Ban on payments by WhatsApp
By Dane Avanzi
One week was enough to bring WhatsApp down as a means of payment. The news had been announced in Brazil, the first country to receive the appeal, on June 15, but in a matter of days, the Central Bank and Cade, an organ linked to the Ministry of Justice, responsible for curbing the formation of cartels, ordered suspension of service.
This is at a critical moment in the pandemic, when many entrepreneurs, especially those of micro and small companies, are struggling to make their businesses survive. So, what explains this decision by the entities: caution for the sake of users and fair market competition – since the union between Cielo and WhatsApp would grab a slice without being able to be overcome by its competitors – or just a technological conservatism?
The starting point and most important of all is the way in which the partnership between companies was created. Every new payment service that is created in Brazil depends on authorization from the Central Bank, which analyzes the relationship between those responsible for the transactions: the card flag that will be used, the institution that will issue the card, among others. In this whole story, it was not clear what the role of WhatsApp would be, nor its rights and duties.
In addition, there is no evidence that WhatsApp has a way of guaranteeing minimum security, when it comes to financial transactions, for users. I have already covered in another article on cybersecurity, the importance of two-factor authentication and the precautions when using the application over the web. All of this is important, but it is the minimum to guarantee exchanges of messages, not bank transactions.
In this context, it is asserted that there are several levels of encryption, the highest being military and the one used by banks. Financial institutions are always investing in security protocols and yet the scams still happen. There is, for example, a vulnerability test called Pentest, which simulates hacker attacks on systems to validate the effectiveness of their defense mechanisms, allowing developers to correct any flaws.
However, it must be thought that cybercriminals are always one step ahead, even with all the barriers. There is no way to foresee the element of surprise – after all, nobody knows when or how it will be attacked.
Certainly, the Central Bank and Cade acted correctly in prohibiting the operation. During the pandemic, with more people using the internet, the rate of cybercrime has grown dramatically. Launching a tool without the minimum of caution could further potentiate this wave, exposing banks and users to unnecessary risks, given that all financial institutions offer their customers access to banking services via computers and cell phones with a very high degree of security.
WhatsApp is an application we call OTT (Over The Top). This means that it is a tool designed to provide certain types of service to the user. As an OTT, it is not able to offer more critical services, which require greater complexity.
Today, all banks have applications that allow customers to conduct transactions within a secure environment. But behind an intuitive and eye-pleasing interface there is heavy technology to guarantee operation. In China, the WeChat application already performs these operations.
It is a fact that we need to discuss alternatives to paper money – and now to plastic money too, referring to cards. If the future was already digital, with the pandemic, this change came at a gallop. China, for example, has already started testing a digital yuan (local currency) in some regions of the country and there is a national project to expand the use of cryptocurrency. It is an unstoppable trend.
But all this speed in the modern world should not prevent a tool from being properly evaluated before it is launched, following security protocols designed to protect users. Thus, we can have a more agile, easy and prudent world.
Source: [Diário do Comércio]