The State Bank of Pakistan (SBP) has decided to look into a newly signed agreement between MasterCard – an online payment processing company and National Database and Registration Authority (NADRA) over concerns of possible breach of security of national database.
“We are looking into this (agreement) and getting more information from the two parties about this arrangement,” told Abid Qamar, chief spokesperson in conversation with a national daily.The concerns about the agreement have surfaced since NADRA did not seek regulatory compliance approvals from the central bank for venturing into an area that does not fall under its mandate. The concerns about the agreement have surfaced since NADRA did not seek regulatory compliance approvals from the central bank for venturing into an area that does not fall under its mandate. Not only that, NADRA has opted to alliance with a company that does not have its servers in Pakistan.
The strategic alliance will allow Pakistani citizens to carry out financial transactions, receive government disbursements , payment of fees (people to government) using the unique 13 digit identification code in addition to facilitation of domestic and foreign remittances.
MasterCard’s official announcement about the collaboration was made public on January 18th at the World Economic Forum’s annual meeting in Davos, Switzerland. Despite this announcement, there has been no official dissemination of information on NADRA’s part.Unlike MasterCard’s press release,
Unlike MasterCard’s press release, a NADRA official talked about a tripartite agreement between NADRA, MasterCard and Faysal Bank, the later being involved to meet regulatory requirements of SBP. Sources have also raised concerns about NADRA not having the legal authorization to receive foreign remittances. The spokesperson of NADRA, Faiq Ali refused to comment on the issue in addition to the chairperson of NADRA being unavailable.
The concerns over database security are due to MasterCard’s servers being located abroad, some of them being located in countries with not so friendly relations with Pakistan. Problems such as replication of user’s data can result in addition to possible hacks on sensitive information hosted by NADRA.
Contrary to the concerns, NADRA insists that MasterCard will not have access to the secure database. The sender and receiver information would be logged onto NADRA’s website and this information will only be sent to MasterCard for verification. Hence, MasterCard will only be concerned with know your customer (kyc) requirements of global bodies while NADRA will provide end to end solutions.
