Mastercard’s Zahir Khoja on the Trends “Working in Our Favor”

Payments
Mastercard’s Zahir Khoja on the Trends “Working in Our Favor”
Payment Facilitator
Mastercard’s Zahir Khoja on the Trends “Working in Our Favor”
According to Mastercard’s Zahir Khoja, 85% of transactions globally are still made in cash, representing an enormous opportunity for payments providers to grow digital acceptance. Presenting at PF WORLD 2018, Khoja told the audience that, while the number of cash transactions looms large, market trends are helping providers move many of those merchants toward digital payments with a focus on the experience it provides for consumers.

Shopify Rolling Out Fraud Protect to U.S. Merchants

Payments
Shopify Rolling Out Fraud Protect to U.S. Merchants
Payment Facilitator
Shopify Rolling Out Fraud Protect to U.S. Merchants
 Shopify has begun rolling out its Fraud Protect product to select merchant customers in the U.S.
When sellers opt in, Shopify will issue a refund and manage the dispute on a fraudulent transaction it has deemed “protected.”

Square Installments: Risk or Reward?

Payments
Square Installments: Risk or Reward?
Payment Facilitator
Square Installments: Risk or Reward?
The newest offering from small business leader Square comes in the form of flexible payment options. With Square Installments, small business owners can now benefit from the same convenience as their larger counterparts when it comes to financing for their customers.

Grab and Fave Join Forces; Tencent and Alibaba Competition Heats Up: News Roundup

Payments
Grab and Fave Join Forces; Tencent and Alibaba Competition Heats Up: News Roundup
Payment Facilitator
Grab and Fave Join Forces; Tencent and Alibaba Competition Heats Up: News Roundup
PaymentFacilitator’s News Roundup is a curated mix of the past week’s news and articles from around the web, including company announcements, global payments news, and other coverage and analysis of topics relevant to payment facilitators.

How to Intentionally Build Security into a Network

Networks
How to Intentionally Build Security into a Network
Apstra Blog
How to Intentionally Build Security into a Network

October is Cybersecurity Awareness Month in the United States and other countries around the world. Chances are you’ll be hearing a lot more about security as many media outlets, security companies and organizations raise the awareness with employees, customers and the general public on cybersecurity risks. One area that continues to draw security attention is the network. This is especially true as businesses look at upgrading or evolving their network infrastructures with a move towards software-defined or newer approaches, such as Intent-Based Networking.

The Intent-Based Data Center (IBDC) incorporates Intent-Based Data Center Automation which is built on Intent-Based Networking, a distributed system architecture, and a vendor-agnostic overlay. These data centers establish a high level of application availability and reliability, simplified deployment and operation, and dramatically reduced costs.

Intent-Based Networking allows network designers to specify intent, and automatically configure the network to operate according to that intent, set expectations for its ongoing operations, and verify conformance to the intent.

IDC telecom and carrier IP networks research director, Rajesh Ghai says that Intent-Based Networking is a closed-loop continuous implementation of several steps:

Declaration of intent, where the network administrator defines what the network is supposed to do
Translation of intent into network design and configuration
Validation of the design using a model that decides if that configuration can actually be implemented
Propagation of that configuration into the network devices via APIs
Gather and study real-time telemetry from all the devices
Use machine learning to determine whether desired state of policy has been achieved. And then repeat.

Tips for Securing an Intent-Based Network

When it comes to security, the key aspect is that an Intent-Based Network management software layer continuously monitors the network and ensures network operation is compliant with the specified intent and thereby meets the operator’s expectations.

Expectations are representations of network state expressed as telemetry from network elements. For example, interface status, MAC addresses, ARP information and route information are some examples of raw telemetry that is collected from network elements. Since the network is represented as a graph by the Intent-Based Network management software, applications can use graph queries to get network state information.

In order to ensure that the network operates in compliance with the specified intent, the system collects telemetry from network elements and detects anomalies and processes those anomalies (remedial action) using the specified handlers. If there is a variation between the state and the intent, the handler raises the appropriate alarm. If the variation indicates an imminent hard-drive failure, raise the alarm to IT. If the variation indicates that an entity is making inappropriate DNS calls or port scans, the handler alerts the security information and event management (SIEM) system.

Once a network operator has specified an intent on the system, the Intent-Based Network operates the network for the user — and if the intent contains security parameters and policies, those are also baked into the design. For example, intent and expectations might be, “build a network with 25 racks and 20 servers in each rack with 10G links and 2:1 oversubscription. Ensure there is no SSH or FTP activity between a set of servers. Trigger alerts and deny access if there is a traffic burst from any server that violates the standard deviation of the ‘tx bytes’ by 30 percent.”

The system will build a reference design, and once deployed, the network will set up expectations based on the intent and trigger alerts and remedial actions, as specified.

Anomaly Denied

An Intent-Based Network should be able to specify intent based on network element artifacts like NOS version; patch level for software on switches, routers, or other devices; or other custom artifacts. Once those expectations are specified in the Intent-Based Network, any deviations will be tracked and reported as anomalies with associated remedial action, take the device offline, send an alert or trigger a patch update.

This is key in today’s environment where keeping network devices updated to have the right level of software and vulnerability patches is critical to network security. What makes an Intent-Based Network a secure system is its ability to specify intent and monitor for variations in the execution of that intent, in the same system.

For example, an Intent-Based Network provides built-in services that collect raw telemetry from network elements (e.g. MAC addresses, ARP tables, route tables, etc.,) sets up expectations, and then monitors the state of the network based on the collected telemetry.

Intent-Based Networking allows users to specify several security constructs for network activity in a data center network that is typically behind a firewall or in a secure zone. For example, an Intent-Based Network can facilitate detection of lateral movement inside the network, detect traffic flows that should not be present, movement of MAC addresses, interface statistics, and so on.

An Intent-Based Network can handle complex security tasks easily. Since an Intent-Based Network creates the network reference design and ensures operation of the network, it has the context to be able to respond to various questions about the network (regardless of the complexity) in the presence of constant change.This is a huge shift in the way networks are monitored. When Intent-Based Network management software contains built-in analytics capabilities, network operators can aggregate raw telemetry from network elements, and supports analytics constructs like thresholding and pipelines of data across processing stages.

Intent-based networking offers an opportunity to design security objectives right into a complex network. The current shipping of Apstra Operating System (AOS) provides the aforementioned capabilities, which is achieved by leveraging Apstra AOS Intent-Based Analytics.

To learn more about security in an intent-based networking world, check out this blog post I penned shortly after joining Apstra from Palo Alto Networks. Read more: Intent-Based Networking and Security.

Double Diamond Group, Rich Consulting Launch Readiness Program for the New ETA Self-Regulation Program

Payments
Double Diamond Group, Rich Consulting Launch Readiness Program for the New ETA Self-Regulation Program
Payment Facilitator
Double Diamond Group, Rich Consulting Launch Readiness Program for the New ETA Self-Regulation Program
Keeping bad actors out of the payments system is an important part of a payment facilitator’s job. But keeping up with a fast-moving risk environment can be daunting.

Stripe’s Latest Valuation Points to a Company That Can “Stand Alone for the Long Term”

Payments
Stripe’s Latest Valuation Points to a Company That Can “Stand Alone for the Long Term”
Payment Facilitator
Stripe’s Latest Valuation Points to a Company That Can “Stand Alone for the Long Term”
Last week, leading payments provider Stripe announced that it had secured a $245 million funding round that valued the company at $20 billion. With that number being more than twice the company’s value two years ago, it places Stripe in notable company, including such technology companies as Uber and Airbnb.

MINDBODY Exec to Deliver Keynote at PF WORLD 2018

Payments
MINDBODY Exec to Deliver Keynote at PF WORLD 2018
Payment Facilitator
MINDBODY Exec to Deliver Keynote at PF WORLD 2018
As SaaS companies decide whether and how to integrate payments into their offerings or seek ways to leverage payments as a key part of their growth strategy, learning from the experiences of existing payment facilitators and other companies who are already successfully walking this road can help smooth the way ahead.

NETS Launches Selfie Movement; PayPal and Shopify Enhance Partnership: News Roundup

Payments
NETS Launches Selfie Movement; PayPal and Shopify Enhance Partnership: News Roundup
Payment Facilitator
NETS Launches Selfie Movement; PayPal and Shopify Enhance Partnership: News Roundup
PaymentFacilitator’s News Roundup is a curated mix of the past week’s news and articles from around the web, including company announcements, global payments news, and other coverage and analysis of topics relevant to payment facilitators.