How a new payment tech lab is approaching the cyberwar threat

Synechron was getting ready to launch a technology program to help financial institutions respond to real-world payment challenges. Then things got very real.

"The threat of a new cyberwar all of a sudden creates an additional layer of risk," said Sandeep Kumar, managing director and head of Synechron's PayTech Accelerator Program, which launched last week. "Something like fraud or a new security risk can come up very quickly and through multiple channels."

The payment-focused accelerator uses shared technology tools to help banks and other financial institutions respond quickly to problems or opportunities that involve payment processing.

"What we're interested in is finding a real-time kill switch, solutions that can see suspicious transactions or a malware threat and shut down access proactively," said Sandeep Kumar, the head of Synechron's PayTech Accelerator Program.

One problem that currently requires a rapid response: Russia’s invasion of Ukraine, which has sparked concerns about a new wave of fraud, malware and cybersecurity problems impacting businesses, financial institutions and payment rails.

That said, cyberattacks and payment fraud incidents linked to Russian sources have been a problem for years. Russian hackers were linked to a 2013 credit card theft ring that used computer hacks at payment processors and retailers to steal more than $300 million. Experts warned last week that Russian cyberattacks on Ukrainian financial targets could have ripple effects in the U.S.

"Previous cyberattacks leveraged by Russia have created far-reaching consequences beyond what seemed to be the intended target," said Dick Wilkinson, a strategic advisor for Aite-Novarica in Des Moines, Iowa. "The biggest threat right now would be an uncontrolled spread of some malware variant that is not currently documented."

The U.S. government has issued a warning that web attacks could target a variety of businesses, including financial institutions, communications networks and utilities. Attacks on financial institutions could disrupt payment processing, while fraudsters could install malware or engage in account theft to perform illegal transactions to fund other acts of sabotage, according to Kumar.

New York-based Synechron, a payment consultancy and technology company, hopes to enable more proactive responses to fraud and cybersecurity problems through the use of machine learning and other emerging data risk techniques. The idea is that financial institutions will be able to deploy the solutions or offer them to other firms.

"What we're interested in is finding a real-time kill switch, solutions that can see suspicious transactions or a malware threat and shut down access proactively," Kumar said.

Synechron also operates software development programs and sandboxes in areas such as regulation, investment, insurance and wealth management.

The company’s payments accelerator is relying on Synechron’s own internal experts and new employees who joined last year following its acquisition of Attra, an Australian payment technology firm.

Synechron did not name participants in the PayTech Accelerator. The accelerator provides open development tools and is focused on five areas, including fraud and web payment security threats.

The other four areas are: helping banks to set up buy now/pay later lending programs; running a simulator to encourage interoperability through the use of the international digital payments messaging protocol ISO 20022; managing data to power real-time cash and liquidity forecasting for faster payments; and operating a treasurer's portal to manage inflows and outflows for cross-border payments.

At the moment, the buy now/pay later business and web security are grabbing the attention of payment companies.

"Some of the use cases we're looking at with the accelerator can be planned longer in advance," Kumar said. "But there are other things like the war that can pop up very quickly and toss plans into flux."

Banks and buy now/pay later

Synechron sees an opportunity in helping banks to offer their own version of BNPL loans, which have grown quickly over the past two years.

The BNPL business is at a crossroads, since the companies that sparked the growth are hitting regulatory headwinds, and their financial performance has fallen short of investors' expectations.

Those factors have created an opportunity for banks to offer installment lending programs, according to Kumar.

"The BNPL market has been dominated by fintechs," Kumar said, though he noted that large banks are pushing into the market either through partnerships or with their own products.

Small banks have not been active in BNPL, creating a gap in their product offerings that can be fixed through an application programming interface that makes upgrades to accommodate faster analysis of credit data, Kumar said.

"Small banks can use new tech, but even many banks of good size have outdated customer onboarding for BNPL," Kumar said. "With BNPL the decision on the lending has to be made in a few seconds. A lot of banks aren't ready for this, so there's a lot of overhauling that needs to be done."

Tim Sloane, vice president of payments innovation at Mercator Advisory Group in Concord, Massachusetts, said banks will face challenges even after making upgrades to accommodate BNPL lending.

To better compete with fintechs, banks offering BNPL programs will need to go further — for example, by partnering with a third-party mobile wallet to speed the installment lending process at the point of sale, Sloane said.

"Responding quickly to a new business opportunity is different, and technology is not the only issue," he said.

For reprint and licensing requests for this article, click here.
Technology Cyber security Cyber attacks Payments
MORE FROM AMERICAN BANKER