Make data-privacy pay
Why a renewed industry-wide focus on privacy and security could be the spark for innovation at technology companies.
Paysafe’s Chief Business Development Officer Daniel Kornitzer spoke to iGaming Business Hannah Gannagé-Stewart about why a renewed industry-wide focus on privacy and security could be the spark for innovation at technology companies. The article is also available online here.
Daniel Kornitzer is passionate about the ways in which the evolution of technology can enhance the human experience. He brings a philosophical air to the topic in the same way that an evangelical futurologist might.
Speaking to him on a freezing February afternoon in London, the conversation is a whistlestop tour through bitcoin, biometrics, blockchain, AI, personalisation and, unexpectedly, the pros of regulation.
“Payments is a fascinating industry because of all the innovation,” says the chief product officer of Paysafe’s burgeoning portfolio. “Oftentimes you’ve got technology evolving quite quickly and major positive disruption. The regulatory climate is also changing and then there’s the changing nature of the consumer.” The evolution of consumer behaviour was highlighted in a white paper that Paysafe published in September 2017.
It identified a “seismic shift” within the payments industry toward digitised transactions. Kornitzer suggests that 25-30% of transactions in the UK and Canada are now “touch-to-pay”, otherwise known as contactless.
The pace and range of change is also true of igaming, he observes, before adding: “I’m a technologist, but I’m also a consumer. As a consumer, when I’m trying to affect a transaction and buy something, I look for something that’s easy to use, convenient, secure, fast.”
By way of analogy, Kornitzer transports the conversation to his home town, Montreal. “In Canada, when it’s -30°C and I’m trying to fill my car with gas, the last thing I want to do is remove my gloves, freeze my fingers, insert the nozzle,” he says, mimicking chilly impatience. “So the way I would like to top-up my car – or top-up my phone – is I’d want something that does the job as quickly, simply and cost-effectively as possible. I’m agnostic on technology; I don’t really care what the technology is, as long as I’m getting the desired effect.”
‘Embrace regulation or suffer’
Kornitzer has been chief product officer at Paysafe for four years. He returned to the business in 2014 having served as SVP of marketing and product management from 2000-03 under Paysafe’s previous incarnation, Optimal Payments. As such, he’s seen the regulatory climate around igaming evolve with more jurisdictions gradually becoming regulated, but also the more mature markets, such as the UK and Canada, adding to existing burdens.
In May, the EU will bring its wide-ranging General Data Protection Regulation (GDPR) legislation into effect, replacing the existing Data Protection Directive with legislation that will require all organisations to readdress their data-protection policies. Kornitzer takes a pragmatic view of the incoming legislation. “Regulation is another great source of innovation.
There are two attitudes: you can embrace it or you can suffer. Our choice has been to embrace it,” he says. Inclined to look at everything from the customer’s perspective, he lists the ways in which GDPR will lead to enhanced protection for consumers, including safer banking and better protection against fraud, but also better services; he believes the change will usher in new entrants and therefore more competition.
“The companies that are savvy will actually become champions of privacy and turn these burdens into a competitive edge,” he explains. “The key is for data privacy to be injected into the design process, not as an afterthought. You don’t build something and then think ‘oops’. You build in data-privacy applications for security.”
Kornitzer explains that there are six or seven key principles that guide GDPR. “If you abide by those principles, what comes out of the process will be very much at the leading edge of compliance,” he says.
Those principles, he continues, are about how much data it is reasonable to collect; transparency about what you’re collecting and why; the setting of boundaries on the collection of data; the setting of limits on how long it is stored; and, critically, making sure you have explicit consent for its use.
On top of that, he highlights how important it is not only to be able to account for your own actions, but also those of your suppliers. “We have to be like hawks, looking at anyone who connects with us wherever there is data flowing, because if someone else messes up, it’s on our watch. All these principles boil down to accountability.”
The future is blockchain
When asked about the potential of cryptocurrency, such as bitcoin and ethereum, Kornitzer acknowledges its growing influence on both the payments and igaming industries. However, he is far more animated about the potential of blockchain – the decentralised database on which cryptocurrencies are stored. He says: “I wouldn’t want my data, whether it’s name, address, social security number, even my biometrics, stored in 10 different places because the more places it’s stored, the more chances of a breach.” Instead, Kornitzer dreams of a time when one institution, probably the government, holds individuals’ data on its own blockchain, allowing legitimate agencies to access necessary parts of it with permission from the individual.
“The data is only in one place and no one has all the data, so even if there were to be a breach, they would be missing a component,” he explains. “It would be distributed but not duplicated. If we could come up with such an arrangement, I think it would be very powerful because it would serve governments for taxation, it would serve the banks, the service providers and arguably the consumers because the chance of their data being at risk would become minimal.”
Kornitzer also sees biometrics as an inevitable part of the future of fraud prevention. “Any fraud-prevention method is strongest when you have the combination of three things: something you know, like a password; something you possess, like a phone or a token; and something that you are, like a biometric,” he says. “If you have got the three, it’s almost unbeatable.”
Paysafe already incorporates biometrics into wallets Skrill and Neteller, but Kornitzer says multifactor authentication is a balancing act: “You don’t want to make it so burdensome that you then have conversion loss because people don’t want to do it.”
Managing the impact on conversion is reliant on understanding the customers, adds Kornitzer. Paysafe’s latest white paper, on GDPR and security, revealed that many customers are willing to undertake extra verification steps to protect themselves from fraud.
However, the types of verification customers will accept can vary in different jurisdictions. In the UK, US and Canada, for example, the extra 3D Secure password, sometimes added by merchants onto credit-card, transactions, can, according to Kornitzer, “kill conversion”. Meanwhile, in Russia, the opposite is true: “They’re so used to 3D Secure that if they don’t see it, they lose trust.”
So, what next for Paysafe? Kornitzer has boiled his priorities down to two overarching themes. “One is features that greatly enhance the customer experience, so anything that makes it easier to onboard and use the product,” he says. “The other is efficiencies: automation, cost savings, leveraging of technology, big data, so that we can deliver more value through technology.”
Kornitzer learnt the value of setting priorities by reading Warren Buffett’s memoir, in which the billionaire business magnate urged the readers to list the 25 things they wanted to achieve within a year, before identifying the top five and writing those on a separate list. “Then take the remaining list of 20 and destroy it, burn it, shred it,” continues Kornitzer with verve. “Part ways with it and keep the five.”
A crucial lesson can be drawn from this exercise, he adds: “Wanting to be all things to all people is probably the easiest way to fail.”