cloud

Would-Be Unicorn Seeks to Undercut Banks With Secure Cloud

Enfuce.jpg

As startups and investors gather in the most innovative country in the world, a financial newcomer wants to become a unicorn by providing faster and cheaper ways of processing credit card transactions.

There’s just one catch: it needs to persuade security-conscious clients to let their financial data be handled by a cloud service managed by an American retail giant.

“Our biggest challenge is the customer mindset,” said Monika Liikamaa, the 43-year-old chairman of Enfuce Financial Services Oy, a Finnish payment services provider based just a 20-minute drive from the headquarters of Nokia.

On Tuesday, she’ll be speaking at a popular startup meetup in Helsinki called Slush, which is expected to attract a crowd of more than 20,000 entrepreneurs, investors and nerds.

Banks are generally reluctant to let industry entrants run their infrastructure, and few fintechs dare try. Enfuce, which was founded by local industry veterans, bucks the trend.

In its first full year in business, in 2017, it made 3.3 million euros ($3.7 million) in sales, generating a profit of just under 300,000 euros. One of its first major clients was Finnish gas station chain ST1, which wanted a fully fledged credit card system, including support for Apple Pay. Enfuce is now targeting global sales of 600 million euros and a valuation exceeding $1 billion by 2025.

Amazon Cloud

Its basic business idea is to run a credit card system without owning expensive computer servers, which can quickly become obsolete. Instead, transactions and card data are hosted in commercially available servers owned by Amazon Web Services and located inside the European Union. That allows the system to instantly and easily adapt to demand spikes, such as on payday, while keeping costs in check.

The data is backed up every second, so when things go wrong, the customers’ cards stop working for just that second -- meaning most would never notice an outage. The services are secure and fully compliant with regulatory requirements, Liikamaa said.

The company acknowledges it faces a tough job convincing potential customers that third-party servers can be as safe as computers owned by the banks. Still, Enfuce has found that while banks are often intrigued, their compliance departments tend to put on the brakes.

“To some extent, the fear of cyber crime may be an issue” when it comes to the acceptance of new technologies, said Nina Rudanko, co-founder of industry organization Fintech Finland.

Liikamaa insists that some form of outsourcing makes sense.

Banks are so busy turning themselves into IT companies these days that they haven’t stopped to properly think about whether that infrastructure could be provided more cost-effectively and quickly by someone else, she said.

New World

“I wish Nordic banks dared to co-operate more,” Liikamaa said. “The banks’ business shouldn’t be about running IT. Banks should worry about supporting their customers in figuring out how to save and invest, buy a home and make payments. We can take care of the infrastructure.”

Enfuce’s wishes may soon be granted.

Although traditional banks tend to be “monolithic,” as Aleksi Grym, an adviser on digitization at the Bank of Finland, put it, the biggest lender in the Nordic region welcomes competition in the banking infrastructure space.

“My hope is that some of those technology companies that try to go into the core banking space" are successful, said Paul Bari, chief information officer and head of technology at Nordea Bank Abp. “Competition is healthy.”

Source: Bloomberg

OpenWay announces launch of WAY4 Host Card Emulation

WAY4 HCE gives financial institutions an opportunity to implement contactless mobile payments faster and easier. The first live demonstration of WAY4 HCE took place at the OpenWay OnWave user group at the end of 2014 in Paris.

WAY4 Host Card Emulation software - developed by OpenWay, a recognized leader in software for bankcard issuing and acquiring, payment processing, and omni-channel banking services - supports cloud technology specified by Visa and provides value-added financial services for customer attraction and engagement via mobile. 

WAY4 HCE allows banks to issue virtual cards on a phone instantly. In this way a bank can make an existing card NFC-enabled on a smartphone, issue a mobile copy of a lost card, or create a new card while the plastic version is in production. To use it the customer downloads a WAY4 HCE mobile app from Google Play or the bank website, opens it, selects the service, and links a card to the app or creates a new one. To support the service, WAY4 provides the bank with a cloud where all security data elements are stored and available for authorization.

Moving the security element from the SIM card to the cloud means removal of the need for an intermediary between the bank and the merchant, such as a mobile operator or another TSM. As a result, the project to launch the NFC service is simple and quick with lower costs. Using this solution, a bank can save on issuing plastic, restoring lost cards, and delivering cards. The service improves a customer experience, increasing client loyalty and strengthening the bank’s brand.

Alain Vansnick, Sales Director, OpenWay, noted: “The ability to issue NFC cards ‘on the fly’ opens new horizons for client attraction. Banks can offer prepaid virtual cards to potential clients outside their traditional branches – via ads on the Internet, mobile branches or events. For example, a combined co-branded virtual payment card with NFC pass and loyalty functionality can be designed for a musical festival and distributed through a special app for any participant. The customer can top up the new NFC card from any financial instrument.”

When a client makes a transaction on a POS terminal, the system contacts the security element in the WAY4 cloud server and gets there a security key that is necessary for the transaction. The WAY4 architecture assumes a fully secure environment, meeting PCI DSS requirements since sensitive information about cards is not kept on the mobile device.