- New solution B-Secure has potential to impact Indonesia’s e-commerce growth
- More new technology and solutions in the pipeline to be rolled out across region
MALAYSIAN technology company Infinitium has been creating innovative technology for 20 years.
Infinitium Group of Companies chief executive officer Ho Ching Wee (pic, above) says that from the perspective of a tech company, 20 years is a long time but in the online payment industry, where Infinitium is a big player, 20 years is not long at all.
“It took us 10 years to build our reputation and trust, so it really depends on where you are standing,” he says.
Infinitium is an e-payment specialist, and one of the few in Southeast Asia that can claim to have end-to-end e-payment solutions, providing them to merchants, banks and consumers. In fact, it is the only company offering 3-D authentication solutions in Malaysia, Singapore and Indonesia.
In December 2016, Infinitium announced a strategic partnership with Indonesian payment system service provider PT Artajasa Pembarayran Elektronis where it would be the technology provider to implement the B-Secure payment authentication solution system in Indonesia to support Artajasa’s payment platform for issuing banks and merchants.
B-Secure is designed to be compatible with Artajasa’s principal shared ATM network ATM Bersama, which allows member banks to enable their proprietary ATM cards to be used for e-commerce transactions.
ATM Bersama allows ATM cardholders to use their cards for online transactions by issuing them a pin code through their mobile phones, which they then enter at the ATM when making a cash transfer to the merchant’s bank account.
B-Secure will basically allow cardholders to make online transactions with two-factor authentication using a dynamic one-time password (OTP) in the same way Visa or Mastercard cardholders do.
Though the partnership was announced last year, B-Secure is only being rolled out this year. Ho reveals that it officially went into production in October. The delay was due to the central bank of Indonesia’s new framework for its National Payment Gateway (NPG), announced early this year.
“Because of the regulatory change, we had to modify our solution to fit into the NPG framework. But it’s already in production and we have a line-up of banks and merchants ready to use the solutions. Hopefully, by 2018 we are going to see this blow up,” says Ho.
“This is big for us because it will really affect how e-commerce flourishes in Indonesia in a big way,” he adds.
Ho is not wrong; ATM Bersama’s network footprint consists of 87 banks, which translates to more than 100 million cardholders. Because B-Secure enables transactions to be authenticated, authorised and approved in real time and in a single and secured process, it will provide greater security and convenience for banks, merchants and consumers, which means it has the potential to greatly impact the growth of e-commerce in Indonesia.
Pioneering e-payment security solution
This is not Infinitium’s first big innovation. One of its earliest and the one that has impacted the fintech and e-commerce industries most profoundly so far is the technology behind dynamic one-time passwords (OTP) for online monetary transactions.
Infinititum created dynamic OTP technology in 2009 to supplement the 3-D Secure protocol that was the standard security protocal for Visa, MasterCard, JCB and American Express online transactions, and to overcome the issue of phishing.
Before dynamic OTP, consumers would have to enter their 16-digit card number, expiry date and CCV number and then enter a pin number when making an online purchase.
The static nature of the password made it and the credit card details vulnerable to phishing.
Ho says that Infinitium realised it could make use of the existing 3-D standard and improve it with dynamic OTP. This technology enables the bank to issue cardholders a one-time password through their mobile phone that they enter each time they use their cards to purchase goods online.
This two-factor authentication – requiring something the person knows (such as a password) plus something the person has (such as a specific mobile phone) - eliminates the problem of phishing and makes e-commerce transactions more secure.
Infinitium demonstrated the technology to Visa, who demonstrated it to the central banks of Malaysia and Singapore, the result of which was that, first the Monetary Authority of Singapore and then Bank Negara Malaysia mandated that all e-commerce transactions in their respective countries must be two-factor authenticated. Soon after, Visa and Mastercard set their global standards to two-factor authentication.
“This is what everyone is using now when they buy online. We are the ones who created the dynamic OTP and we deliver the OTP to your mobile phone. This was our first major innovation,” says Ho.
Ho says that once two-factor authentication became standard, merchants felt more comfortable accepting cards for e-commerce transactions.
“Of course, I’m not saying the e-commerce boom was entirely because of us. But I feel we played an important part in securing the payment process,” he says.
Next page: Anticipating and creating for the future