9 minute read
New Ways to Pay, New Security Approaches
By Paul Fabara
As we begin a new decade, it seems fitting to reflect on changes our world has seen over the past 10 years. From how we consume media and the ubiquity of the smartphone, to the proliferating volume of data, offering opportunities for more personalized and seamless consumer experiences.
In Canada, the modernization of payments has already begun with the launch of Lynx, enhancements to retail batch payments and the development of a delivery plan for Real-Time Rail. But every change brings risks. And for payments they are the scale and frequency of cyber threats and breaches.
We have seen significant advances in risk scoring for fraud prevention, encryption and industry specifications for securing new ways to pay to help protect the billions of transactions made by consumers. As we look to the next decade, the continued expansion of digital payments around the world will continue to present challenges and opportunities.
Here are five predictions to keep in mind as we enter the next decade.
1Data breaches will force adoption of smarter and more dynamic security. Headline-grabbing data breaches seem to be never ending. The best defence is to assume your organization is a target and take proactive steps to defend against falling victim or enabling the use of stolen data in your systems.
I believe we will see significant growth in adoption of payment tokens and the updated EMV® 3-D Secure specification globally. Payment tokens help make transactions safer by eliminating the transfer of actual payment data for eCommerce and mobile payments and can deliver a seamless yet secure digital payment experience. The updated 3-D Secure specification enables real-time exchange of 10 times more contextual data between merchants and financial institutions (FIs) to improve decisionmaking so both parties can better manage fraud in digital channels while optimizing sales.
2More merchants and FIs will use digital identities. Traditional approaches to online payment like manually entering static passwords and payment credentials for every purchase offer incremental security for digital channels. Fortunately, digital identities make payments faster, easier and more secure when using computers, mobile devices, apps, wearables and future Internet of Things (IoT) devices. As fraud threats persist, digital identities can end the use of passwords, so consumers can shift to more secure methods of authentication such as face, fingerprint or voice recognition. European consumers will begin to experience Strong Customer Authentication (SCA), the European Union requirements for multiple layers of consumer verification for digital transactions. As many thousands of FIs and merchants meet these requirements in Europe, global companies may look to extend the most innovative authentication solutions to other markets.
Consumers globally are demanding greater speed so merchants and FIs will have to respond with faster and safer ways to pay. This is one reason why Visa is exploring payment innovations ranging from biometric payment authentication and wearables to new mobile applications like digitally issued cards at the Tokyo 2020 Olympics and Paralympics Games.
3Real-Time Payments (RTP) will require a new approach to fraud prevention. Consumer expectations of speed and convenience have extended to business to business (B2B) payments and disrupted wire transfers and check payments with instant payments. However, speed and convenience cannot come at the expense of security. As payment volumes grow among RTP networks and peer-to-peer (P2P) applications, the seen (account takeover and phishing) and unforeseen vulnerabilities in the systems will have to be addressed as quickly, if not quicker than, the payments themselves. RTP providers and FIs will need to think differently and will likely collaborate with trusted partners in payment security to address the challenge.
4AI will be used in the battle between good and evil. Akin to the democratization of computing power through personal computers, the growing use of artificial intelligence (AI) will continue to fuel new products and services in payments and have a significant impact on society. But AI will also introduce tremendous challenges due to its potential use by threat actors. History shows that good intentions can be manipulated by nefarious individuals and groups. For example, the Internet splintered to become the surface web, dark web and deep web and social media is being used beyond its original intent to simply connect friends and family. The challenge of AI next year and beyond will require a collective effort across industries to limit the darker side of the technology to ensure it is used to deliver opportunities and improvements to society.
5Users will continue to be the weakest links. Humans are often the weakest link and technology has been trying to solve for it for a long time — from spell check in word processors and email applications- — to automatic braking in some of today’s cars. Advancements in payment security will continue to help drive down fraud as EMV® chip did for counterfeit fraud, but technology can only do so much as it still needs to be implemented by people and people make mistakes.
More importantly, social engineering continues to evolve as it preys on the unsuspecting or those with their guard down. All it takes is one person to fall prey to put an entire organization or network at risk. Social engineering will continue because it works. We need to empower users with education and tools since they are often the first line of defence.
People, businesses, and institutions thrive when barriers to progress are low, and trust is high. Preserving that trust requires driving innovation and choice and redoubling our commitment to security. There has never been a better time to help lead and drive change in payment security which can be a catalyst for growth. By drawing on the lessons from past years, we can both address future challenges and capitalize on the opportunities stemming from our increasingly digitized society.
Why Connected Banking is the Future
By
Raju Vegesna
In 1994, in the heyday of Microsoft Windows PC, Bill Gates bragged that “banks are dinosaurs…we can bypass them”. With digital money increasingly found inside the smartphones of today’s consumer, it seems his 26-year-old prediction came true. Cash and traditional bank deposits are now competing with Big Tech “e-money” from the likes of Apple, Amazon and Facebook.
While customers are embracing FinTech solutions for their convenience and ease of use, traditional banks are building their own digital strategies and leveraging traditional in-person touchpoints at branch offices. Big Tech’s strategy is to instead seize customer relationships within their online, mobile platforms and offer a seamless on-the-go financial service experience.
As Bill Gates surmised, Big Tech would indeed challenge big banks. Despite Apple, Amazon and Facebook’s entry into financial services, let’s explore why “connected banks” are still likely to lead the digital economy of the future.
Legacy and trust Unlike Big Tech, traditional banks have existing relationships with customers that span years, if not decades. Through these long-lasting financial relationships customers develop trust with their respective banks.
Within this traditional model, banks introduce other banking products to customers that provide stickiness for all their financial needs. Subsequently, customers are unlikely to leave their banks and take their financial services elsewhere.
Now let’s compare the same customer’s relationship with Big Tech: an industry fraught with privacy issues and breaches of trust. Do people really want to give Facebook access to their financial data? I think not.
Given the speed at which this industry is moving, most banks simply do not have the money and time to create sophisticated digital platforms from scratch. The ideal scenario is merging the technology of Big Tech within the platforms of big banks. But banks are more likely to embrace technology from FinTech vendors that easily integrate into their own digital banking platforms: which may not necessarily be from Big Tech companies. New digital services should be built by FinTech vendors that understand banks’ legacy systems. By adding new technology within the constraints of specific banking platforms, these suppliers can add their expertise to existing
digital banking ecosystems.
Acquisitions and upsells Banks are known to do “banking things” well, such as issuing large loans, risk intermediation and liquidity transformation. What they are not known for is innovation and, let’s face it, providing superior customer service. It is no wonder that most of the connected banking solutions occur through acquisitions, rather than being built internally. Banks understand that the expectations of the modern banking customer are changing. Banks also recognize that they might not have the skills to meet these changing needs.
Acquisitions of FinTech start-ups allow banks to move into ecosystems beyond their traditional core of product and services. They can tap into their existing client base and operation capabilities to strengthen engagement in mobile payments and capture necessary data to provide a complete view of customers’ mobile financial and payment needs. In this scenario, banks can offer a curated and compliance vetted mix of
traditional and third-party products and services. Aggregating all financial products through acquisitions provides customers with a one-stop solution for financial needs through a single, integrated channel from their trusted financial provider.
Compliance and regulation Regulation and compliance dominate the banking industry. It is no wonder why consumers go to their neighbourhood bank for mortgages, auto finance, credit cards and lines of credit. While Big Tech is excellent in recognizing consumer pain points and providing quick solutions, banks guarantee stability.
Lest we forget the underlying reasons why Big Tech is pursuing entry into financial services. It is all part of their broader plan to touch more parts of their customers’ lives and businesses without relying on external vendors. In a “perfect Apple world”, iPhones are also Apple bank cards without any involvement of traditional banks.
As FinTech companies, Big Techs like Apple, Amazon and Facebook are unproven. Banks have a legacy of trust and consistency, especially when it comes to financial transactions through cash, credit and electronic payments.
Financial services of the future There is no doubt about the disruption facing the global financial and payment processing industries across the globe. Cryptocurrency, no-fee credit cards and new end-to-end payment processing are being introduced by Big Tech giants like Facebook, Apple and PayPal.
The race to capture the digital wallet has energized innovation in the payments industry. The quest to offer better customer service for mobile financial services will determine success in all payment, transaction and card-based operations around the globe.
Suffice to say, big banks are here to stay. Their legacy of trust, history of regulation/ compliance and strategic acquisitions will forever give them a strategic advantage over Big Tech in the global financial services industry.
