The New Payment Platform (NPP) is a large industry-grade payment portal being developed by the reserve bank of Australia. This decision was taken by the board to produce an innovative payment system for the country. The platform will be the new national structure for the implementation of a fast, flexible and payment platform in Australia. The New Payment Platform is to go online in the second half of 2017 (Hayashi 2015). The report further discusses about the overview of the New Payment Platform, what cryptography method should be used by the organization to implement the payment portal and save the data from theft and the analysis of the Public Key Infrastructure to support New Payment Platform.
Overview of New Payment Platform (NPP)The new payment platform (NPP)?
The New Payment Platform is the new infrastructure created for doing payment for the economy of Australia. The evolving trend of being active 24/7 has prompted the creation of this payment portal for consumers, business and the government to make faster and more data rich payment. The site offers real time clearance and settlement of the payment procedures between two or more persons at the same time. The portal can simplify the usage procedure by using addition information like addressing service (Chaaya and Anderson 2017). The New Payment Platform Australia and 13 other financial companies, which even a larger addition of more financial services when the infrastructure is sent online, are developing the platform. It has been found that once the service goes online than most of the Australian banks will be able to do data rich transactions. The outreach will increase gradually as more institutions and organizations will join the platform (Tellez 2017). The first product to be delivered by the NPP will be Osko made by BPAY. The platform will enable the users to send money to anyone connected to the system at any time of the day with the use of a much simpler addressing method like phone numbers or email address.
Benefits of the new payment platform (NPP).
The most obvious benefits of the New Payment Platform is the immediate transfer of funds from one account to another. Making of large purchase can be done easily as the money can be easily transferred from the account of the buyer to the seller (Tompkins and Olivares 2016). Small everyday sale and purchase can be easily done without much hassle of the use of the check system. The users will be able to use their mobile phones to transfer the funds instantly. Apart from the usage to transfer and receive funds easily, it can also be used to make a revolutionized transfer of authentic information with the money being transferred. The use of ISO 20022 is used to predefine a regulation format for sending and receiving of messages (Lindsay 2015). This benefit will allow the users to do free texting like the memo section of the check they were using before. The additional information is termed as overlays. This changes the way the application can be used by the users. As the messages are extensive overlays the banks does not require being the intermediary of the messaging system.
Potential risks of the new payment platform (NPP).
The officials have not yet disclosed the main potential risks about the New Payment Platform. The report suggest some of the risks that may be associated with any type of online payment portal:
- Network issues – if the users or the organization does not get adequate bandwidth of data transfer then they will not be able to use the system.
- Hackers – threat from the hackers are always there. Cyber-attacks are always occurring in different banking organizations, which are mainly targeted for their money (Guo et al. 2015).
- Data theft – stealing of the information of the clients and the banks connected to the system can cause issues of data theft. The data of such systems are of huge risk if it falls in the wrong hands.
- Fraud – fraud payment mechanism of credit transfer into phantom account will be one of the largest risk the portal can face (Zhiling et al. 2015).
- Wrong username input: as the system uses a new type of addressing mechanism like phone numbers or email address, the sender can make a mistake in entering the details, which might result in the wrong transfer of the funds. This can be removed by using a one-time password, which would allow the sender to check the details of the transaction before confirming it.
Cryptography to be Used in New Payment Platform (NPP)
Cryptography is the implementation of data protection process where the data is merged with a security key to produce a new information safe from hacking. After encryption, the data cannot be read easily without knowing the key that was used to perform the encryption (Hing, Kelly and Olivan 2017). The same key needs to be used on the encrypted data to decrypt it and retrieve the original information. The process is used to safeguard the data from the hands of hacker and data thief’s.
The encryption procedure has four steps as a whole for the payment portal:
- Encryption algorithm: The use of Data Encryption Standard (DES) is problematic as it is a 56-bit key encryption method. This is short for the use of a portal gateway platform. Thus, an improved version was developed for the use in payment gateways termed as triple DES. It uses a 168 bits key encryption bits. This is acceptable to be used in the payment gateway implementation (Nwogugu 2016). Another encryption method known as advanced encryption standard has also been proposed, but the calculation is slow. Thus, the best-suited encryption standard is triple DES for the gateway implementation.
- Applicable Areas: The information of the clients and the banks should be encrypted wherever applicable. Any type of email conversation or messages should be encrypted so prevent data theft (Pollari 2016). As all of the transaction and the application will be using wireless network the transfer packets and the network should be protected to prevent eavesdropping on the network packets.
- Encryption Keys: The encryption keys should be shared with a limited number of people of the organization. The keys should also be stored at secured places.
- Key Management process: The keys generated should be strong enough to be able to do all types of encryptions securely. Keys should be shared using secured channels of communication. Periodic changing of the keys help to secure the encryption format better. Once a new key is generated, the old key should be destroyed (Neyer 2014). The best way to store the keys is to split the key up into two or three parts and share the parts among two or three people. This would help in securing the key. Any activity, which is being done using the key, should be logged into a file for future checking. If at any point the key is compromised then the key has to be changed immediately. Key management procedure is completely automated. Thus producing a better-secured form of encryption.
Public Key Infrastructure (PKI) to Support New Payment Platform (NPP)
In 2005, the developers of New Payment Platform signed a contract with SWIFT to help the organization with designing, building and operating the platform for the organization. SWIFT in one of their official reports regarding their working in the New Payment Platform has stated that they will be implementing the public key infrastructure (PKI) in the messaging channel that will be used in the system (Bott and Milkau 2016). All users of the portal will be able to use the facility of PKI to have full authenticated messaging between the user and the client. SWIFT has stated that they have the use of advanced design, which will promote fast transaction methods and keep the time used low with the help of the advanced PKI system. The PKI system will have powerful decentralizing validation processing and preprocessing benefits for the details being exchanged.
From the above report it can be concluded that the New Payment Platform will be an innovation for the Australian nation. The users and the bank clients will be able to do their transaction in a better way than before. The implementation of the encryption procedure will be helpful for the users to have safe transactions for their business and the availability of the portal on a 24/7/365 days make it more intriguing to be used by the organizations. The option to add memo with the transaction amount will help them to follow the transaction trail as they used to do with the checking mechanism with the banks. The option of transferring large amount of money also helps large companies to do their transactions easily and in less amount of time.
The recommendation for the organization crating such a good portal for organizations and banks to use can only be summarized to say that, they should put security as their top priority. Using the applications and the payment portal by the organizations and the clients should be made secured with the help of encryption of the data. The most important aspect that any user will search for in any organization that will be dealing with their money is security. Using better encryption standard in the messaging and the transaction as if the above discussed triple data encryption standard mechanism
Bott, J. and Milkau, U., 2016. Towards a framework for the evaluation and design of distributed ledger technologies in banking and payments. Journal of Payments Strategy & Systems, 10(2), pp.153-171.
Chaaya, M. and Anderson, P., 2017. Regulatory reform agenda: What does it mean for the banks?. Governance Directions, 69(4), p.228.
Guo, Z., Kauffman, R.J., Lin, M. and Ma, D., 2015. Near real-time retail payment and settlement systems mechanism design.
Hayashi, F., 2015. Faster payments in the United States: how can private sector systems achieve public policy goals?.
Hing, A., Kelly, G. and Olivan, D., 2017. The Cash Market. The Sensitivity of Personal Income to GDP Growth 1 Factors Affecting an Individual’s Future Labour Market Status 11 Measures of Inflation Expectations in Australia 23 The Cash Market 33 The Future of Cash 43, 4, p.33.
Lindsay, S., 2015. ISO 20022 and real-time domestic payments. Journal of Payments Strategy & Systems, 9(1), pp.22-29.
Neyer, G., 2014. Lessons learned from 24/7 payments operations. Journal of Payments Strategy & Systems, 8(2), pp.129-146.
Nwogugu, M.C., 2016. Corporate Governance, Financial Stability and Evolving Insurtech: The Case of Insurance Australia Group (2011-2016).
Pollari, I., 2016. THE RISE OF FINTECH: opportunities and challenges. JASSA, (3), p.15.
Tellez, E., 2017. The Ongoing Decline of the Cheque System. Houses and Apartments in Australia 1 Estimating the NAIRU and the Unemployment Gap 13 Australian Capital Flows 23 Banking Fees in Australia 35 How Have Australian Banks Responded to Tighter Capital, p.57.
Tompkins, M. and Olivares, A., 2016. Clearing and Settlement Systems from Around the World: A Qualitative Analysis. Bank of Canada= Banque du Canada.
Zhiling, G.U.O., KAUFFMAN, R.J., Mei, L.I.N. and Dan, M.A., 2015. Near Real-Time Retail Payment and Settlement Systems Mechanism Design.