LinkAja director of operations Haryati Lawidjaja said the partnership with the ministry’s Population and Civil Registration Directorate General would enable the payment platform to corroborate clients’ information through an online platform with data registered through the government. The directorate general then provides feedback data confirming whether the clients’ information is correct.

LinkAja, established in July last year, uses citizens identity numbers (NIK) in its electronic know your customer (e-KYC) system. Prior to this cooperation, LinkAja, which has over 40 million users and 250,000 merchants nationwide, used to verify its clients' data with ID card photos.

"We hope this effort to enhance the quality and effectiveness of verification can improve users' security and convenience in carrying out digital transactions," said Haryati at the launch of the initiative on Jan. 17.

LinkAja was founded by Fintek Karya Nusantara (Finarya), a consortium of seven state-owned enterprises comprising lenders Bank Mandiri, BRI, BNI, BTN, energy giant Pertamina, insurer Asuransi Jiwasraya and telecommunications operator Telkomsel. It uses Telkomsel’s TCash infrastructure backbone for operations.

LinkAja joins more than 2,000 other institutions, including banks, insurers and cooperatives, in utilizing the government’s database. The directorate general database covers 191 million adults in Indonesia, nearly all 193 million adults across the country.

The directorate general has partnered with, among others, 392 higher education institutions, 124 banks and 65 nonbank financial institutions on similar data sharing cooperation.

"This cooperation helps the government mitigate the risks of money laundering and terrorism financing through electronic payments," the Home Ministry's director general of population and civil registration, Zudan Arif Fakrulloh, said in a statement.

According to Bank Indonesia Regulation No. 9/10/PBI/2017, under articles on customer due diligence (CDD), nonbank financial services providers such as LinkAja must identify, verify and update its customers' data to prevent money laundering and terrorism financing.

However, the cooperation between LinkAja and the directorate general was not immune to risks of data breach, according to the Institute for Policy Research and Advocacy (ELSAM) deputy director of research, Wahyudi Djafar.

A 2019 report by American telecommunications company Verizon showed that in 86 countries, out of the 2,013 data breach incidents, 927 were found in the financial industry.

Wahyudi went on to say that e-KYC was problematic because some companies used facial biometrics, data deemed sensitive, for their customer verification.

The European Union's General Data Protection Regulation (GDPR), for example, stipulates in Article 9 that a person's biometric data should be protected from misuse.

"Facial biometric data should be categorized as sensitive data," Wahyudi said. "But, unfortunately, Indonesia does not recognize it as such."

He added that the government should focus not only on technological innovations but also customer protection.

In 2018, the National Cyber and Encryption Agency (BSSN) found 232 million cyberattacks, denoting 15 percent average growth per year.

The director of data utilization and population of the directorate general, Gunawan, told reporters that to prevent data breaches or other cyberattacks, the e-KYC process would use a closed, secured network accessible only to both LinkAja and the directorate general.

LinkAja head of corporate communication Putri Dianita Ruswaldi told The Jakarta Post that the company would not disseminate data to a third party to prevent a data breach. Moreover, it had no right to store the information from the directorate general, she added. (dfr)

Popular

To my horror, it’s just a movie!

RI, Australia strengthen partnership on taxing crypto assets

Pentagon chief congratulates Prabowo on being elected President