Support independent, student-run journalism.

Your support helps give staff members from all backgrounds the opportunity to conduct meaningful reporting on important issues at Stanford. All contributions are tax-deductible.

Afternoon session of White House Summit covers security at startups, secure payment technologies

By

Following President Obama’s remarks at the White House Summit on Cybersecurity and Consumer Protection, the afternoon portion of the Summit began with an introduction by George Triantis, Director of the Stanford Cyber Initiative.

Walgreens President Alexander Gourlay, right, talks about the secure payment technologies at his company as Mike George, CEO and President of QVC looks on. CATALINA RAMIREZ-SAENZ/The Stanford Daily
Walgreens President Alexander Gourlay, right, talks about the secure payment technologies at his company as Richard Davis, CEO of US Bank, looks on. (CATALINA RAMIREZ-SAENZ/The Stanford Daily)

The afternoon program elaborated upon the ideas and issues brought up during the morning session, including interdisciplinary approaches to cybersecurity, security initiatives in businesses and secure payment technologies.

“The threats of cybersecurity call for urgent attention and new strategies,” Triantis said. “Its vulnerabilities threaten catastrophic consequences.”

Maria Contreras-Sweet, administrator of the U.S. Small Business Administration, offered several remarks on cybersecurity in relation to small businesses. She said that small businesses face several of the same challenges as large businesses but without as many resources. For example, most small businesses do not have a fraud department. Contreras-Sweet cited potential partnerships with companies like Square to address this need for cybersecurity improvements in small businesses.

After Contreras-Sweet’s remarks, the Summit featured a final plenary panel on secure payment technologies, moderated by Deputy Secretary of the U.S. Department of the Treasury, Sarah Bloom Raskin. According to Raskin, cutting-edge technology is crucial to keeping electronic payments, financial settlements and data safe and reliable.

Dan Schulman, President and CEO of PayPal discusses his company's cybersecurity measures. CATALINA RAMIREZ-SAENZ/The Stanford Daily
Dan Schulman, President and CEO of PayPal discusses his company’s cybersecurity measures. (CATALINA RAMIREZ-SAENZ/The Stanford Daily)

“[Criminals] can [attack] at any of these stages, at any of the different processing junctures,” she said. “The opportunities for mischief are myriad…When retail payments in particular are targeted, consumers can lose confidence in the safety of their payments. Entire transaction and business models can be imperiled.”

Richard Davis, chairman and CEO of U.S. Bank, spoke about cybersecurity breaches and his prioritization of tasks necessary to address the threat of breaches to payment systems. A supporter of tokenization, the substitution of a sensitive piece of data with a non-sensitive piece of data, Davis also advocated for highly-integrated Information Sharing and Analysis Centers (ISACs).

“ISACs provide us with instant information,” Davis said. “A nanosecond after one bank gets hit, US Bank knows it can get hit by the same thing.”

Charles Scharf, CEO of Visa, also discussed his company’s new tokenization strategies in obfuscating customers’ identifying information as it is sent to firms.

Dan Schulman, President and CEO of PayPal, discussed the company’s commitment to allowing customers to make payments without sharing any sensitive information. This is done through security measures like tokenization, multistep authentication, biometrics and, increasingly, risk and data analysis.

Aaron Levie, CEO and co-founder of Box, discusses Box's business strategy in relation to cybersecurity. CATALINA RAMIREZ-SAENZ/The Stanford Daily
Aaron Levie, CEO and co-founder of Box, discusses Box’s business strategy in relation to cybersecurity. (CATALINA RAMIREZ-SAENZ/The Stanford Daily)

“The way people typically break through is not through the PayPal system,” he said. “Somewhere between 500 million and a billion identities were compromised last year. So people come into your system with real credentials. They’re your credentials, just stolen… We can then do sophisticated algorithms that can see if you’ve been compromised or not based on your behavior.”

CEO and President of QVC Mike George emphasized specialized training for ecommerce developers and cited the usefulness of the Obama Administration’s cybersecurity framework in managing security at his company.

“We’ve embraced the framework that the administration has championed, George said. “It’s very powerful in looking at the end-to-end risk profile for your company.”

Alexander Gourlay, president of Walgreens, spoke about Walgreens’ Chip and PIN payment system, which requires both a smart card with an embedded microchip and a PIN supplied by the customer.

“We’ve also worked with Apple Pay,” Gourlay said. “Transactions have gone up fourfold. We are really excited about that technology.”

Next, the program featured an informal discussion about startups that use cybersecurity innovations to differentiate their business from others.

“It’s no longer sensible to providers and security services as separate entities,” said John Holdren, Director of the White House Office of Science and Technology Policy. “They need to be integrated from the beginning. That’s truly the case with the cloud.”

Aaron Levi, CEO and co-founder of Box, discussed the importance of making security a part of the product that customers use.

“We’re no longer just an application provider that hands over software to the consumer and assume that they are going to keep their data secure,” he said.

Co-founder of the startup CloudFlare, Michelle Zatlyn, speaks during a discussion in the afternoon session of the White House Cybersecurity Summit. CATALINA RAMIREZ-SAENZ/The Stanford Daily
Co-founder of the startup CloudFlare, Michelle Zatlyn, speaks during a discussion in the afternoon session of the White House Cybersecurity Summit. (CATALINA RAMIREZ-SAENZ/The Stanford Daily)

The afternoon session concluded with some remarks from John Mitchell, professor of computer science and vice provost for online learning. Mitchell noted how the conversation on cybersecurity has evolved over the last two decades, from basic encryption and choosing good passwords to more complex ideas like tokenization and secure payment options.

He expressed gratitude to the White House and President Obama for deciding to host the Summit in the first place.

“He’s brought attention to important topics that have been close to our heart for many decades,” Mitchell said.


Contact Victor Xu at vxu ‘at’ stanford.edu.

Victor Xu '17 is an editor and graphics designer. An economics major, he hails from Carmel, IN. He is interested in international development and Kanye West. To contact Victor, email him at vxu ‘at’ stanford.edu.