Steve Marshall on securing digital payments

Steve Marshall was interviewed by InfoRiskToday about securing digital payments.  The interview synopsis is as follows:

Developing nations that are moving to digital payments, especially for the unbanked, need to keep in mind security lessons learned in other markets that are ahead of them, including Europe, says Steve Marshall, founder at Risk-X, a U.K.-based audit and risk assessment consulting firm.

“When you talk about payment security, the best option is to devalue the payment [platform]. If you’ve got data within your environment … if it is accessible in terms of your systems and solutions, you will be a target,” Marshall says in an interview with Information Security Media Group.

Marshall highlights a few common mistakes made by European digital payments firms:

  • Poor security practices in terms of data that flows across systems;
  • The use of API-based ecommerce methods without appropriately secured systems.

“One must use point-to-point encryption or have a solution provider who gives you end-to-end encryption, and have secure voice technologies,” he says.

In this interview, Marshall, who was a speaker at the PCI SSC summit in Cape Town, also discusses:

  • The digital payments market in Europe;
  • The lessons developing nations can learn from mistakes made by payment companies in Europe;
  • Mobile payments trends in 2018.

Marshall who is based out of U.K. specializes in business consulting, payments, compliance, breach clean-up, enterprise architecture validation, assurance, corporate/information security, security restructures and risk across many business verticals and markets.


For the full interview podcast please see:

Interview by:

Steve Marshall