The Florin Awards Europe 2017



I am just back from chairing the Florin Award Jury at The European Payment Summit 2017.


We were pleased to see some highly innovative products and services from the finalists.

ThreatMetrix was the winner of the Florin Award in the category “Architecture for Secure Transactions”.

ThreatMetrix eCommerce protection provides real-time fraud prevention tools to online merchants worldwide, while also offering the potential for a less-intrusive consumer experience. The jury was impressed with the innovation demonstrated by the ThreatMetrix Digital Identity Network, claimed to be the world first Digital Identity Graph. This maps associations between people and their devices, locations, account credentials and behaviour. Such a mapping of anonymized user identities could play a key role in fighting cybercrime while also respecting consumer privacy. The strong European orientation is helpful for the roll-out of PSD2. Their Cybercrime Threat map provides a live stream of fraud attempts that was also something the jury found credit-worthy.

Iredeto was the winner of the Florin Award in the category “Omni-channel Payments Security“.

The jury was impressed by the way that Irdeto has transformed itself over the years with the visionary leadership of founder Pieter den Tooner who established the company back in 1969. Today the company continues to play an important role in Europe while boasting a client base that includes customers worldwide. The jury especially valued the breadth of security solutions that spanned multiple industries including media & entertainment, automotive and payments. Their solutions in the area of cloakware and whitebox cryptography have a key role to play thanks to the importance of protecting Open APIs and the critical need for security across multiple devices.




Do read more about it, and check out all the finalists at

The conference, held at the historic Louwman Museum was very interesting.

I shall share highlights from the conference as well as our latest research on Cyber Security and Payments over the next month.



Financial Inclusion at the Bottom of the Pyramid–Add your voice

In this interview Carol Realini, co-author of 'Financial Inclusion at the Bottom of the Pyramid’ tells how they use an innovative crowd-sourced solution to provide a deeper understanding of innovative financial services that are emerging to address the needs of unbanked and under-banked people around the world.

Q: Carol, could you let us know a bit about your new book – what’s it about?

fipKarl and I are fortunate to have been involved in financial inclusion projects around the world. We wanted to share how we see things changing, new models emerging and most importantly how this is happening differently in different places.

We thought it important that we provide a global view rather than focusing one market or one aspect – such as just Square or just Mobile POS, or just the USA.

We’re show-casing the best examples of tech-enabled financial inclusion from around the world.

Q: I’m interested in the way you are sourcing material – in a manner that is still pretty unique

Yes, although we have ourselves been in many of the countries where the new services are rapidly growing, we did not want to be limited in our thinking. By throwing the book open to contributions from around the world we expect to cover more ground and discover some of the breaking stories that will help create a good understanding of the state of play.

Q: Carol, how do you and Karl expect to make a difference with this book?

We believe the next 5 years will be a period of unprecedented change. Another 3 billion or more people will have access to the internet via mobile. Financial services will reach 1-2 billion more people in a similar timeframe. We want this book to help inspire people to understand more. We want the book to help people share about what they’ve achieved so we jointly celebrate their success and contemplate potential pitfalls together.

Q: How do people contribute to this initiative?

We have a campaign on for nominations for Global Financial Inclusion Pioneers. We would love to have more Europe and Africa nominations – we have extended the deadline to Dec 31, 2013. Full details are available at the Financial Inclusion at the Bottom of the Pyramid website. We’d like people to visit and nominate as well as submit their stories. This will help us showcase the best examples from across the world.


Carol Full AvatarCarol Realini is a successful serial entrepreneur who  dedicates her time to working with global pioneers in mobile banking & payments. Carol was a World Economic Forum 2010 Technology Pioneer.  Carol passionately supports entrepreneurship, banking for all, and women in technology. She is the author of the 5-Star-on-Amazon BankRUPT, a book about banking innovation in the US, and co-author of Financial Inclusion at the Bottom of the Pyramid.


A new resource for safety in online payment, as scams straddle online-offline domains


As money goes digital, new threats and challenges arise as scam-artists seek new ways to profit at the cost of innocent victims. Charmaine Oak (CO) was curious to understand about the so-called “Ukash Virus” and interviewed David Cox (DC) of Ukash to find out about the origin of this term, the newly launched “AvoidOnlineScams” site and the investment that Ukash is making towards the safety of their customers.


CO: David, could you please tell us a bit about Ukash, and the origin of the term “Ukash Virus” ?

DC: Ukash was created to provide a safe and secure payment method for consumers to spend their cash online and we want to maintain this. However, to rip-off innocent consumers, criminals have begun to request payment by Ukash and other online payment methods, in their scams.

David Cox Ukash

David Cox is Head of Customer Experience, Ukash.  Helping customers to use their cash online, safely and securely, has been David’s primary objective since joining Ukash in 2006. This extends to providing practical advice and assistance to avoid online scams. David works closely with the Ukash security team, and liaises with law enforcement and consumer protection agencies, to promote online payments best practice.

One of the most common and quickly spreading scams we are seeing, using Ukash as a payment method, is malware demanding payment of a fine, seemingly sent from the local police authority. Ukash is widely available and is the brand leader in e-money, so unfortunately some have referred to this ‘Reveton’ ransomware strain as the ‘Ukash Virus’.

Malware scams generally take the form of a Trojan, typically picked up from malicious online adverts or from file-sharing sites, which locks the infected computer and then demands a fine or ‘ransom’ for unlocking - this is known as ‘ransomware’. This malware often displays a message that claims to be from the police, saying the computer has been targeted for legal reasons.

Payment by online cash is then requested, and even if payment is made the computer remains infected. Ransomware will use alarming messages and scare tactics to frighten internet users into paying the fine, something that we see as a growing problem. Of course no genuine law enforcement agency operates online fines without evidence or a right to appeal, and the on-screen messages are very badly written, so unlikely to be genuine.

CO: I recall similar “offline scam” cases (not virus associated) under which victims receive requests to pay, using Western Union for example ..

DC: Yes, criminals target consumers via ‘offline’ methods and often use traditional methods of communication to do so. For instance the prominence of the miss-sold payment protection insurance scandal in the UK has led some criminals to create a new telephone scam, targeting vulnerable groups such as the elderly. These victims are asked to pay an advance fee, via Ukash or another payment method perceived as being untraceable, in return for a much bigger pay-out, even if they have never had a product with PPI.

Other scams have involved individuals handing over Ukash codes as advance fees for loans and job applications. Every Ukash receipt has clear warnings printed against never giving codes to anyone and only using Ukash online and at genuine merchants, but unfortunately not everyone heeds the advice.

CO: Has this changed in recent times causing scams to be online as well as offline?

DC: With the advances in technology and the increased use of the internet, these traditional ‘confidence tricks’ have gone from offline to online. The ease of the technology also means that more people, of all ages and abilities are using the internet and can ultimately put their details online and become a target for fraudsters.

But the criminals are exploiting their victims in imaginative ways, such as encouraging non-internet users to use an online-only payment scheme such as Ukash, as in the PPI scam. Despite the warnings to only use Ukash online, the majority of victims do not perform any research or ask advice before handing over the Ukash code, as the criminal has created a level of trust where their instructions are followed without question.

The developers of the Reveton Trojan use the internet to distribute the malware as if it was a legitimate software product and even provide technical support! It is attractive to low-level criminals as they can buy at low cost the code to infect the sites where large numbers of internet users will visit, and then receive payment from those that fall for the scam, making it scalable and profitable.

CO: How have producers of viruses sought to monetise through the development of new payment services? How are they seeking to “Get credibility” by using trusted brands (Metro police & yourselves)?

DC: The original malware developers are running a business distributing the trojan code. They’ve designed the malware to use popular payment brands, such as Ukash and Moneypak, to make getting payments as easy as possible. The wide availability and consistent branding of the payment options is intended to make the ‘lock screen’ appear genuine.

CO: Could you tell us a bit more about Ukash, what it is used for, and in which countries and partnerships?

DC: Ukash is the global online cash payments provider and internationally recognised e-commerce cash payment method that enables consumers around the world to use cash to shop, pay and play online safely, securely and conveniently. This secure payment method was developed to protect personal identity and financial information when making online transactions, reducing the threat of credit and debit card fraud for consumers and repudiations and charge-backs for retailers.

At the heart of the Ukash vision is creating a truly global solution that holds no barriers or boundaries for consumers to access the burgeoning ecommerce marketplace. Since launch in 2005 Ukash has expanded into countries on every continent. Significant investment in back-end technology and front-end customer service has enabled Ukash to achieve a 65% growth year on year, with 91% of global customers saying they would recommend Ukash to friends or family.

Ukash codes are purchased with cash in retail outlets such as shops, petrol stations and kiosks. The unique 19 digit code can then be used to pay directly on any of the thousands of websites that accept Ukash transactions worldwide, or loaded onto prepaid cards and e-wallets.

Ukash is regulated by the UK Financial Conduct Authority (FCA). The maximum single value allowed is £200/€250 or equivalent in other currencies, and the maximum amount that can be held by an individual customer is £1,000/€1,250 or equivalent in other currencies.

CO: I was interested to see your recently launched website. Why did Ukash take this initiative and how do you hope to help?

DC: Ukash joined forces with leading police authorities and anti-malware partners to create, an online resource to offer internet users up-to-date news, tips and advice on the latest online scams. This includes links to instructions and free software to remove ransomware.

imageWe want to remind consumers that Ukash must only be used to pay online and at genuine websites, never to pay fines or advance fees. One of the reasons we launched was to protect consumers from these fraudsters and stop criminals in their tracks. Individuals can protect themselves online if they have access to knowledge and advice.

Most of the individuals falling victim to these scams are in vulnerable groups and not previously familiar with Ukash. We are therefore working to educate these groups in order to help them protect themselves and beat the fraudsters, including clear warnings on the Ukash receipts and initiatives with the retailers that issue Ukash.

CO: David, so what is your main advice to your customers?

DC: We advise consumers to visit to learn how to remove the malware and keep themselves safe online.

Anyone who has used Ukash to pay a fine, or for any other suspicious payment, should contact Ukash immediately on 00800 247 85274, and we will attempt to block the Ukash code before it is used. It’s also vital that they report the crime to Action Fraud UK on 0300 123 2040.

We have a dedicated team working to provide intelligence, to the law enforcement agencies, on any reported crimes that use Ukash as a method of payment. This has resulted in several high-profile arrests of international criminal gangs suspected of involvement in ransomware and advance fee fraud.

Ukash is the safe way to pay, when used online at genuine merchants. But we advise that anyone unfamiliar with a payment scheme finds out how it works before they use their own money.

CO: Thanks very much David, I learnt a lot and am glad to hear about this initiative. Sounds like very useful advice.

Paying the price: A new regulatory framework for Cards, Internet and Mobile Payments in Europe


An extensive legislative and regulatory package has been recently announced by the European Union. In this guest blog, Jean-Stéphane Gourévitch shares his thoughts on the  potential impact to the payments industry in the EU/ EEA and, possible new threats and risks for incumbents and opportunities for innovation and new entrants.



Jean-Stéphane Gourévitch has over 20 years of International and European experience at senior management levels. For more details see the full article on his website.



In July this year Commissioners Barnier (Internal Market and Services) and Almunia (Competition) joined forces to present an extensive Legislative and Regulatory package that will impact the payments industry in the European Economic Area, creating new threats and risks for incumbents and hopefully open competitive opportunities for new entrants and innovators.

The package is organised around two key policy initiatives:

  • Firstly, a draft new Payments Services Directive (or PSD 2) reviewing the original PSD from 2007, to be adopted by the Council and the European Parliament.
  • Secondly, a draft regulation to be adopted by the Council and the European Parliament on interchange fees for card-based payments transactions that also contains a number of important provisions and changes relating to separation of activities of card schemes, consumer rights, and rules relating to card payments.

1. The New Payments Services Directive (PSD 2)

The revised Payment Services Directive brings a number of new substantial and important elements to the 2007 Directive but also retains key measures such as “passporting”.

It aligns the provisions, including those relating to security, fraud prevention and consumer rights applicable to all types of Payments Services Providers (PSPs), whether digital or non-digital.

It also reviews the definition of payments services to adapt these to new digital and mobile payments, opening new areas for competition. The Commission hopes the new Directive will promote the emergence of new players and the development of innovative mobile and internet payment services and solutions in Europe. They further hope this will improve the overall EU global competitiveness in these sectors. Member States will have two years after adoption of the Directive to comply with it.

2. The proposed regulation from the European Parliament and the Council on interchange fees and other fundamental changes

The Regulation creates a regulated area and a non-regulated area for debit and credit cards. The Regulation caps Multilateral Interchange Fees in the regulated area, as regards both Credit and Debit cards. It seeks to hold these to a very low level, first for cross border transactions and after 2 years for all transactions, including domestic ones.

Furthermore, the proposed Regulation introduces some major changes in the rules governing card schemes. It mandates structural separation between the different functions traditionally integrated. For instance scheme management, payments authentication and processing would be separated. This aims at injecting more competition by increasing transparency, protecting consumer rights and supporting innovative payments.

The European Commission hopes this package will be adopted by the European Parliament and the Council of Ministers and implemented before end of March 2014. It is an ambitious programme with potentially far-reaching consequences as part of an ambitious political agenda.

Can you get one step ahead of the regulatory curve and what would this look like?


I’ve been studying with interest the European Commission’s proposed new legislative package for payments and digital commerce in general. Clarifying position with regards to mobile commerce and alternative payment systems is part of a trend we see around the world where players had so far been operating in a relatively fluid state with mobile payment services subject to reactive governance controls. This causes compliance confusion alongside both technical and strategic uncertainties.

And it will probably get worse before it gets better as no one is certain of the shape market convergence will take, how regulators around the world will react and what effect this will have on services.

Of course there is another way of looking at this. End user confidence (and therefore adoption) of new payment platforms and digital purchasing models will be dependent on the regulatory environment and many of the key issues regulators and policy makers are focusing on, including security, identity, choice, ease of use and fair pricing.

So could regulation and policy be used as a future indicator of successful business models rather than just as a compliance responsibility? And if so, how many organisations fail to look for and harness the opportunities that these standards and supervisory guidance could be highlighting for us?

If you analyse diverse and recent trends, throw some original thinking into the mix, take a hard look at what is happening now in mobile payments and what the end-user experience could ultimately look like then wouldn’t this give you an edge when forming your strategy or future proofing your technology?


imageI think so and I’ll be exploring this in more detail at in November.

As Europeans change the way they pay, card fraud reaches lowest level since 2007


As card payments grow in importance as the preferred way in which people pay, the good news is that the level of fraud using cards decreased by 5.8% since 2010. This post offers insights from the latest ECB fraud report alongside our analysis of the way people pay in the EU area, to help payment providers prioritise their support to payment instruments and consider the impact of fraud related issues in accepting payments.

Continue reading

The France Telecom Group turns completely Orange


As the France Telecom Group completes rebranding to Orange, this post offers a snapshot on the Group’s origins in Europe and its current focus on emerging markets in Africa. This will be useful to readers seeking partnerships with large operator groups across multiple countries, or for competitor analysis.


Continue reading

Get inside your competitor’s head with the Shift Thought Digital Money SAGE


Although mobiles and smartphones present an exciting new dimension for consumer payments, the Shift Thought Digital Money SAGE offers payments providers a panoramic view, so as to prepare for the eventual growth that is essential for building alternative payments services.

Continue reading

European privacy action–what effect on the Google wallet business model?

Pressure mounts on Google, with the ICO (in concert with 27 data protection authorities across Europe) yesterday issuing their notice. How does this impact Google’s fundamental business model in payments, and what possible knock-on effects may we expect on new entrants with digital wallets based on similar models?

Continue reading

Netherlands retail payments cost EUR 1 billion less per year than European average

The Netherlands has long been one of our “model countries” for Digital Money. Retail Payments results recently released show why. While cash withdrawals are falling, card payments have increased and there is clearly a higher value of card payments than cash. De Nederlansche Bank (DNB) worries about how  to “keep the cash chain alive” unlike India, Nigeria, Indonesia, China and other emerging countries whose top priority is to  go cash-less / cash-lite.


Continue reading