Cross-border payments expand, risks also increase
Along with the development of cross-border payments, cybersecurity and personal data protection issues are also raised to a higher level. Some incidents in the world have shown that when financial data and personal information are illegally exploited, it not only causes economic losses but also affects the trust of users.
According to Mr. Vu Ngoc Son - Head of the Department of Research, Consulting, Technology Development and International Cooperation (National Cyber Security Association), the difference in standards between countries, along with the huge transaction volume, makes unusual detection and safety assurance even more challenging. This requires financial institutions to invest more heavily in technology, processes and international cooperation to build multi-layered shields for cross-border payments.
Mr. Son emphasized: "Only by synchronously combining advanced technology, strict security governance, human training, a clear legal framework and international cooperation, can we effectively protect personal data and ensure the safety and sustainability of the global payment system". According to Mr. Son, data protection is not a feature, but a system of thinking throughout.
Data protection is the common responsibility of both banks and users
Mr. Son said that for banks and businesses providing payment services, an important requirement is to minimize data, only collect truly necessary information, attach a storage period and delete or remain anonymous when no longer for use. Access must be strictly controlled according to the principle of "the least privilege", while tracking all sensitive data access activities. Periodic security checks, security breakdown testing and quick patching are indispensable steps. In addition, contracts with integrated partners need to strengthen the responsibility for incident notification, regulate response times, 24/7 on-duty contacts and a refund mechanism to avoid pushing risks to customers.
For users, most of the risks arise from habits. Therefore, it is necessary to focus on specific behaviors such as checking the recipient's information carefully before confirming, turning on two-layer authentication and notification of changes, prioritizing a small limit for first-time transactions, locking the application immediately when the phone is lost.
At points of sale, data security must also be guaranteed. Payment devices need to be stamped, codes must be changed periodically, and clear delegation of control. At the same time, the support channel and complaint handling deadline must be transparent so that users can feel secure when transacting.
Standardizing the law to maintain trust
Associate Professor, Dr. Pham Thi Hoang Anh (Banking Academy) commented: cross-border transactions - especially within borderaries and QR connections - require a clear bilateral legal framework, unified technical standards and coordination mechanisms between relevant parties. Ms. Anh believes that minimizing data, unifying data fields and having a coordinating point for handling complaints - refunds are the foundation for building trust.
According to Ms. Hoang Anh, in addition to technical risks, there are also policy risks such as national monetary security, exchange rates, money laundering or payment when the standards between countries are not uniform. Early standardization will help reduce conflicts when incidents occur, Ms. Anh emphasized.
Therefore, personal data needs to be protected from minimal steps such as strict decentralization, monitoring access logs, anonymousness or data collection when the purpose is no longer achieved, periodically reviewing third parties with access rights.
For management agencies, priority is given to synchronizing standards and harmonizing laws according to international practices such as GDPR (EU General Data Protection Regulation) or ISO/IEC 27001 on information security. When the legality, technique and operation are "matched", personal data in cross-border payments will be truly protected, thereby strengthening trust - a prerequisite for safe digital expansion payments.
