Community

@Michael Kyritsis:

TY for your kind words. Brevity might make my question appear rhetorical but it is anything but that.

Let me elaborate: I'm referring to migration of an onprem system to the cloud, not signing up for a new cloud system. For years, the retailer's onprem system has been compliant with various industry certifications viz. PCI-DSS. Now, the retailer wishes to migrate all its systems including Retail ERP, Billing, Payments, and so on to the cloud. Given the scope of systems, the retailer may want to opt for a horizontal cloud platform like AWS or Azure instead of different vertical cloud platforms, one for ERP, another for payments, and so on. My question is: In that situation, is it possible for the retailer to ask Amazon / Microsoft to only make their payment system complaint with PCI-DSS?

In a broader sense, my question is equally applicable to other industries e.g. Banking, where different systems need to be compliant with different industry regulatory standards (e.g. OFAC) and industry certifications (e.g. PCI DSS). If a company moves all its systems - including payments - to the cloud, will the cloud provider provide OFAC compliance for System A, D and E and PCI-DSS compliance for System B, F"?

Seven years ago, I'd tested the Virtual Agent aka Chatbot called ASK on Yorkshire Building Society's website. I asked if YBS offered Buy-to-Let mortgage product. Its answer was "We regretfully don't offer BTL any more". More at Can Chatbots Replace Humans?. BTLs were under cloud during the GFC for mis-selling and my experience convinces me that chatbots can protect against mis-selling.

However, I'm not sure if that's going to help in popularizing chatbots within banks. I say this on the back of the experience of one of my company's customers who has another technology to prevent mis-selling. While pitching it to banks, we found out that banks follow a "wink and nod" practice w.r.t mis-selling. If you position chatbots as a way of not getting caught while mis-selling, that might work 😉

If retailers move their systems and data to the cloud, will it become easier or harder for them to get PCI DSS certification?

Innovative Fintechs Don’t Need No PSD2 Regulation

@EvitaPeriklaki: Per @MattWhite's comment, this card is launched in USA, where credit interchange is 2-3%.

2% cashback and no expiration of rewards - two signs of a killer credit card. 

Just when you thought it was safe to move to the cloud, half a dozen Bitcoin companies like Sia will suddenly tell you, "When you store data on S3, it remains unencrypted on an Amazon server which is vulnerable to attack or misuse." As though that wasn't enough, these new-age storage space providers will promote their decentralized architecture by claiming "Users that value security and privacy tend to prefer the user-controlled approach over the company-controlled approach." Maybe it's only me but "User-controlled approach" sounds terribly like onpremise. Banks may gladly agree with that p.o.v. and smirk "we told you so". Presented with the opportunity to side with the coolest new kids on the blocks, banks may check the "do nothing" box and continue to keep their systems onprem.

Does anyone know just how many people are there in UK "but are unbanked and so have limited options beyond cash."?

You missed out another connection: Ravi Venkatesan, the Chairman of Bank of Baroda, is also the Co-Chairman of Infosys!

BTW, Bank of Baroda is not the second-largest bank in India - that distinction goes to ICICI Bank (or Punjab National Bank). AFAIK, BoB is not even among the Top 5 banks in India.

Actually, since the end customer's data is held by the SaaS vendor, it will be the SaaS vendor - and not the end customer - who will be the PaaS vendor's customer and, therefore, the receiver and owner of the AWS / Google keys in the first place.