Protecting payments without sacrificing convenience
What happens when fraud protection adds more friction to the payments process or convenience trumps security? EMV has moved the needle the wrong way when it comes to the customer experience. Additionally, mobile device users are more willing to give up personal data that puts them at higher risk.
We also know there’s a conflict in stated versus observed behavior when it comes to consumers. People want their financial transactions to be secure but they also want convenient, seamless experiences. There doesn’t need to be a compromise.
Easing EMV pain
The U.S. is now the largest issuer of EMV cards in the world, so it isn’t going away anytime soon. The good news is that the early pain points are being addressed.
One of the biggest complaints following the implementation of EMV is the increased length of time the cards take during check-out. Many merchants bypass the chip technology and allow customers to swipe because the perception is that it is faster and more convenient. That defeats the entire purpose of EMV.
Recently Master Card and Visa both announced they are releasing technology that will speed EMV processing time at the point of sale. Consumers will be able to insert their chip cards and remove them instead of leaving them in the reader as they do now. The software updates will be installed on merchants’ terminals at no cost and work with current chip card functionality.
This is a win-win situation for merchants and customers who want quick check-out times without sacrificing security.
Additionally, Discover announced that it will be transitioning its chip-and-signature credit cards to chip-and-PIN to ensure greater security. Discover chairman and CEO David Nelms believes having different requirements for debit and credit cards actually creates confusion among consumers and sees the migration to chip-and-PIN as the next logical step in the EMV transition in the U.S. Especially since this is the global standard.
I’ll give you my data “just this one-time”
At a recent payments conference, an enterprise fraud management expert from Bank of America suggested that growth in the amount of static data available is responsible for the increase in fraud, not digital payments.
Consumers want security but are willing to share data more readily on their mobile devices than on their PC, simply because it is convenient. This puts them at risk when they are downloading apps and conducting various transactions.
If the data is driving fraud, why not take away its value?
Point-to Point Encryption protects data in motion, meaning if a fraudster attempts to breach a system nothing is available. Tokenization replaces card numbers with a string of meaningless letters and numbers, rendering stored card data useless. If fraudsters never gain access to data, they are stopped at the source.
If they are successful, the longer a fraudster has data the more valuable it becomes. When a breach occurs there should be a conduit between the bank and the data holder so they can identify known customers and protect them immediately. The same is true during account onboarding—there needs to be a way to signal when data may have been exposed. Additional methods of authentication can then be employed to ensure the account isn’t fraudulent.
The wave of the future
Fraud is going to happen, but it can be slowed and consumers can be protected without sacrificing convenience. The next wave of biometrics, behavioral analysis, and device recognition is coming.
That’s a good thing as U.S. banks prepare for same-day settlement of automated clearing house transactions, set to happen in September. The prospect of faster payments is exciting, but it also means fraudsters will have a new window of opportunity.