Author: Assad Umar

Assad is a recognised digital financial systems expert, bringing specialist knowledge on the research, design and analysis of payment systems. Until recently, he has worked for Consult Hyperion as a subject matter expert on secure transactions. In his role, he provided advisory to a diverse range of clients including Banks, Payment networks, FinTechs, and Government organizations. He has a good understanding of relevant industry specifications and concepts such as EMVCo, PCI DSS, Open Banking, Mobile Payments etc. Assad read a PhD degree from Royal Holloway University of London (RHUL), which was sponsored by Transport for London. His PhD research focused on the security and performance of mobile devices used for payments. He has published several articles in journals and conferences globally, some of which focused on the impact of digital fraud protection, the use of Trusted Execution Environments (TEE) to secure personal data, and hardware and software protection mechanisms in IT systems. These articles have been published and presented at international conferences and have been frequently cited by peers working in similar areas.

Fraudsters target loyalty schemes for easier gains

Posted on by Leave a comment

It has become practically impossible to keep up with the number of loyalty-related security breaches. In today’s edition of “Who Got Hit?”, we read that Tesco is sending security warnings to 600,000 Tesco Clubcard loyalty members following fraudulent activities[1]. The breach is suspected to be attackers trying to ‘brute-force’ their way into the loyalty system, using stolen credentials, potentially from a different breach. In recent years, fraud associated with loyalty has been on the rise. According to a 2019 report by Forter was an 89% increase in loyalty related fraud, from the previous year.

Continue reading “Fraudsters target loyalty schemes for easier gains”

The Yin Yang Twins: SRC and W3C’s Payment Request API

Posted on by Leave a comment

In the world of online payments (card not present), two issues that seem to be unavoidable are:

•   Continuous rise of card-not-present fraud.  Fraud rates for card not present are running at between four and ten times greater than card present depending on merchant sector

•   High cart or basket abandonment rates. Average e-commerce abandonment rate is of the order of 65%, with 24% of customers at merchants using 3DS 1.0 abandoning the transaction after starting the checkout process.

Continue reading “The Yin Yang Twins: SRC and W3C’s Payment Request API”

Mobile Payments and Acceptance: The Future Is Soft

Posted on by Leave a comment

The last year has seen a lot of activity in the mobile payment ecosystem with regards to the risk associated with Consumer Off The Shelf (COTS) devices becoming not only a payment method (Google Pay, Samsung Pay etc) but more significantly becoming payment terminals ready to accept payments. A ‘COTS device’ is a mobile device (e.g. phones & wearables) intended for distribution and use by the mass-market, and traditionally were not designed exclusively for making or accepting payments. 

Continue reading “Mobile Payments and Acceptance: The Future Is Soft”


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.
Verified by MonsterInsights