Banking News – The global landscape of digital payments is evolving rapidly. In South Asian countries, new payment methods such as real-time payments, digital transactions, and QR-based payment systems are being introduced. However, with the rise of online transactions, new risks and challenges have also emerged, including payment data breaches, hacking threats, and cyberattacks. Various countries are working on their own strategies to mitigate these risks while also sharing challenges and solutions on a global scale.

As the largest digital payments market in South Asia, India has been actively working on securing digital transactions. The Payment Card Industry (PCI) Security Standards Council (SSC) has been established to set security standards for digital payments. Nitin Bhatnagar, the Regional Director of PCI SSC for India, South Asia, the Middle East, and Africa, discussed the latest challenges in digital payments, cyber threats, and potential solutions in an interview with Banking News. Here are some key excerpts from the conversation:

What is PCI Security Standards Council (SSC)?

The PCI SSC is a global forum dedicated to creating security standards for protecting payment data. We collaborate with major payment service providers like Visa and Mastercard to ensure secure payment transactions. Additionally, the Payment Council of India plays a key role in developing these security standards.

I have been working with PCI SSC for the past seven years. We closely collaborate with stakeholders such as the National Payments Corporation of India (NPCI) and Nepal’s National Clearing House Limited (NCHL) to develop and implement security guidelines for digital payments.

How is PCI SSC working to ensure payment data security in cross-border transactions between Nepal and India?

We have partnered with NPCI in India and NCHL in Nepal to identify challenges in cross-border payments and explore solutions. By working together with various stakeholders, we aim to enhance security standards in this sector.

With the rise of fintech companies in South Asia, how is PCI SSC collaborating with regulators in India and Nepal?

Our role is to set security standards and ensure their implementation. As fintech adoption grows in South Asia, both challenges and opportunities increase. That’s why we focus on educating regulatory bodies about payment data security. We have already developed the PCI DSS (Data Security Standard), along with 15 other data security guidelines.

Our primary goal is to raise awareness among regulatory bodies about data security. The payment ecosystem involves multiple entities such as licensing authorities, service providers, vendors, and merchants. Each of these entities requires different security standards, and PCI SSC plays a key role in setting, managing, and guiding the implementation of these standards. However, enforcement is carried out by service providers.

Payment fraud and data breaches are increasing in South Asia. What are the biggest challenges in this region?

Payment fraud and data leaks are not just regional problems—they are global concerns. One of the most common cyber threats is phishing, along with various malware attacks. PCI SSC is actively working to reduce these risks by setting industry standards.

To address this issue, we have introduced PCI DSS Version 4.0, which helps prevent phishing and social engineering attacks.

With the growing adoption of mobile wallets and real-time payment systems, has PCI SSC introduced any new security guidelines?

Recently, PCI SSC launched MPoC Standard Version 1.1, which enhances security for mobile-based payments. More details about this standard are available on our website.

How do you see the future of digital payments in South Asia, particularly in Nepal, India, and Bangladesh?

Payment methods are continuously evolving, with innovations such as QR codes and contactless payments transforming the landscape. PCI SSC plays a crucial role in ensuring that these payment methods are secure by developing and promoting security standards.

What are the key cybersecurity challenges in digital payments, and how can service providers protect themselves?

The biggest challenge is awareness and literacy regarding cybersecurity. Understanding how security standards function and how they contribute to developing secure payment methods is crucial. PCI SSC is committed to raising awareness and ensuring global payment security.

With the rise of AI-powered payment systems, how is PCI SSC working to ensure their security?

PCI SSC is working on securing AI-driven payment systems by developing new security standards. As technology evolves, our security frameworks also continue to adapt to emerging trends.

How can South Asian countries collaborate with PCI SSC on cybersecurity?

PCI SSC is already working with NPCI in India and NCHL in Nepal to strengthen payment security and cybersecurity in the region. By sharing challenges and collaborating on solutions, South Asian countries can significantly reduce cybersecurity risks in digital payments.