Developing nations that are moving to digital payments, especially for the unbanked, need to keep in mind security lessons already learned in other markets, including Europe, says Steve Marshall, founder at Risk-X, a U.K.-based audit and risk assessment consulting firm.

"When you talk about payment security, the best option is to devalue the payment [platform]. If you've got data within your environment ... if it is accessible in terms of your systems and solutions, you will be a target," Marshall says in an interview with Information Security Media Group.

Marshall highlights a few common mistakes made by European digital payments firms, including:

Poor security practices in terms of data that flows across systems; The use of API-based ecommerce methods without appropriately secured systems.

"One must use point-to-point encryption or have a solution provider who gives you end-to-end encryption, and have secure voice technologies," he says.

In this interview (see audio link below image), Marshall, who was a speaker at the PCI SSC summit in Cape Town, also discusses:

The digital payments market in Europe; The lessons developing nations can learn from mistakes made by payment companies in Europe; Mobile payments trends in 2018.

Marshall, who is based in the U.K., specializes in business consulting, payments, compliance, breach clean-up, enterprise architecture validation, assurance, corporate/information security, security restructures and risk across many business verticals and markets.