I am very excited and glad to know that I'll soon be able to dive deep into the best practices in security schemes. I hope you have covered the security aspects as applicable to the payment processing industry, where the security needs are tremendous. Specifically, I would be interested in some of the following topics:
Access control: Rule based dynamic approach and role based access
Practical limitation of setting high water
How to achieve end-to-end identity management in real time (ie, from customer to the acquiring and issuing bank and back to the customer).
Effects of encryption on real-time payment processing.
Thanks and looking forward, Sudd