Podcast: Play in new window | Download
The payments industry is constantly changing, and those changes require merchants and independent software vendors (ISVs) to prepare for whatever comes next. One current trend is towards increased digitalization, which brings a number of questions about data security, legacy systems vs. the cloud, and general readiness for the next big leap in technology or the market.
To learn more about how Agile Financial Systems (AFS) continuously stays ahead of the curve with innovation and technology to keep its customers at the cutting edge of payments, PaymentsJournal sat down with Paul Huff, CTO at AFS, and Don Apgar, Director of Merchant Services Advisory Practice at Mercator Advisory Group.
Strong foundation of security
According to Mercator Advisory Group’s 2021 Small Business PaymentsInsights, 56% of small businesses agree that keeping up with new technology is critical to company success, but 45% also worry about security issues surrounding their technology investments. With an increase in news stories about corporate data breaches, security is a foundational concern for anybody dealing with sensitive data.
“One of the keys for merchants is who they work with, who they partner with, and who is taking care of their payment data,” said Huff. Even as new technological innovations hit the market, cybercriminals continue attempting to access valuable payments data. Fortunately, AFS has security taken care of, whether for an ISV integration or for users leveraging their front-end gateway. “Hackers have gotten so elegant… that you really have to start at the beginning and say, What’s the secure framework?” said Apgar.
Early software developers may have designed the features and functionality first, and then dealt with security last, but for AFS and the APEX product suite, security is integrated from the very start. “That’s a huge paradigm shift,” Apgar noted. Companies can boast top-level of security by limiting high-risk touch points and maintaining PCI compliance, particularly by enlisting the expertise of AFS, which has already done the hard work with its APEX product suite.
Strategic partnerships and technology tools
To that end, the APEX platform from AFS offers its own payment gateway, and AFS has partnered with Microsoft to make that platform cloud native. “We believe in standing on the shoulders of giants,” Huff remarked about the Microsoft partnership. “We then take that a step further by adding our own additional security controls.” These preset offerings from AFS can be a huge relief to SMBs. “Small businesses, and especially ISVs, want payment security to be turnkey,” Apgar pointed out. “Whatever solution they deploy for their business, they just want to know that the security is already built in.”
One specific feature of AFS’ payment solution is total data tokenization and no storage of Primary Account Number (PAN) data. Unlike encryption, which is protected but decodable if a criminal acquires the encryption key, tokenization is irreversible: there is no way to reverse-engineer card data out of a token. “It’s in a tight Fort Knox behind the scenes,” Huff explained. “We make it so all the customers have to do is a simple integration with us, and we take care of everything else from the security point.” AFS also uses tokenization to authenticate and secure its API and payment gateway so there is no need to store username and password information. By leveraging Microsoft to handle identity storage, AFS effectively manages a key piece of digital security.
The impact of digitalization
The steady migration of business operations into the digital space has had many different effects on the payments ecosystem. Mercator research shows that 54% of small businesses see cloud computing as a useful business tool. Whereas once upon a time, only billion-dollar corporations had access to the latest technology and larger markets, the cloud now represents a democratization of those resources. The trick is to leverage the technology properly.
If companies have a glut of legacy systems that weren’t built for cloud technologies, they won’t be able to fully enjoy the latest advancements. “The cloud has a lot of great benefits, like immediate scalability and reliability and security,” noted Huff. “But your applications and technology stack have to be built in a way that is able to utilize those. You can move legacy applications to the cloud, but unfortunately those applications are simply being hosted on someone else’s server, and not really taking advantage.”
This is why the AFS APEX platform is built to be cloud native from the ground up. “Since everything is more digital, you have to have truly global reach,” said Huff. “That means you also have to have global scale. There are no physical restrictions… so you have to be ready to handle that scale, and always be online.” The more customers and time zones companies serve, the more opportunities for customer service interactions, and companies must be ready to handle those situations whenever they arise.
Putting the “agile” in Agile Financial Systems
Although nobody can predict the future with complete accuracy, AFS is enabling companies to future-proof their operations by offering agile and adaptable product suites. The world five years from now will probably look quite different from today in many ways, and Mercator’s 2022 Merchant Services Outlook advises companies to be prepared to pivot. “One thing we learned from the pandemic is that the landscape changes fast,” said Apgar. “You never know what’s coming next, and you have to have an extensive architecture that’s able to adapt to new products, new services, new ways the customer wants to interact.”
The word “agile” in the name Agile Financial Systems is no coincidence: “Agile is at the core of our corporate culture,” Huff concluded. “It requires the entire organization, from operations, to business development, to products, to customer support. Everybody uses these systems; everybody interacts with the customer.” The common corporate goal of agility leads AFS to continuously monitor its software and regularly deploy software updates to address any potential security vulnerabilities.