Kotak Launches New Payments Service

KayPay Enables Secure Transfers Via Facebook
Kotak Launches New Payments Service

Private-sector financial enterprise Kotak Mahindra Bank has launched what is describes as "the world's first bank agnostic instant funds transfer platform using Facebook."

See Also: Panel Discussion | Smartest Path to PCI DSS v4.0 on AWS

The new payments service, known as KayPay, allows 250 million Indian bank account holders to conduct 24/7 instant funds transfer by selecting recipients from their Facebook friends list.

"For the first time ever," KMB says in announcing the initiative, "millions of bank account holders can now transfer money to each other at any hour of the day or night, without needing net banking, or knowing various bank account related details of the payee."

But can KayPay ensure secure transactions? Yes, says KMB's Chief Technology Officer, Aruna Rao, who is confident that the security is comparable to other electronic banking products used by banks to provide anywhere-anytime payments.

"This platform will enable us to enhance customer engagement and help in building long-term relationships and increase customer loyalty," Rao says.

A New Approach to Banking

Facebook-based services are a recent phenomenon, and larger banks, such as State Bank of India, ICICI Bank and Federal Bank, have launched similar services. What is unique is how these services change the way people bank by empowering customers with an advanced user experience and simplified payments.

One of the drivers of the social media trend could be the growing prominence of Gen Y. Cap Gemini and Efma recently released the 2014 World Retail Banking report in which customers reported a decline in positive banking experiences for the first time in three years. It indicated that the growing prominence of Gen Y was an important reason behind the overall decline in customer experience ratings, underscoring the challenges in meeting the evolving demands and high expectations of the digitally savvy younger generation.

How KayPay works: KMB has partnered with the Reserve Bank of India and the National Payments Corporation of India to leverage the platform. The sender will have to register on Kaypay, a dedicated website, where that individual has to give bank account details and the bank's MMID, apart from personal credentials..

Once registered, the sender can initiate transactions. If the beneficiary is not registered on KayPay, that person will be directed to a page to do so. The recipient can register with the bank name, MMID, bank account number and so on, to make the transaction.

Further, both sender and receiver immediately receive notifications via SMS and on Facebook about the transfer. If the beneficiary is registered on KayPay, the transaction is executed faster. KMP does not levy additional charges for sending or receiving money.

Security Controls

From the start, KMB built KayPay with several fundamental security controls.

For one, even if a user's Facebook account is compromised, the service uses two-factor authentication to complete the transaction.

And like many mobile banking services, KayPay also has transaction limits. Rao says the bank has set a limit of Rs. 2,500 per transaction and a total of Rs. 25,000 per month for sending money. A beneficiary may also not get more than Rs. 25,000 per month.

Other controls put in place to ensure secure transactions include:

  • 256-bit encryption for communication between the client and server;
  • All transfers require a one-time password validation sent to the customer's registered mobile number/email ID,
  • Recipients must register to receive the funds within a specific time period. Otherwise, the transaction expires (funds are transferred back to the payer);
  • The KayPay site is monitored for phishing by a 24x7 security operations center.

Nandkumar Sarvade, an independent adviser on fraud, security and vigilance, doesn't see a major security challenge for KayPay, as the model is designed with security built-in for small value transactions; hence monitoring is easy.

Satisfying Business Needs

The biggest challenge to launching KayPay was to get approval from the business functions to ensure that the service provided customers the necessary flexibility while ensuring security.

"We ensured that the launch of this new digital initiative got buy-in from the heads of various groups, including the product group, information security and compliance, after sharing with them the outcome of the risk analysis performed before launching it," says Angelo D'souza, CISO at Kotak Mahindra Bank.

D'Souza adds that the bank used the IMPS platform on the National Payments Corporation of India (NPCI) network to enable the transaction. The account holder can initiate fund transfer to any person through mobile phone, via IMPS infrastructure. The IMPS platform has 28 banks under it, and account holders of any of these banks can use the service.

Measuring Success

With KayPay, D'Souza sees the opportunity to leverage the social connect to India's millions of mobile users and their Facebook accounts. Another reason: to make fund transfers for small amounts as easy as possible. This will increase the customer base. The model will complement the bank's other multi-channel transactions, services such as Jifi, a new-age digital service that is a non-interest bearing account, and which does not solicit any minimum balance requirement. The account holder can invite friends to leverage this service, which, in turn, creates awareness.

Dr. A S Ramasastri, a bank adviser, believes that while institutions may position themselves as interfaces for using new payment systems, customer awareness will make the program successful.

Asked about measuring the success of this emerging platform, Milind Rajhans, AGM-IT and CISO of the Hyderabad-based A.P. Mahesh Coop Urban Bank LTD., says, "Banks can see success if they scale up their social media capabilities and simultaneously increase customer awareness and create necessary bandwidth to respond to customer service issues faster."

Established in 1985, the Kotak Mahindra group is one of India's leading financial services conglomerates. In February 2003, Kotak Mahindra Finance Ltd., the group's flagship company, received a banking license from the RBI. With this, KMFL became the first non-banking finance company in India to become a bank - Kotak Mahindra Bank Ltd. Kotak Mahindra Bank has more than 624 branches and more than 1,150 ATMs spread across 357 locations in the country.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.