Source: Finance Derivative

By Delia Pedersoli, COO, MultiPay Global Solutions

In the ever-evolving landscape of retail, one trend stands out: the meteoric rise of alternative payment methods (APMs). In recent years, alternative payment methods (APMs) have surged in popularity, constituting nearly 5% of all UK transactions, according to the 2023 BRC Payments Survey.

Among these APMs, Pay By Bank is quickly emerging as a frontrunner, poised to revolutionise the entire payment experience. As consumers increasingly prioritise mobile payments and convenience, the attraction of Pay By Bank gains momentum, reshaping how we choose to shop and make transactions. Notably, UK Finance expects that remote banking payments processed via Faster Payments Service or cleared in-house are projected to rise to £5.7 billion by 2031, nearly doubling from current figures.

Requiring no additional downloads for the customer, Pay By Bank works by users simply selecting the option on the payment device at checkout to scan a uniquely generated QR code that automatically opens their mobile banking app to authorise the transaction. Once approved, funds instantly transfer from the customer’s bank account to the merchant.

A Win-Win For Customers And Merchants

With the rise of today’s ‘zero consumers’ – one that has zero boundaries between the channels they use to shop, zero loyalty to any particular brand and zero patience for bad service and experience – the ability for Pay By Bank to cater to these demands will only help retailers stand in good stead with shoppers. Without needing to go via a third-party app, shoppers can quickly and easy checkout in store by simply using their smartphone to bypass entering their card details or navigating cumbersome checkout procedures.

However, for the retailer, the advantages of Pay By Bank are even more compelling:

• Significant cost savings – by removing interchange and scheme fees, retailers pay minimal transaction costs every time Pay By Bank is used compared to credit and debit cards. These savings can either be taken as additional profit, used to drive growth elsewhere in the business or improve other aspects of operations and customer experience.
• Speed and accuracy – in today’s economy, it’s reassuring for retailers to have accurate and real-time visibility of revenue, with quicker access to reserves if its needed. With Pay By Bank, payments and refunds can flow seamlessly and almost simultaneously from the customer’s account to that of the retailer. With funds instantly transferred from the customer to the merchant, Pay By Bank also minimises exposure to fraud.
• Boosting loyalty – according to McKinsey, the rate of brand switching among consumers doubled from one-third in 2020 to half in 2022, with approximately 90% saying they’ll continue to do so in the future. This spells trouble for retailers. However, the streamlined process of Pay By Bank not only helps foster positive brand perception – combatting the ‘zero consumer’ trend – but also enables retailers to enhance customer understanding by integrating data insights into loyalty programs. Additionally, by consolidating payments from both in-store and online transactions, retailers can discern specific customer behaviours and preferences to tailor promotions.

Clearly, Pay By Bank serves as a multifaceted solution that not only meets the immediate requirements of retailers today but also lays the groundwork for future advancements in retail payment experiences. Choosing to collaborate with a technology partner able to build tailored payment solutions that can seamlessly integrate with existing systems provides merchants with a strategic advantage. Not only does it eliminate the need for substantial investments in new hardware or devices but ensures they can remain receptive to ongoing innovations within this dynamic landscape.

Where Is Pay By Bank Already Seeing Traction?

The rapid adoption of instant payments schemes such as Pay By Bank is already well underway in many parts of the world. In Europe, Sweden’s Swish platform stands out as a clear trailblazer that boasts over 8 million users processing an average of 10.21 transactions per customer in May 2023. Initially launched in 2012 as a peer-to-peer (P2P) mobile payment solution, Swish has since evolved to incorporate business transactions (P2B) and has now firmly embedded itself within Swedish payment culture.

As is evident from its early adoption, Pay by Bank presents an exciting and compelling opportunity for retailers to both supercharge customer experience and profits. In the not-too-distant future, the ability to make payments with such ease will be expected as standard by consumers. Those retailers who don’t prepare now will likely lose out. Staying one step ahead, especially in today’s economic climate, must be a priority.

Source: Finance Derivative

Dominik Samociuk, PhD, Head of Security at Future Processing

When more than 6 million articles of ancestry and genetic data were breached from 23 and Me’s secure database, companies were forced to confront and evaluate their own cybersecurity practices and data management. With approximately 2.39 million instances of cybercrime experienced across UK businesses last year, the time to act is now.

If even the most secure and unsuspecting businesses aren’t protected, then every business should consider themselves, and operate as a target. As we roll into 2024, it is unlikely there will be a reduction in cases like these. It is expected there will be an uptick in the methods and levels of sophistication employed by hackers to obtain sensitive data – something that continues to increase as a high-ticket commodity.

In the next two years, it is predicted that the cost of cyber damage will grow by 15% yearly, reaching a peak of $10.5 trillion in 2025. We won’t be saying goodbye to ransomware in 2024, but rather saying hello to an evolved, automated, adaptable, and more intelligent form of it. But what else is expected to take the security industry by storm in the near future?

Offensive vs. Defensive Use of AI in Cybersecurity

Cybersecurity is a symbiotic cycle for companies. From attack to defence, an organisation’s security experts must be constantly defensive against malicious attacks. In 2024, there will be a rise in the use of Generative AI with an alarming 70% of workers using ChatGPT not making their employers aware – opening the door for significant security issues, especially for outsourced tasks like coding. And while its uses are groundbreaking, Gen AI’s misuses, especially when it comes to cybersecurity, are cause for concern.

Cybersecurity breaches will come from more sophisticated sources this year. As artificial intelligence (AI) continues to surpass development expectations, systems that can analyse and replicate humans are now being employed. With platforms like LOVO AI, and Deepgram making their way into mainstream use – often for hoax or ruse purposes – sinister uses of these platforms are being employed by cybercriminals to trick unsuspecting victims into disclosing sensitive network information from their business or place of work.

Cybercriminals target the weakest part of any security operation – the people – by encouraging them to divulge personal and sensitive information that might be used to breach internal cybersecurity. Further, Generative AI platforms like ChatGPT can  be used to automate the production of malicious code introduced internally or externally to the network. On the other hand, AI is being used to strengthen cybersecurity in unlikely ways. Emulating a cinematic cyber-future, AI can be used for the detection of malware and abnormal system/ or user activity to alert human operators. It can then equip staff with the tools and resources needed to respond in these instances.

Fatally, like any revolutionary platform, AI produces hazards and opportunities for misuse and exploitation. Seeing a rise in alarming cases of abuse, cybersecurity experts must consider the effect these might have before moving forward with an adaptable strategy for the year.

Data Privacy, Passkeys, and Targeting Small Businesses

Cybercriminals using their expertise to target small businesses is expected to increase in 2024. By nature, small businesses are unlikely to operate at a level able to employ the resources needed to combat consistent cybersecurity threats that larger organisations face on a daily basis. Therefore, with areas of cybersecurity unaccounted for, cybercriminals are likely to increasingly exploit vulnerabilities within small business networks.

They may also exploit the embarrassment felt by small business owners on occasions like these. If their data is being held for ransom, a small business owner, without the legal resources needed to fight (or tidy up) a data breach is more likely to give in to the demands of an attacker to save face, often setting them back thousands of pounds. Regular custom, loyalty, trust, and reputation makes or breaks a small business. Even the smallest data breaches can, in one fell swoop, lay waste to all of these.

Unlikely to have dedicated cybersecurity teams in place, a small business will often employ less secure and inexpensive data management solutions – making them prime targets. Contrary to expectations, in 2024, we will not say goodbye to the employment of ransomware. In fact, these tools are likely to become more common for larger, well-insured companies due to gold-rush on data harvesting.

Additionally, changing passwords will become a thing of the past. With companies like Apple beta-testing passkeys in consumer devices and even Google describing them as ‘the beginning of the end of the password’, businesses will no doubt begin to adopt this more secure technology, stored on local devices, for any systems that hold sensitive data. Using passwordless forms of identification mitigates issues associated with cyber criminals’ common method of exploiting personal information for unauthorised access.

Generative AI’s Impact on Information Warfare and Elections

In 2024, more than sixty countries will see an election take place, and as politics barrel towards all-out war in many, it is more important than ever to safeguard cybersecurity to account for a tighter grip on fact-checked information and official government communications. It is likely that we will see a steep rise in Generative AI supported propaganda on social media.

In 2016, amidst the heat of a combative and unfriendly US Presidential election, republican candidate Donald Trump popularised the term ‘Fake News’, which eight years later continues to plague realms of the internet in relation to ongoing global events. It was estimated that 25% of tweets sampled during this time, related to the election, contained links to intentionally misleading or false news stories in an attempt to further a viewpoint’s popularity. Online trust comes hand-in-hand with security, without one the other cannot exist.

While in 2016, the contemporary use of AI was extremely limited in today’s terms, what becomes of striking concern is the access members of the public have to platforms where, at will, they can legitimise a controversial viewpoint, or ‘fake news’ by generating video or audio clips of political figures, or quotes and news articles with a simple request. The ability to generate convincing text and media can significantly influence public opinion and sway electoral processes, destabilising a country’s internal and external cybersecurity.

Of greatest concern is the unsuspecting public’s inability to identify news generated by AI. Cornell University found that people were tricked into finding new false articles generated by AI credible over two-thirds of the time. Further studies found that humans were unable to identify articles written by ChatGPT beyond a level of random chance. As Generative AI’s sophistication increases, it will become ever more difficult to identify what information is genuine and safeguard online security. This is critical as Generative AI can now be used as ammunition in information warfare through the spread of hateful, controversial, and false propaganda during election periods.

In conclusion, the near future, like 2023, will see a great shift in focus toward internal security. A network is at its most vulnerable when the people who run it aren’t aligned in their strategies and values. Advanced technologies, like AI and ransomware, will continue to be a rising issue for the industry, and not only destabilise networks externally, but internally, too, as employees are unaware of the effects using such platforms might have.

Colin Redbond, SVP Product Strategy, SS&C Blue Prism

Whether its customer chatbots or digital workers improving workflow, daily use of Artificial Intelligence (AI) and Intelligent Automation (IA) is under scrutiny.

With automation rising, nations are grappling with the ethical, legal, and societal implications and crafting AI governance laws, requiring business leaders to also prepare for these far-reaching changes.

The proposed EU’s AI act – considered the world’s first comprehensive law safeguarding the rights of users – is expected to regulate the ever-evolving needs of AI application developers in the EU and beyond.

Transparency and authenticity significantly influence brand perception, particularly among Gen Z – 32% of the global population. With high expectations, they only support brands aligned with their values.

Banks, auditors, and insurers, and their supply chains – adept at meeting legislation like Europe’s GDPR and Sarbanes Oxley in the U.S. – necessitate a similar approach with AI. Governance will influence everything from governments, robot manufacturing and back-office apps to healthcare teams using AI for data extraction.

Non-compliance could be substantial, with the EU suggesting fines of €30 million or six percent of global annual turnover, whichever is higher, so identifying AI integration points, workflows and risks is vital.

SS&C Blue Prism, through industry collaboration, offers guidance on governance roadmaps, ensuring businesses are well-prepared to meet evolving requirements while leveraging AI effectively.

Need for immediate action
The legislation also scrutinises automations, ensuring compliance as they innovate automated tasks, BPM data analysis, and business-driven automations. IA, with its auditable digital trail, becomes an ideal vehicle, providing transparent insights into actions and decisions, safeguarding record-keeping and documentation – crucial across the AI lifecycle.

Establishing and maintaining AI governance also fosters ethical and transparent practices with executives to employees, ensuring compliance, security, and alignment with organisational values, including:

• Top-down: Executive sponsorship ensures governance, data quality, security, and management, with accountability. An audit committee oversees data control, supported by a chief data officer.
  
• Bottom-up: Individual teams take responsibility for the data security, modelling, and tasks they manage to ensure standardisation, scalability enabling scalability.
  
• Modelling: Effective governance continuously monitors and updates performance to align with organisational goals, prioritising security in granting access.
  
• Transparency: Tracking AI performance ensures transparency and aids in risk management, involving stakeholders from across the business.

Frameworks for AI governance
Though standards are evolving, disregarding governance risks data leakage, fraud, and privacy law breaches so compliance and standardisation must be prioritised.

Governments, companies, and academia are collaborating to establish responsible guidelines and frameworks. There are several real-world examples of AI governance that – while they differ in approach and scope – address the implications of artificial intelligence. Extracts from a few notable ones are here:

The EU’s GDPR – not exclusively focused on AI – includes data protection and privacy provisions related to AI systems. Additionally, the Partnership on AI and Montreal Declaration for Responsible AI – developed at the International Joint Conference on Artificial Intelligence – focus on research, best practices, and open dialogue in AI development.

Tech firms like Google, Microsoft, IBM, and Amazon have created AI ethics guidelines, emphasising social good, harm avoidance, and fairness, while some countries have developed national AI strategies including governance.

Canada’s “Pan-Canadian AI Strategy” prioritises responsible AI development for societal benefit, focusing on ethics, transparency, and accountability. Establishing governance in your organisation involves processes, policies, and practices for AI’s responsible development, deployment, and use.

Reach governance greatness in 14 Steps
Government and companies using AI must incorporate risk and bias checks in mandatory system audits. Alongside data security and forecasting, organisations can adopt strategic approaches to establish AI governance.

• Development guidelines: Establish a regulatory framework and best practices for AI model development, including data sources, training, and evaluation techniques. Craft guidelines based on predictions, risks, and use cases.
  
• Data management: Ensure that the data used to train and fine-tune AI models is accurate and compliant with privacy and regulatory requirements.
  
• Bias mitigation: Incorporate ways to identify and address bias in AI models to ensure fair and equitable outcomes across different demographic groups.
  
• Transparency: Require AI models to provide explanations for their decisions, especially in highly regulated sectors such as healthcare, finance and legal systems.
  
• Model validation and testing: Conduct thorough validation and testing of AI models to ensure they perform as intended and meet quality benchmarks.
  
• Monitoring: Continuously monitor AI model performance metrics, updating to meet changing needs and safety regulations. Due to generative AI’s novelty, maintain human oversight to validate quality and performance.
  
• Version control: Keep track of the different versions of your AI models, along with their associated training data, configurations, and performance metrics so you can reproduce or scale them as needed.
  
• Risk management: Implement security practices to protect AI models from cybersecurity attacks, data breaches and other security risks.
  
• Documentation: Maintain documentation of the entire AI lifecycle, including data sources, testing, and training, hyperparameters and evaluation metrics.
  
• Training and Awareness: Provide training to employees about AI ethics, responsible AI practices, and the potential societal impacts of AI technologies. Raise awareness about the importance of AI governance across the organisation.
  
• Governance board: Establish a governance board or team overseeing AI model development, deployment and compliance with established guidelines that fit your goals. Crucially, involve all levels of the workforce — from leadership to employees working with AI — to ensure comprehensive and inclusive input.
  
• Regular auditing: Conduct audits to assess AI model performance, algorithm regulation compliance and ethical adherence.
  
• User feedback: Provide mechanisms for users and stakeholders to provide feedback on AI model behaviour and establish accountability measures in case of model errors or negative impacts.
  
• Continuous improvement: Incorporate lessons learned from deploying AI models into the governance process to continuously improve the development and deployment practices.

AI governance demands continuous commitment from leadership, alignment with organisational values, and adaptability to technological and societal changes. A well-planned governance strategy is essential for organisations using automation, ensuring compliance.

Establishing safety regulations and governance policies is vital to maintaining the security, accuracy, and compliance of your data. These steps can help ensure your organisation develops and deploys AI responsibly and ethically.