In the New Year marking a new decade, it is fitting to reflect on changes our world has seen, and consider the security challenges that lie ahead in digital payments.
As we mark the beginning of a new decade, it seems fitting to reflect on changes our world has seen – from how we consume media and the ubiquity of the smartphone, to the proliferating volume of data, offering opportunities for more personalized and seamless consumer experiences – but also presenting challenges around the scale and frequency of cyberthreats and breaches.
We have seen significant advances in risk scoring for fraud prevention, encryption, and industry specifications for securing new ways to pay to help protect the billions of transactions made by consumers.
In the New Year, the continued expansion of digital payments around the world will continue to present challenges and opportunities. Here are five predictions to keep in mind as we enter the next decade.
Data breaches will force adoption of smarter and more dynamic security to protect data and manage fraud
Headline-grabbing data breaches seem to be never ending. The best defense is to assume your organization is a target and take proactive steps to defend against falling victim or enabling the use of stolen data in your systems.
I believe we will see significant growth in adoption of payment tokens and the updated EMV 3-D Secure specification globally. Payment tokens help make transactions safer by eliminating the transfer of actual payment data for e-commerce and mobile payments, and can deliver a seamless yet secure digital payment experience.
The updated 3-D Secure specification enables real-time exchange of 10 times more contextual data between merchants and financial institutions (FI’s) to improve decision-making so both parties can better manage fraud in digital channels while optimizing sales.
Merchants and FI’s will use digital identities to deliver a better customer experience to maximize sales
Traditional approaches to online payment like manually entering static passwords and payment credentials for every purchase offer incremental security for digital channels.
Fortunately, digital identities make payments faster, easier and more secure when using computers, mobile devices, apps, wearables and future IoT devices. As fraud threats persist, digital identities can end the use of passwords so consumers can shift to more secure methods of authentication such as face, fingerprint or voice recognition.
European consumers will begin to experience Strong Customer Authentication (SCA), European Union requirements for multiple layers of consumer verification for digital transactions. As many thousands of financial institutions and merchants meet these requirements in Europe, global companies may look to extend the most innovative authentication solutions to other markets.
Consumers globally are demanding greater speed so merchants and FIs will have to respond with faster and safer ways to pay. This is one reason why Visa is exploring payment innovations ranging from biometric payment authentication and wearables to new mobile applications like digitally issued cards at the Tokyo 2020 Olympics and Paralympics Games.
Real-Time Payments (RTP) will require a new approach to fraud prevention
Consumer expectations of speed and convenience have extended to business to business payments and disrupted wire transfers and check payments with instant payments. However, speed and convenience cannot come at the expense of security.
As payment volumes grow among RTP networks and peer-to-peer (P2P) applications, the seen and unforeseen vulnerabilities in the systems will have to be addressed as quickly, if not quicker than, the payments themselves. RTP providers and FI’s will need to think differently and will likely collaborate with trusted partners in payment security to address the challenge.
AI will be used in the battle between good and evil
Akin to the democratization of computing power through personal computers, the growing use of AI will continue to fuel new products and services in payments and have a significant impact on society.
But AI will also introduce tremendous challenges due to its potential use by threat actors. History shows that good intentions can be manipulated by nefarious individuals and groups. For example, the Internet splintered to become the surface web, dark web and deep web; and social media is being used beyond its original intent to simply connect friends and family.
The challenge of AI this year and beyond will require a collective effort across industries to limit the darker side of the technology to ensure it is used to deliver opportunities and improvements to society.
Users will continue to be the weakest link
Humans are often the weakest link and technology has been trying to solve for it for a long time – from spell check in word processors and email applications to automatic braking in some of today’s cars.
Advancements in payment security will continue to help drive down fraud as EMV chip did for counterfeit fraud but technology can only do so much as it still needs to be implemented by people and people make mistakes. More importantly, social engineering continues to evolve as it preys on the unsuspecting or those with their guard down.
All it takes is one person to fall prey to put an entire organization or network at risk. Social engineering will continue because it works. We need to empower users with education and tools since they are often the first line of defense.
People, businesses, and institutions thrive when barriers to progress are low, and trust is high. Preserving that trust requires driving innovation and choice, and redoubling our commitment to security. There has never been a better time to help lead and drive change in payment security which can be a catalyst for growth. By drawing on the lessons from past years, we can both address future challenges and capitalize on the opportunities stemming from our increasingly digitized society.