Advanced security and agility for the payment industry in the Public Cloud

The deployment of secure payment processing technology environments is an arduous and costly process. In some cases the migration from legacy mainframe-based transaction processing is still continuing, and even relatively recent processing technologies are burdened down with hardware security, key management and encryption devices. This dramatically affects the ability of organisations to deploy or scxale quickly, or even to just change anything infrastructure-related in a cost-efficient way. These downsides affect the agility and efficiency of payments products, and the operating costs of financial institutions and other businesses operating in the payments sector.


With the advent of public cloud infrastructure, financial institutions and payments businesses can be more responsive, and achieve far better results, by leveraging the significant benefits that cloud deployment brings. From being able to create or replicate a secure environment on another continent within a matter of hours, to being able to scale up or down volume handling capacity, and the associated costs, on demand - all these things are possible right here and right now using public cloud technologies.


However, driving the transformation of the payments industry requires not just infrastructure to be available; it also requires cloud-ready technologies that are agile, flexible, secure, and ready to harness the benefit that cloud infrastructure can offer. It is the ground-breaking approach that independent software vendors are taking to building security and agility by design into software products; coupled with the power, scalability and speed of cloud that is enabling true digital transformation and delivering new deployment options into an industry segment that has been static for a considerable period.


NEC Payments and Microsoft had recently announced the availability of NEC Payments’ MasterCard and PCI-DSS compliant suite of transaction processing technologies in Microsoft Azure. Utilising cloud platforms such as Azure, and re-engineering the design of the processing engine from scratch, has enabled a technology product that is compliant with the most recent thinking in cyber security and that provides the flexibility to cope with current and future market and product developments.


Additionally, the virtual account-based hierarchy developed as a part of this solution is fully tokenised and compatible with multiple external transaction and integration channels via a set of secure and flexible open-APIs. This enables external networks and payment devices such as MasterCard EMV or contactless cards, core banking, and EFTS, to be seamlessly handled alongside other more innovative channels like external digital wallets or cryptocurrency accounts, and for the solution to be integrated with the latest CRM and ERP solutions built on Microsoft Dynamics 365 or other business process platforms.


With the ever increasing cyber security threat, it is crucial to ensure that processing technologies are administered and managed to the highest levels of security. This is achieved through a number of techniques including: segregating production and administration network traffic across physically and logically separate networks; controlling external access into processing environments for administration purposes across VPNs that are protected using two-factor authentication; and through the deployment of utilities such as dedicated network monitoring; logging and event management; data replication, virtualisation and back-up; patching; and intruder detection and prevention systems; that all assist to maintain control and preserve audit trails.


In addition to its use as a production resource, cloud infrastructure is a cost-efficient and highly-effective disaster recovery and business continuity planning resource; and it provides a flexible, scalable, on-demand resource for development, prototyping and testing.  


Many of the benefits of Cloud technologies are immediate and seemingly obvious; however, working within the financial services industry requires risk assessments to be performed and decisions to be made taking account of many factors in addition to technical and economic benefits. For this reason, establishing and maintaining the trust of clients and the security of data and solutions is critical. Security, risk management and compliance must be at the front and centre of everything that organisations like NEC Payments do.




Your email address will not be published. Required fields are marked *