Mobile Payment Provider: Challenges of delivering stability, security and compliance to our customer?

Size: px

Start display at page:

Download "Mobile Payment Provider: Challenges of delivering stability, security and compliance to our customer?"

Jody Atkinson
5 years ago
Views:

1 Mobile Payment Provider: Challenges of delivering stability, security and compliance to our customer? FinTech R&D Innovation Conference Luxembourg 19/01/2016

2 The company cashcloud at a glance Currently cashcloud employs 65 people in six European countries.

3 One company six locations 11 7 Cashcloud AG, Basel, Swiss (IR, Legal, Board of Directors) Cashcloud SA, Luxembourg (Marketing, Business Development, Finance) 5 Cashcloud Deutschland GmbH (Business Development, Product Management, IT) 14 4 Cashcloud Technology Services SRL, Romania (Business Development, Product Management, Customer Satisfaction, Backoffice, Marketing, Compliance) Cashcloud Dnepropetrovsk, Ukraine (IT Development) 24 Cashcloud Murcia, Spain (IT Development)

4 Cashcloud - Board of Directors Prof. Dr. phil. h.c. Moritz Hunzinger Chairman of the Board of Directors Sven Donhuysen Member of the Board of Directors Peter G. Heinz Member of the Board of Directors Rainer M. Wunderlin Member of the Board of Directors

5 Cashcloud - operative Management Olaf Taupitz Head of Product and Innovation Managing Director Denis Yakovlev Head of IT and Development Gordana Adolf Head of Marketing Klaus Steinkamp Head of Business Development and Sales Ioana Roman Head of Customer Satisfaction Michael Bastian Finance Manager

6 The most comprehensive mobile wallet solution Cashcloud turns your smartphone into a wallet. The mobile wallet application spans all of the key features needed for shopping, payments, collecting loyalty points and social messaging - both online and offline. Live since 11/2013 more than registered users Fully available in Germany, France, Spain and the Netherlands. 2014/ has already been recognised with 4 Awards

7 All features in just one application Money transfer between smartphones Digital coupons and offers Digital currency cashcredits Parental controls via a sub-account Many campaigns to earn money Pay contactless with the MasterCard NFC sticker Pay worldwide with the Prepaid MasterCard Extensive transaction overview

Cashcloud is Luxembourg's FinTech No. 1 The following FinTech companies are the ones to take Europe s FinTech into 2016.

8 Cashcloud is Luxembourg's FinTech No. 1 The following FinTech companies are the ones to take Europe s FinTech into While Silicon Valley and New York hold the top places, European FinTech companies are clearly posing significant competition. Source: Let s Talk Payments goo.gl/xos5gr

9 Can We Fintech are based Startups in the heart of Europe Change the World of Banking? Luxembourg is Cashcloud s first choice guidelines on issues of data protection and banking secrecy are at the highest level in Europe here qualified / international employees established financial industry the regulator is very well educated about mobile payment /emoney the legislation is up to date

growth is planned Expansion in the United States is in evaluation

10 An outlook we have big plans The expansion of cashcloud into 24 countries and 5 currencies (EUR/RON/GBR/PLN/CHF) Extensive user growth is planned Expansion in the United States is in evaluation Further expansion in the area of Big Data to monetize customer data And more to come

EBRC (European Business Reliance Centre) is certified several times and specializes in the financial market.

11 Stability with the best hosting provider For hosting our systems, we have chosen a high qualified hosting provider based in Luxembourg. EBRC (European Business Reliance Centre) is certified several times and specializes in the financial market. We are hosting our system in two independent data centers with mirrored databases, using Tier 4 data center technology. Thus we ensure that all data is kept on a secure physical and electronic infrastructure.

Security is our top priority - 1 Our website servers and app

Personal and account data are protected in our system against

It is transmitted only with secure encryption (TSL/SSL).

API, 2-Factor-Authentication, and only from predetermined

The users emoney is issued and managed by two regulated

12 Security is our top priority - 1 Our website servers and app are regularly supported with the latest security updates. Personal and account data are protected in our system against unauthorized access. It is transmitted only with secure encryption (TSL/SSL). Our system architecture allows access to data only through API, 2-Factor-Authentication, and only from predetermined applications and servers. The users emoney is issued and managed by two regulated institutions: Ingenico Payment Services and PPRO Financial Ltd. Maximum safety with prepaid: The cashcloud emoney account is based on the prepaid principle.

We do testing of our app in a real environment and analyze device specific crashes full Change Management.

13 Security is our top priority - 2 Secured channels for all type of connections between mobile apps, API and other components. We apply systematic approaches on improving app stability and release regularly maintenance updates. We do testing of our app in a real environment and analyze device specific crashes full Change Management. Stress/Load/Performance testing during application development cycle for each new version. We monitor our servers 24/7 and are ready to fix issues whenever they occur. Constant updating of all system components.

14 Regulatory compliance requirements We follow and support the compliance requirements from our emoney partners PEP Political Exposed Person KYC Check Anti-money laundering Sanction list

Regulatory requirements Consumer Rights Directives Interchange Regulation regulation Anti-Money Laundering Laundry Directive Regulatory

15 Regulatory requirements Consumer Rights Directives Interchange Regulation regulation Anti-Money Laundering Laundry Directive Regulatory requirements we we have to to follow SecuRe Pay PSD2 Directive directive emoney E-Money Regulation Data Interchange Protection regulation Act

16 Moving forward to HCE HCE is a pure software solution All data generated for transactions is not stored on independent hardware but centrally, in a secure server environment The smartphone does not require a specific SIM card The app does not need to be linked with a security module (esecure element) within the device, as is required, for example, in Apple Pay and most mobile wallets from MNO's. The credit card will be digitized and tokenized Tokenized card information of the primary or replaced PAN are generated on the server and delivered to the device to be used or stored directly. Card Emulation with a Secure Element Android Machine Host CPU Host Card Emulation Android Machine Host CPU NFC Controller Secure Element NFC Controller Payment Data NFC Payment Terminal NFC Payment Terminal Payment Data

How HCE in a wallet application works PAN

through category codes Solutions using prepaid

17 How HCE in a wallet application works PAN substitution only valid one time but with full transparency Per transaction only one PAN NFC or online enabled, diverse control elements possible through category codes Solutions using prepaid cards as a sub-card providing a perception of higher security

18 Links cashcloud Cashcloud SA 37, Val Saint André, L-1128 Luxembourg Olaf Taupitz: Gordana Adolf: