If we are well, our money will be well

The first half of the programme featured presentations by invited speakers, followed by a more informal round table discussion on the practical challenges of the topics covered in the presentations, and finally a reception. The event was opened by the Rector of Corvinus University of Budapest, Bruno van Pottelsberghe, who in his opening speech pointed out that he had worked with Mastercard in his home country, in addition to the National Bank of Belgium, and was therefore familiar with the company of financial professionals.   

The next speaker, Gergely Márkus, Strategic and Operational Manager for Mastercard’s Hungarian and Slovenian markets, considered cyber security an important topic. He said that as Hungary will hold the Presidency of the Council of the European Union in the second half of 2024, the Ministry of National Economy will also play a key role in the further consideration of the PSD2 (Revised Payment Services Directive) regulation. He added that he explicitly welcomes the cooperation with Corvinus, as he believes that “industry dialogue is essential to achieve the most appropriate regulation”.  

Why are phishing attempts dangerous and how can we protect against them?  

The Magyar Nemzeti Bank was represented by Dr. Miklós Luspay, Head of the Financial Infrastructures and Monetary Circulation Directorate. In his presentation, he pointed out that the number of abuses in the digital space has increased because more and more people are keeping their savings in current accounts and criminal groups are moving with the target group. The data he presents shows that most of the abuse is through psychological manipulation, but phishing is also common. He said that real-time filtering systems and the setting of a transaction limit could help to detect fraud. In addition, he stressed that if the customer does not play an active role in disclosing their personal data, the bank will reimburse the amount stolen if there is a wrongful act.  

Mastercard’s Product Development Manager, Máté Nemes, said that IT security is a global problem that permeates the entire economy. The financial sector is directly affected by misuse, given the limited IT security of small and medium-sized enterprises, which are often attacked by phishing attacks. After such a digital siege, a significant number of affected companies go bankrupt within six months.  

What is new in the PSR and what could be improved?  

Dr Katalin Horváth, partner in the technology law team at CMS Budapest, presented the details of the PSR (Payment Services Regulation), which is an improved version of the already mentioned PSD2. What is new in this draft is that it pays more attention to the prevention of administrative fraud, and therefore the objectives include the development of a strong authentication system with the possibility of IBAN-based verification. In addition, there will be a stronger focus on transaction monitoring, which will assess the security of a given money transfer based on historical transactions and patterns. Accessibility of devices and software for disadvantaged people will also be a priority, which would help users with digital disabilities. Another significant change is that banks will no longer be allowed to send emails with links or attachments, eliminating another way to defraud.   

In Hungary and Slovenia, Boris Martinovic, Director of Public Policy at Mastercard, also presented on the PSR. He advocates the legalisation of biometrics based on behavioural and environmental data, so that the technology can serve users in the long term. He believes it is important that when data is shared, not only payment service providers but also technical service providers should have access to the data, as this would make it easier to work with. It also suggests that retail chains should enter into outsourcing agreements with financial institutions to enable customers to pay in the chain’s app, which is difficult to achieve due to strict legal requirements.  

What is the way forward? 

After the presentations, the formal part of the conference was closed with a roundtable discussion moderated by Portfolio.hu analyst Ádám Turzó, and featuring Dr. Andrea Kő, Head of the Institute for Data Analysis and Informatics at Corvinus, and the experts who had spoken earlier. They started the discussion by talking about their personal experiences of internet fraud and how they have solved them. They made it clear that fraud networks are also business-like, that is, they will continue their activities if it pays them to do so, and that Hungary is a market for them to work in. The concept of gross negligence on the part of the customer was also raised, as well as the difficulty of defining it precisely, which further reinforces the importance of a continuous dialogue between regulators and market and technical players. The need for biometric identification and the reliability of the storage of biometric data also revealed differences of opinion among participants.  

The concluding thoughts were that it is essential that services remain customer and people-centric. When shopping electronically, it is essential to be aware and vigilant, because “if we are well, our money will be well”. It is crucial that the financial sector, users and market players work together to find an effective solution to the problem of cybersecurity. And the EU’s financial competitiveness can only be maintained if Member States work together and adopt common regulations.  

Source: Közgazdász Online