Sign Iowa Banking Permission Slip Secure

Industry sign banking iowa permission slip secure

uh we'll start our webinar with a brief introduction to our speakers as usual and then i'll hand over the stage to andre yaramenko and diego scheinhendler for their presentations um at the end and will hold a short q and a to wrap everything up where you'll get a chance to ask questions to uh to our panelists um on any topic you'd like and um they'll do their best to answer it uh i'm joined now by diego steinhander hi how are you thank you for having me hi diego diego is the north american senior vice president of business development for cyber and intelligence solutions at mastercard where he is responsible for sales and partnerships of authentication fraud ai and general cyber solutions throughout his career diego has held roles at industry-leading financial companies like discover and paypal as well as in fintech at startups like transpay and check wow holds an mba from the university of texas um and a degree in digital business leadership from columbia university welcome diego we're so happy to have you here today thank you we're also joined here by andrea menko the cto and co-founder of hub security um hello andre um i think you're muted but um so hi stephanie thank you all for joining us nice to see you again um andre is the co-founder and cto of hub security a military-grade hardware security firm built by ex-idf 8200 unit security experts andre has a really vast technological background in software and hardware development and specializes in the architecture of complex software and hardware systems during his 13 years of service and the idf's 8200 elite unit andre gained rich experience in managing rf design and manufacturing boards embedded programming fpga design hardware design and implementation welcome andre we're so happy to have you here again thank you um i'll first hand over the stage to diego who will share with us some of his thoughts and insights on new side new and emerging cyber threats in banking industry and then maybe we'll hear a bit from andre on my security is so critical when it comes to protecting digital assets so take it away diego perfect thank you and i'm gonna try to share my screen and hopefully i don't mess up everything that we're doing here let me see you need to enable it for me to do that but in the meantime i'll start talking and and at some point i'll be able either to share my screen or to share the graphs later on but i wanted to talk a little bit about how we at mastercard our thinking of security and how we're evolving with what we're seeing in the environment we are usually seen and when people think of mastercard we're usually seen as a financial services company that is only addressing issues when it comes to a payment transaction but the reality is that we have been way more than that and we have been evolving to be even more than that as we recognize the vulnerabilities of the different ecosystems and the challenges that our stakeholders are having when it comes to a payment transaction a lot of it coming from this evolution and migration of interactions and transactions going from a physical location where the opportunities for fraud and for a scheme a fraudulent scheme to scale quickly we're completely different than what it what exists today when you're thinking of digital assets and the potential for scaling through software through malware and through other methods that could really influence the different enterprises and different systems that are all across so that's really where we're heading so if you start thinking of why are we doing this you can start looking at some of the latest breaches that exist or that have happened and i'm going to be a little bit u.s centric but i'm pretty sure that this you have seen all over the world and i know we have people from different countries on the line but several of them have been huge in north america and probably have resonated in other places we've seen companies that we all recognize like microsoft and facebook and and some big hotel chains like myriad and target getting breached through the vulnerabilities that they have either within their ecosystem or within a third-party vendor that allows access eventually to breach for fosters to steal credentials then those credentials end up in the dark web eventually being used in most cases for payment or to act on behalf of someone else to get some financial gain out of it and that's when we started to see well we have a a much bigger role within this ecosystem that just protecting that transaction because if we're not protecting the initial interactions and the systems that are around the data that it's being collected then we're really failing our stakeholders and that's what we're moving towards some of the the thinking and if you all start thinking of how life has evolved lasting years but even more slow in the last few months with the panic the evolution to digital has been accelerated if you think of how many records data are being kept by all of this digital players that we're interacting with on on a single minute right so i had a graph that i'll show later but they're over 41 million messages exchanged on whatsapp on every single minute where's that data going i know whatsapp is encrypted but as you start thinking of any other interaction with amazon with netflix with linkedin with facebook with uber all that information is being captured somewhere it includes in some case personal information that needs to be kept secure it includes payment credentials that need to be secure so all that really becomes part of the assets that we want to protect that eventually could affect our main stakeholders both consumers as well as merchants and issuers that mastercard talks about on a regular basis drilling down a little bit more into what we usually discuss uh across mastercard we've seen in the during the pandemic an increase in the cyber crime that has been reported to the fbi 300 percent increase during the pandemic so so massive increase of vulnerabilities obviously hackers know that we're all working from home they know that a lot of companies don't have the best security to protect all of their assets and resources working from home and having all these connections that are really stressing the systems of different companies and they are going at it uh like it's a party basically we also have the realization of uh the future of iot connected devices and you think why mastercard and connected devices but as you start thinking of the evolution of payments and even today in some countries where alexa and amazon has already enabled voice payments you can be in your house and and pay through a device that is not necessarily you holding a card it's not necessarily you having a device in your hand like a phone it's just something that's in your house that someone could pay through and and eventually it will be your car paying through and having a payment credential in it it will be your fridge maybe asking for you know more milk when you run out of milk and making that payment transaction on your behalf and all those devices that will hold payment information and personal information will need to be protected then there is the realization what i was saying at the beginning of fraud and how much you can scale fraud in the digital world and how the physical world has been protected so you're all familiar with the chip that has been placed on the cards and that really has diminished fraud in the physical world when it comes to payments and payments have migrated online because if it's easier than trying to crack uh each of the chips on a card and and it also scales faster so we see four times more fraud on the digital world than what we see in the physical world then we have how people are starting to crack into credentials and accounts so it's not only about the payment credential that you have stolen through a breach but is also can i actually start reaching into systems and stealing accounts or create a synthetic id to breach into a system and and act as if i were someone else and we through some of the solutions that we have acquired in the last couple of years we see that 80 of account takeovers starts start a login so how do we protect those logins whether that is the login of a bank which obviously for obvious reasons is protecting critical information in the back end but it could be you logging for amazon that also holds a payment credential or holds your address or holds other assets that are of relevance and if you keep going you can talk about healthcare and other industries that probably hold very critical information for individuals the last one within our payment of value today that just to give you a sense is when it comes to chargebacks and chargebacks is that instance in which someone makes a payment we probably have seen it where you see a payment in your statement and you say that wasn't me but what is going on now with the digital world and a lot of this recurring payments to think of gaming things of itunes netflix and others households are using shared payment credentials and in some cases it's either a child or actually a person saying that wasn't me so we see 50 of those chargebacks people calling a bank and saying that wasn't me being friendly fraud meaning it actually was that person or someone within the household so our strategy is based on looking at all these threat vectors and all these uh different areas of fraud that are affecting the interaction that are affecting our stakeholders and really damaging the overall experience of commerce and how do we fix them and that's really how we've been evolving we have really focused on three areas where we either have addressed the problem with internal product development or have acquired other companies or are moving towards protecting that is one is cyber and it's this idea of overly protecting the ecosystems we recently acquired a company called risk recon that allows our stakeholders to have an assessment of potential vulnerabilities that someone can have through themselves right so part of their infrastructure being online that is not protected that maybe there wasn't the proper update on the software or or any other vulnerability there either through them or through a third-party vendor so a lot of the things that you're seeing now online is people are using sas vendors or multiple connections and they might have access to your in digital infrastructure and through that is that a thread or a malware or a hacker could come into your infrastructure so so that's something that we're looking at on on a regular basis and we're also looking at the overall ecosystem of payment transactions obviously and using it to recognize patterns and to prevent attacks that could spill into other regions or into other banks so that's that's part of a small part of what we're doing when it comes to cyber the other area is when it comes to digital and this investment that allows us to either recognize patterns on a digital environment once a consumer or a bot or a malware or a hacker trying tries to interact or access into an account and i talked a little bit about account takeover and this functionality through behavioral biometrics allows us to recognize the right user coming in within the same framework of digital we we go into authentication authentication of payments authentication of people during a payment transaction or before a payment transaction we talk a lot about connected intelligence which is this idea of using all these data we see on a merchant as someone starts interacting with the merchant but being able to share that information with the issuer with the bank that has provided the payment credential so that when you're sending your information as a consumer the bank has as much information as possible to make the right decision and that right decision is stop the transaction that is not the right coming from the right person and let the transaction that is coming from the right person if the funds are available and they're in good standing go through because we've all been declined for sure when we were trying to make a payment and we never know what's the reason right and these are all models that are working constantly and we also provide those models and have made acquisitions on artificial intelligence to make those models that banks use smarter but it's the model then it's the amount of data that we're making and sending through to make this collaboration more efficient last part that i'm going to touch within this strategy is the chargeback piece and i talked about friendly fraud and that 50 of chargebacks coming from people that actually made the transaction we also acquired a company called ethica last year i believe that allows us to create a layer of collaboration in between merchants and banks so that the amount of those disputes that consumers are bringing is reduced by telling on the back end through alerts that the transaction that that just happened was not done by or done by the proper person and stopping the shipment of those goods if possible so sometimes when someone is calling and disputing a transaction that might happen before the goods and services were provided and you can still stop that or there could be some sort of resolution on the back end reducing the cost of the normal flow of that resolution which used to happen in the in the past right those are not cheap processes to just when someone calls and says hey those five dollars that wasn't me it's not a cheap process so so the more we have a collaboration and sharing of information it's key to maintain and protect those environments lastly and things that we're thinking for the future when it comes to security when it comes to cyber when it comes to digital is a little bit of what i mentioned at the beginning when we started seeing the vulnerabilities and the different pieces that could hold a payment credential that could act on behalf of us we started to think about how do we maintain trust when we set up a paper a payment credential when we talk about trust even one level up right so let me back up a little bit talk about trust when you're interacting with a company how do i trust the company that i'm interacting with and what are the solutions that mastercard could provide to that company so they're properly secured and they talk about cyber and vulnerabilities and what we do there then how can we provide trust to a consumer as you're giving away part of their information and their payment credentials and how do we not only establish trust but maintain that trust throughout all of the interactions that are happening in between that consumer the bank the merchant etc the last piece and and we've published a manifesto on this is digital identity so as you're thinking of trust as you're thinking of enabling security as you're thinking of the future of all these devices having a portable digital identity will become critical in which individuals will be able to share information without disclosing all of their information and if you have been following the news and you saw the iphone ios 14 this week you probably saw that one of the key updates was about how much information you're sharing with different apps and i think this is something that we will keep seeing as an evolution and we're also participating and trying to help construct that network that will share information but just the information that is needed you don't need to know my date of birth when you're only trying to check if i'm over 18 or over 25. i only need to know the answer to that question you don't need the full information and that's kind of the essence of this idea of a digital identity and how much of it to share with different stakeholders uh i'll stop there because otherwise i'll take the full hour but but i want to see what andre has to say on on some of these topics yeah thank you so much diego it was super interesting uh to hear what you guys are up to at mastercard um how you guys are working to prevent fraud and uh to fight and to fight cyber attacks uh we're different living in a in a digital age that um that's really uncertain um so i mean i think i'll leave andre to speak a bit more about this um and maybe even touch on quantum proofing um which is the next threat in he cyber era but um andre wait why don't you take it away we'd love to hear some thoughts from you yeah sure uh thank you sterny and thanks a lot diego for uh talking about any cyber cyber issues and topics that are really relevant for cyber security and for identity security and i actually want to start with the what you mentioned during your talk it's two things first of first thing is about trust and the second is about keeping a strong identity in during payments or during handling of a any kind of digital asset so when in this day and age and in the coming years our [Music] machines like frigidaires and and cars and other smart devices hold our identity and hold our payment details then how can how can we trust them to really do only the normal transactions and execute only approved and and good payments and how how we can secure them against the militias hackers and actors that want to steal our money and also to save a lot of money for the credit card companies on the cancelling transactions for example so when machines hold the credentials and they can pay instead of us the and they are essentially connected 24 7 to the internet and can order anything from everywhere then [Music] the security of the identity inside the car or inside the washing machine or inside our home smart home automation becomes critical and on the other hand the security of the wi-fi networks or cell networks is not that good usually all these devices that are starting to to do payments are not designed with security in mind they are designed for extremely low cost a and just to do their own functionality so when adding passwords and and credit card numbers into these devices it becomes very risky because it's very easy for hackers to to go into the wi-fi network and for example for the smart home and from there going to the into the smart car or into the smart device you're right and not to scare the people that join us but there are a lot there's a lot of research being done on baby monitors and and how people can hack into baby monitors and what happens afterwards right so so i totally agree with you yeah definitely like there are many funny funny cases like which are actually not so funny uh i think two years ago their company manufacture the smart kettle with wi-fi so you can start boiling when you are still on the road and the hacker in the conference a succeeded to get the wi-fi password from the of the whole network from a direct connection to this wireless connection to the schedule and from there you are inside the network you can do anything you want so everything is exposed so it's a really big problem today and this is something that is a generally called iot internet of things devices um today it's wide open and it's a big challenge how to create secure enclaves how to add a really high grade security which is equivalent or very close to a security of credit cards or security of the credit card payment terminals for example which is a very high level into this normal standard consumer devices this is i think this is something that is not solved yet it just people are stand starting to think about and uh incorporate into design of this kind of devices and it's very very nasty stage a very initial stages of development and this is something that we in here in hub security have been thinking a lot about a how to provide this really strong a identity and keep the integrity of the identity uh on the edge on all these machines that generate a lots of data a private data secure data secure that secret data and also make payments uh so some the manufacturers can actually incorporate uh existing securing claims into their products instead of investing lots of time and money into design of the secure enclaves design of the payment compliant psi compliant solutions inside the very low cost products where the competition is about sense essentially so i think it's something that is maybe complements uh the ideas diego that you've mentioned before is a we are looking um more on the end points in on the devices and the endpoints where the transactions are being generated even before they come out before they go into the mastercard the security and machine ai and all the analysis to stop the fraud at its a starting point so the hacker cannot do payment initially by misusing or stealing the credentials so we'll save lots of cost and money to the to the credit card credit card companies and banks and all the all the ecosystem that processes payments and so that's the first that's the first thing is how to keep the identity secure on the edge devices um and this is something that we provide here in our company is a a ready secure enclave which is which can be incorporated in any kind of a machine any kind of smart device and provide this secure functionality and secure payment functions a completely isolated and separated from the normal networks so then any anyone can anything can do payments and keep the identity secure and keep the transactions real and the legit essentially so in this way minimize the the fraud and i think that's that's only one part of the equation um as i said the second part is the is the trust a end-to-end trust so on the one end there are users and smart devices which has the which have the payment identity and on the other side there are banks and which must process this these payments and actually take money from a from users accounts and we are also to get the to create the best level of trust uh it's not enough only to be on the user side on the endpoint side it's also a security is also needed on the bank side on the on the processor side which actually transfers the real money between accounts a between the buyers and the sellers of the of the transactions of the payment transactions and here this is also we are seeing a very large vulnerabilities where lots of money has is stalling from banks a from inside the banking networks uh by a hacker attacks like phishing attack by stealing credentials it's a very very big thing where they just sell credentials of the bank officers and they can go into the payment network and create false transactions inside the bank so in this way they still large amounts of money so it is something that is needed to also handle and save and keep the identities also on the payment processor side on the bank side in a secure way so only they i a identified and legal uh legally signed payments that are recognized by the bank actually been made actually made it through to the actual transfer of money at the end and nobody else can go and create for example a and a new payment identity a new credit card which is not real uh and not really recognized by the bank and still do payments for example and so there are two points in the any security one is on the user side on the uh on the page side and the other one is on the data center on the in the payment processor that needs to keep securely the identities the the the roles and also the permissions of what is what is legit payments and in this case um i think their standard security procedures and policies um they are not enough as as we see this because today what happens is that the keys and the um are kept inside secure enclaves inside the hsn modules and that's the only thing that is that is kept securely all the other stuff which are the a payment process applications the fraud detection detecting applications inside the bank network are actually running on the regular servers in the inside data center which are very easily hacked so we know of the use cases some of them are being made public that the hackers they don't actually steal the keys to the payment to the payments they just override the the fraud detection and the payment approval applications and do the transactions directly with the with the secure enclaves by impersonating the security officers and making it very very easy to steal the money yeah it's important to mention on that uh comment that those are swift payments right in the majority the ones that you're mentioning just so the people that are listening to us understand the difference between the payment transaction with a card versus the the big movements of money of bank to bank and the swift which also has had many news about uh being breached but let's just make a point there yeah so definitely the majority of the of the hacking attempts is about the big payments because then it's a payoff is is much much larger uh the this uh however exposes also another issue that securing claims today they are they can be hacked uh so also the payment digital sims they something that is a can be hacked and the thing is when uh when banks or like payment processors they're adding a actual applications very complex complicated applications a to handle payments to proof payments to manage payments then any change in the flow uh for any kind of digital asset transfer it can be substantial for hackers even small changes can aggregate over time and you know and they result in big money transfers um so it's important also today to run not only the actual a pin processing inside the hsm when we're talking about payments uh but also a the applications that do the analysis and stop the pin processing from happening because this is the actual payment a payment moment um we had a few questions coming as you were speaking andre and i think that uh probably because people uh have follow-up questions to what you're saying as well as for diego um and i think maybe you can answer this um as we begin to to go through them a bit more about what companies can do to secure those um those cryptographic keys from getting them on hands i spoke about the secure enclaves um but uh what is necessary in order uh for digital assets to stay safe and protected um so i want to maybe just we have a few questions coming in maybe i'll just start shooting them off uh and uh we'll see if any of them stick so i'm gonna start with a question from hanit and for all our attendees um if you see below in the menu section you have a q a um icon you can just hit that and send a question um if it's first one of the moderators specific moderator um you can just indicate who it's for and we'll try to get to through all the questions um so we have a question here from haneet um thank you for joining uh and this is for diego um diego there is a huge shift in mindset among the millennials that are more willing to share um their personal information which seems to be driving the requirement for all of us to share more and more personal information i've chosen not to download apps that require more information than i believe they need as an example um but these apps already have a lot of subscribers is mastercard addressing these instances where digital merchants you're working with are collecting personal information that may not be relevant to reducing cyber risk yeah this is a great question data privacy is super relevant yeah so two parts to it so depending where your hearing is from there are regulations about data privacy so if you're in europe and other another countries that there are regulations in the us the reason one california has kind of like their own thing but we as a payments company do not rule within what is being collected though what we do and in this market there there are standards and regulation about compliance with holding payment credentials and the form in which they they need to behold pci compliance there's also the move that mastercard and all the networks are doing towards tokenization which means the payment credential itself is now being hauled by the merchant it is a token so if the payment credential were to be stolen then really they're not stealing anything that can be used anywhere else so so that's how we're protecting that part and and the other one is about protecting you from your credential being used by someone else so i talked about account takeover so if your account were to be taking over and someone wanted to make purchases on your behalf then we have a solution to authenticate that payment which means that as the merchant and your bank are interacting with the payment transaction there is information that is being sent through and if this doesn't look like you making the payment they might ask you a question they might create friction to ask you a question to make sure that the right person is making that transaction if depending again where you're at you might have heard of secure code and might have used it that in the past had like a bad experience with how it was used but now it's moving towards biometrics so you will get prompted to put your biometric phase finger voice something else and then that will create an authentication on that payment for your bank to approve the transaction so we're protecting in different ways but we're not ruling over the data that is being collected necessarily okay thank you diego um [Music] another one for for diego here talking about chargebacks how does a company or organization get around or better enhance the process of having to deal with merchants and waiting on merchants to verify charges that are being disputed by the consumer is this i think i'm missing information there but how do you make that process better so the process of chargebacks is well structured by each of the networks they each have their own process what we're building is through through this acquisition of ethica different layers that can enhance the process so in some of the examples that i mentioned what ends up happening and the way you enhance the the processes by the process is not even happening so the minute that someone this transaction an alert gets sent to the merchant the merchant might either provide a benefit if that was the case or cancel the transaction so the dispute process on the back end that we as consumers never get to see but that's costly to match for both banks and merchants gets eliminated i'm sure many of you remember that if you were to dispute a transaction on a certain amount in the past it would just give it away no questions asked and that was part of how costly it was just to go through the process so so just by eliminating the costs and the time that the process used to uh take that is one way the other one that we're moving towards is by providing more information on the statement and this might sound like not rocket science but a lot of the identifiers of merchants especially now when you think of marketplaces that are growing are not very clear so many times you might have seen on your statement it's thirty dollars for a merchant that you do not recognize but that might be only because the name of the merchant wasn't clear so we're starting to also connect through that layer and provide more information in the statement and we see a lot of friendly fraud being eliminated just by providing more information to the consumer great the next question i have here is two part question the first one the first part is for andre um and a follow-up to that is for diego for andre what security threats do you see with open banking and as a follow-up to that for diego is what is mastercard doing to reduce those threats so threats on open banking was that the question yeah let's start with andre so what are some security threats that you see um for open baking currently in the future so i think it's a the the main thing is that if you're talking about open banking it's opening the identity on the user side to be more flexible one and a it makes easier for for hackers to to connect and to to impersonate two percent the user to personalize the original transaction to steal the money and that's the one of the one of the main things one of the main threads so then essentially it becomes a is an issue of uh of risk and value management so for for standard transactions for standard use this the biometric identification the maybe the mobile phone secure identification is a is enough a and a for more a high value high risk transactions or use of a private a private user data or a sharing of private financial data then it is much more sensitive issue how do you open openly open the access um without exposing the privacy information to the hackers and it requires much better and the strict management of secrets i think on the data center sid on the central bank or central organization side which handles all the data all right i um i think you mentioned some of them i think others are around if the credentials were stolen and you're matching someone there's something to be said about the information that exists within a divide data connection location behavioral biometrics etc that's part of it there's another one and again this is a topic that varies by country there's regulation in europe there's no revelation in the u.s it's like a whole different answer depending where you live but a lot of the open banking at least in this market was being known with screen scraping which is not the most secure way and and also the availability of data that was being collected the individual banks was not it's still not standard but also in in many cases it's more than what you would think that they were collecting right so if you were just pairing you had someone asked a question about animal if you were just putting your venom up to your bank you might just think that they're pairing up to see how much money you had to send but they might be seeing a lot more than that so i can see a move towards and they need to already start it and move from screen scraping into more secure api connections and more clarity on the data that is being collected and for purpose and just to answer quickly uh there was a question if i guess it's for me if uh if we have an app like venmo and zillow i don't know zillow but we we power a lot of those things so if you think of when people use venom with a car in the back end we're putting money to a debit card or a bank that might be mastercard if you say ch based in this market we don't yet participate in other markets let's call it in the uk we own vocaling which is the ach powering features so it really depends by market we don't own an app per se but we have acquired assets that allows for money transfers on one two one through the banking rails that are not the card rails it's very important for us to move into other rails outside of the cart and we've also acquired assets that allow for p2p transfers cross borders we acquired a company called transfast that has featured transparent as well and this allows for either business to person or person to person transfers uh from one country to the other great thank you um next cryptocurrency liquidity is at risk can you handle it assuming this is directed towards diego i we are not a bank so we don't do any of that stuff we have several patents on blockchain we are working on several product projects on blockchain that's not in my area but there's a lot of public information on that and we actually work with some companies on cryptocurrency i think we need something but through a debit card as you're converting the money into a proper fiat we don't do liquidity that that's not that we don't need money we're a technology company that connects the dots from one place to another to help people and commerce be more efficient faster and secure um you have another question here i'm trying to understand where this all fits in with hsms or hardware security modules can somebody please clarify maybe andre can can you can answer this and maybe diego can give a little bit of uh also some insight on how mastercard leverages the hsms and their cyber security process yeah sure um so hsm is essentially a hardware-based secure enclave that can be a large appliance that sits in the data center or it can be a very small module very small device that can be in a car that can be in the any kind of a any kind of existing small a or small based or home home based device and the main function of the hsm is to keep the the secret key is to keep the a digital identity of a of the user a secret and isolated from the external network from the internet so nobody can steal your identity so nobody can use the uh your keys your encryption keys or authentication keys without your explicit permission and only you are the only one that can do this and it is based on hardware usually because only in this way a dedicated hardware implementation you can achieve the level of security that is required for the high levels of risk which are involved in payments in in digital asset transactions i would say on my end and can you hear me well because i i saw a couple of comments that i'm choppy at the moment i think it's much better okay uh that this is not my area uh i'm on the core side of the business what we provide to our stakeholders this should be on the area of our internal cyber security and how we protect our own systems so that's that's beyond me and not an area that i work on okay great well i think we are going to wrap up in just a few minutes but i'm just going to throw your final uh final question um you talked about the evolution of fraud and payment landscape what are what are one of the things that has changed um [Music] oh you mentioned one of the things that has changed which is the move from the 3ds yeah yes uh can you just explain maybe the core differences between between right and you're recording it might be my my internet you said a move on 3ds something is that what you mentioned yeah you talked about the evolution of um fraud in the payments landscape and one of the things that you had mentioned in your uh presentation or in your talk was yeah but the move from 3ds um to emv 3ds um and we'll verify for our audiences what the differences are 3ds is a protocol for payment authentication online that's what i mentioned uh masquerade used to call it secure code visa used to call it the secure by visa or something like that it's a protocol that just like the chip on the card it is a standard it's an industry standard that all networks use for to authenticate payments online the new protocol is uh faster it collects a lot more data than than before like 10 times plus the amount of data and it's leveraging a lot of the variables that you can see online to make sure that as you authenticate a payment you're authenticating the right person it also reduces the latency and the friction that existed within that process so in many markets it wasn't used or it was limited to use of it because of the bad experience that it brought to come to commerce and as you think of how seamless commerce is today even you think of an uber ride no one thinks about the payment but the most magical thing about the ride is how it gets to you and then how you pay just leave the car and no one knows authenticating and using all that data becomes important and not creative friction within that magical process of riding a car and not paying is critical so so that those are part of the changes if you're leaving europe i'm sure you're familiar with the regulation it's called ps2 the payment service directive 2 which requests for strong consumer authentication to to comply with that most of the payments many different nuances to it but are using this protocol to comply to it and authenticate and deliver strong consumer authentication thank you diego and with that um i think we'll wrap things up thank you everyone for joining us today and thank you to our speakers andrea minkow and diego steinhandler we hope you're all staying safe and healthy at home and we look forward to hosting many more discussions like these in the future just to stay up to date on upcoming webinars you can follow security on linkedin and on twitter or wherever uh you'd like to get your social media from um you can also check out hub's weekly digest a medium for the latest stories coming out of the blockchain banking and crypto sphere thank you so much to our speakers and thank you to everyone for joining stay safe and stay healthy stay inside if you need to and we hope to see you next week you