BigPay Thredds big plans for Southeast Asia
- BigPay has selected Thredd, a fast-growing ‘next-gen’ payments platform to power its payment capabilities.
- The service will start with BigPay’s upcoming expansion into Thailand, with Indonesia and the Philippines following in early 2024.
- Thredd made the transition easier than it would have been with legacy organizations.
Founded in 2017, BigPay has been an influential player in Southeast Asia’s fintech industry. One of the reasons for this is the company’s link with Air Asia. As a portfolio company of Air Asia, it remains the preferred financial service provider for those buying air tickets and sundries from the airline.
Since then, BigPay has expanded its products and services. Today, the company has a strong presence in the region and continues to grow its offerings. As with any financial services company, growing the service means expanding its technology to support the demands of the industry.
BigPay not only offers overseas payments but also enables cross-border and domestic payments, international transfers, credit, micro-insurance, personal loans, and smart budgeting. While the company remains focused on the consumer aspect of the business, there are plans to cater to corporate and business customers as well.
BigPay currently operates in Malaysia and Singapore and provides a full suite of financial services, with over 1.4 million carded users. More recently, BigPay announced that its services will also be embedded into the Airasia MOVE superapp.
That means as BigPay looks to expand into countries like Thailand and the Philippines, it needs a technology partner that can help it grow its payment capabilities. And this is where Thredd comes in.
According to Mitherpal Sidhu, COO of BigPay, while its current service provider was great, the exponential growth the company faced in 2020 meant it was time to get a new-age provider, especially given the changes in the payment landscape. After reviewing a couple of proposals, BigPay came to the conclusion that Thredd’s services would fit it best.
“Tredd powers our card payments back end as the host processor, managing the whole of the ledger. We wanted a partner who could scale and grow with us within the region. We try to be present in most of the markets that we want to go into.
So we needed to have that scalability that didn’t need us to spool the physical infrastructure every time we wanted to scale. We also want to offer new products and services without our existing product lines. We started with card payments, then we moved into remitters and cross-border QR payments. Now we offer loans and have aspirations to do more financial well-being products. And Thredd is the perfect partner for that,” said Sidhu.
BigPay and Thredd
Thredd is a trusted next-gen payments processing partner for innovators looking to modernize their payment offerings worldwide. The company processes billions of debit, prepaid and credit transactions annually, serving over 100 fintechs, digital banks, and embedded finance providers, from consumer to corporate, across 44 countries.
What makes Thredd unique is its client-centric approach that combines hands-on support with modern, reliable, and scalable technology. According to Damien Gough, head of Asia-Pacific at Thredd, the company’s assured solution accelerates the development and delivery of consumer and corporate payments components embedded within digital banks, as well as for expense management, B2B payments, crypto, lending, credit, Buy Now Pay Later, remittance, and open banking innovators.
As BigPay was using a different service provider prior to Thredd, the migration service was also an interesting challenge for both companies. Sidhu pointed out that Thredd’s track record of doing migrations was one of the main reasons why BigPay chose to partner with it.
“We didn’t want to impact our users by having to change the products and services they use with us. Hence, everything is done in the back end. It’s a really complex process. However, we’ve got a dedicated team and Thredd is helping us with the migration. It’s going pretty smoothly from our end. And that was one of the strong selling points when we were looking at Thredd as a provider,” Sidhu explained.
For Gough, changing the core of the issuing business from one vendor to another is a very risky and complicated process. The process is very much reliant upon going to an experienced operator who has been through the pain points that expose risks and potential delays in a migration.
“We’ve got people that have done 20 or 30 migrations in the past, not just with Thread, but with other organizations as well. So we have lots of experience within our team. I personally came from Visa where I was for over nine years. I’ve had my fair share of exposure to big migrations across Asia. It’s rare for them to go super smoothly, but we have done a good job with them.
We’re working very closely to mitigate the associated risks and challenges that we know. But it always does rely on the incumbent to play ball. And so hopefully, that happens through this process and we’ll be able to celebrate a very smooth successful migration once the whole process is completed,” added Gough.
Security at its core
As BigPay is in a highly regulated industry, data sovereignty is core to its operations. Not only does the company need to meet regulatory and compliance requirements, it also needs to ensure its tech supply chain is capable of maintaining that.
“When it comes to specifically card data, we are very reliant on the provider to handle the sensitive data. And that’s one of the selling points of Thredd. We don’t see the data, but we can see the transactional data. We don’t see the high-risk credentials of the card,” said Sidhu.
With Thredd being cloud-native, Sidhu also highlighted that the hardware security module which is the module that holds the sensitive data is also cloud-native. As such, it’s less cumbersome in that sense, because it’s a holistic solution that BigPay can seamlessly migrate into, where with the legacy players, Sidhu said they tend to be in a physical module that comes with its own issues.
Gough mentioned that there is a differentiator when it comes to Thredd when compared to other providers, especially when it comes to legacy processes. Providers that work with tier-one banks would need to raise the bar in terms of clients’ security, resilience and everything else.
While Thredd has supported tier-one banks directly and indirectly, it is more into working with fintech companies. As such, it has to ensure its certifications meet the standards that cover information security (ISO 27001), business continuity (ISO 22301) and risk management (ISO 31000) as well as Payment Card Industry Data Security Standard (PCI DSS) level one certification.
“We’re encrypting all clear PAN data. As such, when we exchange data, there’s no open 16-digit number that someone can compromise to get access to and utilize because it’s fully encrypted. This includes all the communication that we’ve got between us and BigPay.
That makes it easier for BigPay to ensure that IDs or our obligations are not too onerous, and that they’ve got a trusted vendor who’s done this many times over. They’ve got the resiliency and security and systems and people in place to protect that data,” explained Gough.
Managing fraud detection
One of the biggest problems financial service providers face is fraud. While technology has enhanced fraud detection, it is still an ongoing problem, especially with technology also helping scammers and fraudsters to improve their tactics.
For Sidhu, mule accounts are becoming a growing concern for the industry. With Know Your Customer (KYC) getting smarter with AI through face detection, scammers are finding it harder to penetrate these systems. However, what they are doing now is buying accounts from users.
“What we’ve done as an industry is talk to our counterparties in various banks, and also the enforcement agencies like police. We have put up educational messaging for our customers because technology can only do so much. Education is core. We’ve educated customers to not share credentials.
BigPay will never call you, that’s our message. We have every interaction with you in the app. You go to your messages and that’s the way we interact with you, unless something has gone grossly wrong. Then there’ll be a call, but there’ll be a verification on both ends to show you can verify us and we can verify you,” said Sidhu.
Another interesting point highlighted by Sidhu is the increase in payments going to unsavory websites or merchants through cross-border payments.
“We don’t know who’s on the other end. We’re looking at patterns. And we’ve uncovered a few patterns where users were transacting on unsavory sites across financial institutions. And then we get together with others in the industry to see who’s the acquirer on this and who provisions that account. The collaboration that we have now is a lot more robust than it used to be five years ago,” concluded Sidhu.
In the second part of this article, Sidhu and Gough discuss the potential opportunities on the horizon from the new partnership.
READ MORE
- 3 Steps to Successfully Automate Copilot for Microsoft 365 Implementation
- Trustworthy AI – the Promise of Enterprise-Friendly Generative Machine Learning with Dell and NVIDIA
- Strategies for Democratizing GenAI
- The criticality of endpoint management in cybersecurity and operations
- Ethical AI: The renewed importance of safeguarding data and customer privacy in Generative AI applications