Strengthening cross-border payment transaction data protection

There are many barriers

Modern payment tools such as e-wallets, international cards or fintech services have shortened the distance, connecting millions of businesses and individuals around the world , and are a strong driving force for e-commerce, tourism and international investment. However, the reality in Vietnam and many countries around the world shows that there are still many barriers.

The story of Mr. Nguyen Hoang Long, Deputy General Director of Vietnam National Payment Joint Stock Company (Napas), when he could not pay by international card at a shopping mall in China, is a clear example.

Despite the presence of international tools, the payment ecosystem in many markets remains fragmented, causing difficulties for both tourists and businesses.

This situation is also happening in Vietnam, when tourists from China, Thailand or Korea encounter difficulties when spending at small shops and traditional markets.

This is not only inconvenient but also causes Vietnam to miss out on a large amount of potential revenue.

Realizing this, Vietnam is taking positive steps. Napas has been connecting with regional partners such as Thailand, Cambodia, Laos, Indonesia, Singapore, allowing people to pay directly in each country's local currency.

In particular, the connection with China, Vietnam’s largest tourism market, is being rushed to completion. The system is expected to be put into trial operation by the end of this year, opening up great opportunities for the tourism and trade sectors.

Many potential risks

However, convenience always comes with risks, the risk of cyber attacks and personal data breaches has also increased dramatically, causing huge financial losses and undermining user confidence and having a profound impact on global economic security.

Mr. Vu Ngoc Son, Head of Research, Consulting, Technology Development and International Cooperation (National Cyber ​​Security Association), pointed out the existing dangers. The forms of attacks are increasingly sophisticated and diverse.

First, phishing and spoofing. Hackers send emails, messages or create fake websites of banks and payment gateways to steal login information and then conduct illegal transactions.

Second, is using malicious software (Malware, Ransomware, Trojan) to penetrate the system. This software records keystrokes, changes account numbers or encrypts all data to demand ransom.

Third, there is account hijacking and transaction fraud. Hackers take control of bank accounts or the SWIFT system to issue fake money transfer orders. This type of attack is especially dangerous because transactions often go through many intermediary banks, making them difficult to recover.

Fourth, personal and financial data leaks. Sensitive data such as credit card information, account numbers, and KYC (Know Your Customer) data are often stolen and sold on the “dark web”. This information is then used to open fake accounts or commit other fraudulent acts.

Fifth, supply chain attacks. A vulnerability from a small partner can open the door for hackers to penetrate an entire large system.

Sixth, distributed denial of service (DDoS) attacks, which temporarily paralyze major payment systems, disrupt global transactions and directly affect users.

According to Associate Professor, Dr. Pham Thi Hoang Anh (Banking Academy), cross-border transactions require a clear bilateral legal framework, unified technical standards and a coordination mechanism for handling incidents. For management agencies, the priority is to harmonize laws according to international practices such as GDPR (EU General Data Protection Regulation) or ISO/IEC 27001. Early standardization will help reduce conflicts when incidents occur, while building trust for users and businesses.

According to Mr. Vu Ngoc Son, financial institutions and businesses need to take drastic actions. First, update and patch software urgently. Second, apply multi-factor authentication (MFA), adding an additional layer of security beyond passwords. Third, build an AI-based abnormal transaction monitoring system to proactively detect and prevent fraudulent behavior. Fourth, regularly audit and assess the security of partners and third parties in the supply chain.

However, the final and most important layer of protection still lies with the user himself, each individual needs to raise awareness and equip themselves with self-protection skills.

Many experts believe that the sustainable development of cross-border digital payments will depend on the ability to build a solid security system. Only when personal data is securely protected and user trust is strengthened can Vietnam create a solid foundation for comprehensive expansion and development of the digital economy.