3 minute read
How to prioritize security?
Insights from the payment processing industry
Monika Liikamaa is a Co-founder, CEO and Chair of Nordic payment service provider Enfuce.
Advertisement
When it comes to compliance and security, no other industry is as strictly regulated as the financial industry – especially when working with payment processing like we at Enfuce do. That’s the playground I have been in for the last 20 years. During all these years, I’ve learned to love the regulated and controlled environment.
In payment processing, we’re handling sensitive data about people and their payments. When you are dealing with money you need to be aware of the negative side, involving money laundering, human trafficking and terrorist funding. That’s why the strict regulations are more than justified.
When systematic, industry-wide regulations that require compliance and security are missing, many industries rely on self-monitoring and following best practices. Unfortunately, the lack of these regulations often leads to industries falling behind. I’m certain that companies are not neglecting security and compliance factors on purpose. They have a lack of knowledge and understanding. For these companies, security is not a priority unless it has to be. Yet, regulation is a great way to make it one.
Security not being a priority for every company highlights the fact that we should share our knowledge across industries. The financial industry is a great benchmark and place to learn for many others.
BUILD, MAINTAIN, AUDIT AND REPEAT
Enfuce was the first company in the world who took payment processing to the public cloud. That was already years ago and I still hear arguments suggesting that the cloud is not a safe place to store sensitive or toxic data.
It is true that the security and compliance of on-premise solutions or the cloud shouldn’t be taken as a given. Security is all about how you build your solution, how you maintain it and the way you audit it. I often compare this to building a house. First, you create a building plan that includes for instance house strength calculations. This plan then needs to be approved by an external party before you can start the building process. When the house is complete, you constantly keep maintaining it.
It is a principle we have had from the beginning. So, when you are building a solution, make sure that it is secure also in the future as your business grows. Circling back to the house analogy – you don’t want to build a house where you find indoor air problems after a few years or realize that it’s way too small right after completing it.
COMPLIANT AND SECURE SERVICES DO NOT MEAN BAD USER EXPERIENCE
One often-heard story is about security and how it leads to bad user experience. When we think about paying, only a few people like it. Consumers want to make their payments fun and effortless. One good example is Klarna. People keep using it when shopping online even though it is not based on strong customer authentication, which increases the risk of misuse. It just feels so effortless.
When I was working as a CIO, I wasn’t interested in the end-user experience. My performance was measured in other KPIs.
I’m sure that in the future we will see plenty of user-friendly, effortless, and secure payment services. Enfuce and I will stay at the forefront of this development.
Monika Liikamaa is a Co-founder, CEO and Chair of Nordic payment service provider Enfuce. Monika’s visionary thinking and her 20+ years of experience in the fast-paced payment industry has enabled Enfuce to integrate services for its customers in record time.
ABOUT ENFUCE
Enfuce offers payment, open banking and sustainability services to banks, fintechs, financial operators, and merchants. By combining industry expertise, innovative technology, and compliance, they are delivering long-term and scalable solutions quickly and securely. Established in 2016, Enfuce currently employs 70+ driven professionals in the Nordics and has 13 million end users on their platform.
