24 April 2014

PCarroll

Pat Carroll - ValidSoft

69 | posts 243,929 | views 37 | comments

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.
A post relating to this item from Finextra:

ECB sets out draft mobile payments security recommendations

20 November 2013  |  5861 views  |  0
The European Central Bank has set out draft recommendations on mobile payments security, covering everything from customer authentication to data protection.

ECB moves to securing mobile payments

10 December 2013  |  2550 views  |  0

The ECB published its recommendations for the security of mobile payments last week last week. Although unrelated, this latest set of recommendations shows how Governments and Central Banks (US Federal Reserve Banks recently announced a public consultation exercise on improving the future U.S. payment system, and the newly formed Financial Conduct Authority (FCA) has also just published an interim report exploring some early findings of a review into mobile banking services) see their role in shaping the new payments landscape.

When it comes to financial services (mobile or otherwise), consumers want convenience and trust. Mobile payments can deliver a strong value proposition here so it is inevitable that such services are attracting the ECB’s attention. Mobile is clearly at the centre of a revolution that is happening. This is logical as we have an intelligent, sophisticated device that is with us 24x7, be it our smartphone or tablet, we expect to be able to control our lives through this one device, for communication, commerce, banking, work, watching films, playing games and listening to music. The attitude of consumers to banking and payments is no different, and why should it be? The mobile device is set to become the dominant device to enable a paradigm shift in traditional business models, and the device to enable new business models and experiences.

I read the paper with interest even though I was uncertain as to what conclusions I should expect. I have to admit that I was pleased to see that the ECB shows a good grasp of the challenges and opportunities at hand. As analysts predict the number of payments using mobile devices could grow by 52.7% a year to reach 17bn in 2013 (source:  World Payments Report 2012) – this is to be added to predictions of up to $670bn of global mobile payments being made by 2015 (source: Juniper Research). The ECB is right, security is a major challenge to ensure that the mobile payments sector realises its full potential – Gartner has predicted that the financial impact of cybercrime will grow 10% per year through to 2016. It’s a no brainer, as payments evolve, cyber-crime grows in size and sophistication - the correlation is clear.

The ECB recommendations point to the correct direction: Security procedures need to be integrated into the mobile payments architecture, by design, from the outset, which leads us to the $million question: “Who’s responsibility is it any way?”. As some of these transactions and capabilities can carry considerable risk, fraudsters will certainly focus their attention on the new way that we make payments and are quick to capitalise on any inherent weaknesses, be it in processes, procedures, or methods. As the payments space moves mobile we need appropriate solutions, constructed from the ground up, for this new area; the FCA is right to engage early with the FS industry on that area. Many of the mobile-based offerings available today provide little application, i.e. end-user, functionality, possibly due to weak registration processes, whilst others require onerous registration processes that are more aligned with other, traditional banking channels. The solution, as is so often the case with electronic financial services, is implementing the right security architecture and recognising the needs of the consumer in the most demanding of all channels: the consumer interface channel. Such approach needs to extend to the full lifecycle of the mobile banking app, not just the registration or enrolment function.

Criminals are very sophisticated these days, and organised crime will expose the weaknesses in the chain. It is no longer just down to the bank to bear the responsibility for securing transactions. Every step of the chain, holistically, needs to be secured, from the phone manufacturers, to the mobile network operators, the merchants, the acquirers, the payment processors, the schemes, and of course the consumers' bank. I believe that telcos could be at an advantage here. They can leverage their unique position as the mobile network operator, just as groups like ISIS in the US and in the UK, Project Oscar (the NFC consortium made up of Vodafone, O2/Telefonica, Everything Everywhere) have positioned themselves in the mobile payment space. Ultimately, they have the “last mile” in terms of the relationship with their subscriber.

Faced between the choice of catching the crooks or stopping the fraud, I am of the view that detection and prevention is of course the preferred outcome. Improving our capabilities before the fraud event, or as the event is occurring is the ultimate result. Being able to determine the difference between a fraud event and a false positive is of course the ultimate weapon in the defence against crime, and the ultimate in terms of best practice consumer protection and customer satisfaction. The key of course lies in the security architecture, built from the ground up to reflect the individual transaction needs of the new mobile payments landscape, providing the highest levels of security and privacy by combining invisible security layers, and low or no friction on the consumer side. Consumers will be quick to recognise the brand of trust that provides them with the assurance that their identity is assured, their transactions are secure and their interactions are intuitive – in short, the $billion brand of the future!

TagsSecurityMobile & online

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Pat

How do we achieve 'The Holy Grail' in contactless payments?

28 February 2014  |  1927 views  |  0  |  Recommends 0 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

Malware , the Achilles Heel of Mobile Adoption

30 January 2014  |  2195 views  |  0  |  Recommends 0 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

Customer Experience vs Strong Security: What's the Answer?

28 January 2014  |  1800 views  |  0  |  Recommends 0 TagsMobile & onlinePaymentsGroupInnovation in Financial Services

Predictions for 2014: Voice Biometrics Go Mainstream? Part 2

24 January 2014  |  2070 views  |  0  |  Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services
name

Pat Carroll

job title

Founder/Executive Chairman

company name

ValidSoft

member since

2011

location

London

Summary profile See full profile »
Throughout his career, Pat has been at the forefront of industry thinking, representing organisat...

Pat's expertise

What Pat reads
Pat writes about

Who is commenting on Pat's posts

Andrew Smith
Ketharaman Swaminathan
Nigel Beatty