With a deeply penetrated network of ATMs and cash distribution services across India at over 150,000 business commerce points, CMS Info Systems runs India’s omnipresent ATMs across nearly 97% districts.
Committed to increasing the velocity of cash in the economy, they also offer other cash management services such as banking automation, card personalization, IoT monitoring solutions, as well as security and analytics to their clients, making them the number one cash management company in the country, leaving their competition in the dust.
CMS’ success is a testimony to its business model and the robust technology backing its operations. This is courtesy the technological infrastructure, helmed by Pushkal Tenjerla, a tech leader whose palpable passion for cybersecurity and secure operations has him leading the charge for CMS’ ironclad cash management systems.
In this chat with Foundry, he talks about how technology is crucial to CMS’ operations, their investment in emerging technology, and how he sustains his zeal for this domain.
How widespread and well connected is CMS’ technological infrastructure to manage its vast and complex business?
With over 15,000 employees across the country conducting all cash-related operations at the ground level, our mobile app infrastructure is strong, feature rich, and designed in-house by CMS. We have ensured our technology is scalable and performance driven by adopting cloud technology.
We have taken extensive measures to ensure app security, like having our own built-in certificates, and multi-factor authentication. We register our employees with us post a thorough background verification, and perform audits on every transaction, cutting down fraudulent transactions.
Businesses may have daily or weekly pickups, with transaction-rich stores like DMart demanding several pickups a day. As soon as we pick it up, it is akin to the cash having been deposited in the bank for our customer.
What are the data and cybersecurity challenges that plague a cash management services company?
The challenges are operational for us – we receive encrypted customer data and cannot risk leaking information around cash routes, client information, or the amount of cash being moved or stored. For instance, we design and print debit cards in our high-security facility, where even I am not permitted as CISO without special clearance.
We use the latest tech in data security, and encryption standards. We conduct all the SIM (Security Information Management) and intrusion detection ourselves. We keep an eye out for insider threats and have a strong incident response.
I endeavour to have network access endpoint solution for all the devices. Given the complex infrastructure, it is currently unfeasible, but in the pipeline. The aim is to be able to ‘see’ every device on the network right up until the end stage.
CMS’ motto is ‘Combining scale with process discipline.’ What technologies go into creating and maintaining a system adhering to this motto?
We have a well-designed system that captures the banks’ requirements to keep the cash loaded and replenished. We follow stringent SLAs and plan our operations and routes in a way that the cash reserves do not fall below optimum levels.
We maintain our ATMs so that repairs are never delayed, and cash outs are prevented. While cash refill is a scheduled activity, we also intuitively keep track of cash levels. For instance, during festival season like Eid or Diwali, ATMs are replenished several times a day since these are periods of heavy purchase activity.
Tell us about how you are using AI in your business, and particularly about Algo, the world’s first AI-automated ATM security software application implemented by CMS?
We are using AI for both surveillance and ATM security. During untoward incidents like riots or vandalism, analytics can be used to catch the culprits.
We have pioneering work happening in the remote surveillance space with AI running on the cameras and captured footage. The ATM machines are equipped with sensors which can detect tampering; thus, we are alerted of such crimes in near-real-time and can inform the police immediately. In fact, we can identify the vandal even with a mask or helmet on.
Algo is a software programmed into the electronic lock that protects the ATM vault. It cannot be intercepted or predicted and generates a dynamic key only when the lock is to be opened. Atop it all, it is guarded by a physical lock.
To open the lock, the employee should be present in real time, and have the face recognition software attest him, obtain the instant-generated key as well as have the physical key.
As the CIO, and CISO at CMS, what are some significant challenges that you have faced during your tenure, and how did you solve them?
One of the challenges I faced as a tech leader is that of acute skill shortage. We typically depend on vendors to provide us with our talent. While they offer competent solutions, the greater challenge remains hiring talent with the right skill set. We conduct our own in-house trainings, particularly engaging in AI training and educating employees on current trends.
Regardless of the business we are in, a technical person should be able to grasp the domain quickly. Get your hands dirty. Talk to the people at the ground level, build relationships and understand their pain points. Skills are not gained overnight unless you invest in learning and gather how that skill applies to your industry and its operations.
As a CISO, what are some technological tenets that you follow, so that CMS remains a pioneer in the cash management space?
All our devices and applications are monitored 24×7. I oversee threat detection, monitoring, our SOC (security operation centre) and am vigilant about it running seamlessly. During untoward incidents, our response is agile and immediate, and we have the right SOPs in place to respond to them. Additionally, we are constantly evolving – experimenting with new products to find the best fit for us.
We are the number one cash management service in India, with the next-in-line competitor far behind us. We have earned our success by building lasting relationships, offering a variety of services, and most importantly, by providing trust to the customer with the backbone of technology. When our sales teams pitch to potential clients, our biggest selling point is the technological solutions we offer to keep their money safe.
How do you sustain this passion after so many years in the business?
I have completed 3 decades in the industry. I started fresh out of college, a desktop engineer with barely there coding skills. Gradually, by learning coding and other skills, I moved into network engineering and catapulted from there into the management layer.
I consider myself a CIO by profession and a CISO by passion. When we practise ethical hacking, if all protections fail, you hit the application layer, but the rogue characters need to bypass numerous layers to get there, including myself. I call it my passion because I consider myself a part of my protection systems.