Connect with us

Security

Upperlink Secures PCIDSS For Payment Gateway Deployment In Five African Countries

Published

on

, SiliconNigeria

Upperlink, a Payment Solution Service Provider (PSSP) has announced it has obtained the Payment Card Industry Data Security Standard (PCIDSS) certificate. Through this the firm is ready to own and deploy its Payment Gateway and make it ready to service retail markets across the five African countries where it operates.

According to a statement signed by the managing director and chief executive officer, Segun Akano, the firm has been a leading aggregator with the Nigeria Inter Bank Settlement System (NIBSS), relying fully on the security and solid infrastructure of NIBSS alone.

Having stabilised its services with NIBSS which focuses on account-to-account transfers through which the firm have built enterprise applications for government and corporate institutions in Nigeria, “we intend to do more for Nigerians and other Africa countries with card payments which can address the needs of the retail markets”, Akano said.


Through Upperlink’s compliance with the rigorous PCI standard, customers using its payment services to route mission-critical applications “can be assured that their information security is maintained at the highest level and has been independently validated”, he added.

He reiterated that the PCIDSS certification is an attestation that the company’s process adhere to the international security standards in the payment industry, and that it maintains payment security which is a requirement for all entities that store, process or transmit cardholder data.

“We have embarked on this journey with customer protection and satisfaction in view. Our numerous clients are assured of the prevention of data breach, data privacy and security. With the PCIDSS, we have consolidated our position in the electronic collection and electronic payment space across the sub-Saharan Africa”, he said.

The PCIDSS is a set of industry-mandated requirements for any business that handles, processes, or stores branded cards types from the major card schemes. It was developed to protect consumers and their data whenever and wherever they make online payments.The security requirements is maintained by the Payment Card Industry Security Standards Council, which was founded in 2006 by American Express, Discover, JCB International, MasterCard and Visa Inc. The standard applies to any organization that stores, transmits or accepts cardholder data.

Akano explained that by complying with the arduous requirements of PCIDSS, Upperlink provides its customers with an independent and industry-accepted security review of processes, policies, and infrastructure and software development methodology.

“We are happy and ready to serve our customers from our fully PCIDSS compliant infrastructure. The team have put in an enormous work to achieve this capability. It gives us the capacity to serve our customers excellently. It is a proof that we are providing the most secure and reliable payments services to meet their business and individual needs,” Akano said.

PCI compliance has six core objectives. These include to build and maintain a secure network, protect cardholder’s data, maintain a vulnerability management programme, implement strong access control measures, regularly monitor and test networks and maintain an information security policy.

These objectives are maintained through a set of strict regulations merchants and payment service providers must follow to collect and transfer credit card information. Upperlink guarantees all of the set objectives to deliver.

Continue Reading
Advertisement Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Digital Economy

Championing An Inclusive Digital Identity Approach In Africa – At Scale

Published

on

, SiliconNigeria

As digitisation accelerates across Africa, the demand for liveness detection and online identity authentication services has become critical. The act of identifying ourselves is under rapid transformation, especially when it comes to using biometrics to access financial and governmental services. If executed correctly, this offers an opportunity for greater inclusivity than ever before.

Gur Geva, Founder and CEO of iiDENTIFii, says, “Face biometrics offers a ground-breaking solution to identity verification (IDV) on the continent in that it is secure and simple to use. Yet this solution will only truly work if the algorithm that underpins face biometrics is trained on the full scope of African faces and can be executed at scale.”

Historically, proof of identity was only available to those who could fulfil a rigid set of criteria. One of the main barriers to a person opening a bank account, for example, would be the inability for them to prove their identity without any formal identity document or proof of formal address. According to the World Bank, 57% of Africans still do not have any kind of bank account, including mobile money accounts. This translates to about 360 million adults in the region and approximately 17% of the total global unbanked population without access to formal financial services, a recent study by BPC and Fincog found.

Sustainable Development Goal 16:9 aims “to provide legal identity for all, including birth registration by the year 2030”. Digital identity plays an active role in meeting several other SDGs, including universal health and education access and financial inclusion.

Remote face authentication is a crucial step in bridging the digital divide in Africa.

Geva explains, “The digitally excluded are missing out on access to social and financial inclusion. Those who do not have access to newer technologies are disadvantaged in healthcare, education and financial support. The mere ability to confirm one’s identity digitally is a key that opens the doors to essential financial and civic services without the risk of impersonation or fraud.”

Diversity in face recognition is the key factor for success in Africa. Yet historically, a large-scale database of African faces has been lacking. Thanks to new developments in technology, this barrier is no longer in place. Geva adds, “Respecting diversity in biometric authentication is a core consideration in our business. For this reason, we have trained our algorithm on over 50 million African faces. This translates into identity for all, but specifically identity for all Africans.”

Through a triangulated authentication process, iiDENTIFii’s technology establishes that the person on the other end of the screen is real, live and transacting at that moment. This multi-faceted facial scan is further verified with key data from the person’s ID document and information from the relevant government databases. “Identity fraud has historically been difficult to detect. Our technology can authenticate and automatically onboard a person in under 30 seconds. Our algorithm vastly reduces false accept and reject rates, fully protecting consumers and businesses,” says Geva.

A focus on verifying a living person, in other words establishing ‘liveness’, ensures that correctly mapping and verifying a diverse range of faces is possible. Geva explains, “With our technology, we are able to establish 3D passive and 4D biometric liveness. Our 4D Liveness is resilient to deepfake and replay attacks. It comprises different colour lights that reflect in a certain sequence off the user’s face which helps determine true biometric liveness.”

Inclusivity in technology extends beyond diversity. It also raises the issue of accessibility. “We have created a technology platform that can be used by very low-end through to very high-end smartphones,” says Geva, “Users can also access the platform via a mobile Software Development Kit (SDK), as well as web-based/browser SDK – which allows them to just click on a link to authenticate themselves, as opposed to downloading a large SDK onto their phones.”

With a simple, fast and secure approach that takes the full scope of African faces into account, biometrics becomes a compelling catalyst for financial and social inclusion. Geva concludes, “We believe that, with the right technology, all Africans can claim their identity and use it to their safety and benefit.”

Continue Reading

Security

NCC Washes Hands Off Obi Audio Conversation With Oyedepo

Published

on

, SiliconNigeria

Nigerian Communications Commission (NCC) has refuted reports of alleged complicity of the commission in the leaked audio conversation between presidential candidate of Labour Party (LP) Mr. Peter Obi and founder of the Living Faith Church, Bishop David Oyedepo.

In the audio conversation that went viral on social media, Obi was heard telling Oyedepo that the 2023 election was a “religious war,” and urged the pastor to mobilize Christians in parts of the country to vote for him.

Although Obi in the conversation did not appear to have incited religious violence, some politicians condemned the said statement, insinuating he plotted to divide the people on religious lines, a very sensitive issue in a polarised country after the February 25 presidential election.

In a statement, the director of public affairs at NCC, Reuben Mouka, debunked the allegations that the commission got the audio via phone intercepts and leaked it to Obi’s political opponents, an accusation it strongly denied.

Part of the statement read: “The Nigerian Communications Commission (NCC) has been inundated with enquiries by the media on allegations of telephone tracking and leakage made against the commission by some individuals and groups in the social and alternative media.

“The commission wishes to make the following clarifications: The commission denies the allegations in their entirety. By the provisions of the Nigerian Communication Act (NCA) 2003 and other extant Laws of the federation, the commission does not and cannot track nor leak telephone conversations of anyone.

“The commission has reported the allegations, which we take seriously, to relevant security agencies for proper investigation and necessary action.

“The commission restates its commitment to discharge its responsibilities to the Nigerian people in accordance with the provisions of the Constitution of the Federal Republic of Nigeria; the NCA 2003; and other extant Laws of the Federation; and global best practices.

“For the avoidance of doubt, the commission denies these allegations and advises the public to disregard them.”

Continue Reading

Security

NCC Recommends 2-Factor Authentication For WhatsApp Users

Published

on

, SiliconNigeria

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has recommended that users of the popular messaging app, WhatsApp, set up Two-Factor Authentication (2FA) to avoid falling victim to account takeover by hackers.

In an advisory, NCC-CSIRT noted that WhatsApp, which is a Meta-owned service, is increasingly becoming a prime target for hackers and scammers who are always looking for ways to gain unauthorized access to users’ accounts.

The CSIRT described two-factor authentication (2FA) as an identity and access management security method that requires two forms of identification to access resources and data.  

According to the advisory, “In the world of messaging apps, one of the most popular and recognizable is WhatsApp. WhatsApp is 100 per cent free to use, has a great mobile app, and supports audio and video calls. Whether you rely on WhatsApp for all your messaging needs or just use it from time to time, it is recommended to set it up with two-factor authentication (2FA). With this enabled, you will need to enter a custom PIN every time you log in to WhatsApp from a new device, adding an extra layer of security to your account.”  

The Team said, “2FA gives businesses or people the ability to monitor and help safeguard their most vulnerable information and networks. The 2FA is important because it prevents cybercriminals from stealing, destroying, or accessing your internal data records for their own use”. The advisory stated.

Continue Reading

Popular News