The Convergence of Real-Time Payments and Continuous Identity Assurance

At the Money20/20 Asia event in Bangkok, the rapid acceleration of the digital financial ecosystem served as the central backdrop for an in-depth discussion between Olivier Sery, Global Head of Digital at Giesecke+Devrient (G+D), and Trilochan Sehgal, Southeast Asia Sales Vice President at Daon. The conversation focused heavily on the structural evolution of payments and identity, highlighting how the rise of global instant payment rails has fundamentally rewritten the rules of fraud prevention and customer experience. As transaction ecosystems scale exponentially, the traditional borders separating payment execution from identity verification have dissolved, requiring a deeply unified technical response.

Real-Time Payments Demand Real-Time Security

The global payments market has achieved unprecedented scale and velocity, with operational instant payment systems now deployed across more than 70 countries. This infrastructure supports billions of transactions on a daily basis, with individual transfers processed and settled in a split second. However, this lightning-fast transaction velocity introduces a parallel threat landscape: real-time payments inherently create a breeding ground for real-time fraud. Traditional, asynchronous security measures—such as reviewing a transaction after it has occurred or relying purely on standard login screens—are entirely inadequate in high-velocity environments where funds disappear instantly.

In response to this modern threat matrix, identity verification cannot exist as an afterthought; it must be executed in real time alongside the underlying financial movement. The industry is experiencing an intensive rise in sophisticated phishing attacks, social engineering, and credentials harvesting, which are particularly active across the Southeast Asian and ASEAN markets. To safeguard the end-to-end user lifecycle, financial institutions are shifting away from legacy security form factors like standard passwords—which have existed for 60 years—and vulnerable SMS-based One-Time Passwords (OTPs) that fraudsters can easily intercept or phish.

A Multi-Layered, Anti-Phishing Architecture

To fortify digital banking platforms against sophisticated real-time threats, Daon and G+D advocate for a continuous, multi-layered identity assurance framework. Rather than treating identity as a single checkpoint during the initial login phase, modern security architectures evaluate multiple risk dimensions silently behind the scenes during every single consumer interaction. This proactive defensive stance is built on three core technical pillars:

• Cryptographic Device Binding: Lenders are systematically moving toward advanced anti-phishing controls by cryptographically pairing a customer’s verified identity directly with their specific hardware using standards like FIDO. This mechanism ensures that even if an attacker steals account credentials, they cannot execute transactions without possession of the physically registered device.

• Real-Time Device Risk Signals: Platforms continuously extract and analyze real-time data points from consumer hardware to ensure the operating environment is completely clean and secure. The core engine actively checks for indicators of compromise, such as rooted or jailbroken operating systems, active emulators, and geographic location spoofing.

• Continuous Biometric Assurance: Biometric modalities—including face recognition, fingerprints, and voice authentication—are deployed dynamically to verify high-value or high-risk transfers in a split second. Integrating real-time biometrics provides definitive cryptographic proof of possession and intent, ensuring data integrity without disrupting transaction speed.

The Proactive Evolution of Regional Regulations

This technological migration away from legacy authentication models is heavily supported and accelerated by shifting regulatory frameworks across the Asia-Pacific region. Regulators serve a vital role in providing the structured guidelines and tracing frameworks required to scale massive digital ecosystems safely. While advanced markets like Singapore, Hong Kong, Australia, and Japan have historically stayed ahead of technology curves with proactive compliance mandates, Southeast Asian and ASEAN authorities are rapidly executing similar high-standard playbooks.

In nations like Thailand, the Philippines, and Malaysia, central banks and regulatory authorities are actively adopting international best practices to champion financial inclusion and secure citizen capital. For instance, regulators in Thailand are actively implementing digital identity platforms, standardized Know Your Customer (KYC) guidelines, and mandatory face biometric verification for high-value payment approvals. Furthermore, global data and fraud-profile sharing frameworks—reminiscent of Europe’s PSR and PSD3 initiatives—highlight a growing industry recognition that because financial fraudsters share data to optimize attacks, institutions must collaborate equally to defend their networks.

Designing the Future of Autonomous Agentic Identity

As financial infrastructure evolves across diverse rails—including traditional account-to-account transfers, card networks, stablecoins, and Central Bank Digital Currencies (CBDCs)—the concept of identity must expand to encompass future technological paradigms. Payments are naturally becoming highly transparent, embedded, and increasingly delegated to external entities. Consumers do not simply seek out the payment process itself; they seek a frictionless transaction that occurs invisibly in the background of their daily lives.

The rapid integration of Artificial Intelligence, specifically Generative AI and autonomous software agents, marks the next major frontier for the identity industry. As agentic AI engines assume a more dominant, active role in managing e-commerce workflows, interacting with digital wallets, and executing real-time financial transactions on behalf of human users, managing “agent identity” becomes an essential operational requirement.

The strategic partnership between G+D, a market leader in secure payment infrastructure, and Daon, a global pioneer in identity assurance, addresses this exact cross-section of needs. By embedding cryptographic identity layers natively within real-time payment architectures, the two companies allow institutions to deliver secure, transparent, and frictionless transactions that complete in a split second, keeping pace with current market demands while actively preparing for the future of automated, agent-driven commerce.

Key Highlights from the Discussion:

• The Velocity Challenge: Over 70 countries now run instant payment rails processing billions of split-second transactions, necessitating real-time identity tools.

• Real-Time Fraud Alignment: Real-time payment speeds trigger immediate fraud risks, rendering post-event security reviews completely obsolete.

• Dismantling Legacy Methods: The financial sector is actively replacing outdated passwords and phishable SMS OTPs with robust anti-phishing controls.

• Multi-Layered Risk Capture: Modern platforms deploy cryptographic device binding, hardware signal checks, and real-time biometrics for continuous trust.

• Proactive ASEAN Regulation: Regulators in markets like Thailand are actively mandating face biometrics for high-value transactions to ensure financial safety.

• The Rise of Agentic Identity: The identity sector is actively re-engineering its architectures to securely authenticate and manage autonomous AI agents executing transactions for humans.