Secure Mobile Payments

Giesecke+Devrient is a German family business with a history of almost 170 years. The company started as a printing house for securities such as share certificates, banknotes, and travel documents. G+D's activities have expanded over time from security printing to payment cards and SIM cards, and increasingly to digital payment and authentication services.

Teemu Asikainen, R&D at G+D, explains that G+D’s Finnish unit has been developing secure digital payment solutions for 15 years, with banks and merchants around the world as its customers.

"We help banks engage their customers by developing a better customer experience. When the bank's own application handles the payment transactions and helps consumers intuitively manage their digital payment methods, all the customer's services can be brought together in one place in the way the bank wants," Asikainen says.

G+D's solution is based on virtual payment tokens that are compliant with international payment card standards and already widely enable payment by phone at merchant terminals. According to Asikainen, the same development will in the near future make it easier to pay in online shops and other environments, such as cars.

"Consumers no longer have to enter their payment card number and expiry dates, but instead, this information is updated securely in the back-end systems."

In addition to speed, payment security will improve significantly. Consumers will be able to see which services their payment data is linked which and to control which services they want to keep active, even setting security limits for these. Digital cards are typically service-specific, so data becoming compromised on one digital card will not cause widespread adverse effects.

According to Asikainen, the improved manageability of payment data for consumers increases both security and the convenience of online services.

"Consumers will be able to ensure that their card details are not left unnecessarily on services they no longer intend to use. For the banks and online services, in addition to the user experience, the benefit will be a reduced need to clear incorrect transactions, reducing costs for all parties involved."

Security and banking technologies require a high level of specialised skills from developers

Asikainen says that it is not always easy to find skilled people in an industry with a lot of security and banking technology. HiQ has been a reliable support service.

"Security alone is such a broad entity that most software developers will probably take six months to learn the necessary areas. We have even managed to get direct matches through HiQ."

Asikainen praises the smooth cooperation with HiQ.

"We often have needs that come in on a challenging schedule. Nevertheless, HiQ has been able to respond quickly to our needs, and the cooperation has been very smooth."

R&D at G+D

Teemu Asikainen

Jukka-Pekka Suontaus, who works for G+D through HiQ, sees G+D as an interesting client whose project opens the door to an interesting world of monetary transactions.

"The working atmosphere is good. At G+D, we value thorough background work and the fact that people understand what they are doing. You can't start doing things randomly."

Suontaus says that in projects like this, security is on a level of its own. Work is done in a closed environment, traffic is closely monitored through firewalls, and best practices must always be adhered to in coding.

"The job requires full-stack skills. I have been able to use my personal strengths, for example in Java. "The IaC (Infrastructure as a Code) tool Terraform, on the other hand, is a new tool I have learned."