ad baks would do well to icorporate tokeizatio ito their digital paymet strategies.

About The Author Debasis Thakur Debasis Thakur is a Seior Paymets Cosultat with the Cards ad Paymets group withi TCS' Bakig, Fiacial Services, ad Isurace (BFSI) busiess uit. He has over 20 years of experiece i workig with global bakig cliets i the areas of busiess developmet ad solutio desig focusig o cards ad paymets. Thakur has achored several trasformatioal projects for TCS' cliets the world over, ad is curretly focusig o iovatios i the digital paymets space to help global fiacial istitutios reimagie their paymet processes. Cotact Visit the Bakig & Fiacial Services page o Email: bfs.marketig@tcs.com Blog: Drive Goverace www.tcs.com Subscribe to TCS White Papers TCS.com RSS: http://www.tcs.com/rss_feeds/pages/feed.aspx?f=w Feedburer: http://feeds2.feedburer.com/tcswhitepapers About Tata Cosultacy Services Ltd (TCS) Tata Cosultacy Services is a IT services, cosultig ad busiess solutios orgaizatio that delivers real results to global busiess, esurig a level of certaity o other firm ca match. TCS offers a cosultig-led, itegrated portfolio of IT ad IT-eabled, ifrastructure, egieerig ad assurace services. This is TM delivered through its uique Global Network Delivery Model, recogized as the bechmark of excellece i software developmet. A part of the Tata Group, Idia s largest idustrial coglomerate, TCS has a global footprit ad is listed o the Natioal Stock Exchage ad Bombay Stock Exchage i Idia. For more iformatio, visit us at www.tcs.com All cotet / iformatio preset here is the exclusive property of Tata Cosultacy Services Limited (TCS). The cotet / iformatio cotaied here is correct at the time of publishig. No material from here may be copied, modified, reproduced, republished, uploaded, trasmitted, posted or distributed i ay form without prior writte permissio from TCS. Uauthorized use of the cotet / iformatio appearig here may violate copyright, trademark ad other applicable laws, ad could result i crimial or civil pealties. Copyright 2018 Tata Cosultacy Services Limited TCS Desig Services I M I 10 I 18

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback