Blog article
See all stories »

Trust is the key!

NFC contactless payments, and P2P mobile payments are fast gaining momentum in the payments world. Banks, retailers, network operators, amongst others are all rushing for land grab, rolling out new NFC-enabled cards, mobile wallets and mobile phones for us to use in our daily lives. It’s fantastic that we are embracing this technology, and I truly believe that in particular, mobile payments, is the future, however, the rush to get a slice of the market has led to compromised security as reported in recent news sources.

Fox News recently highlighted that fraudsters have yet again evolved with technology and found ever clever ways to steal our personal details. They’ve created a discrete device, similar to the technology used for retail terminals, that simply suck outs the information from your bank card in a single swipe. They don’t even need to see your card to be able to do this – they can extract all the information they need through your bag or clothes and, shockingly, start spending your money since, as reported, some online merchants do not require the CCV code.

Clearly, contactless payments and P2P mobile payments are in an evolutionary technology stage, and the primary focus for card makers, mobile phone developers and retailers is to focus on functionality, sometimes at the expense of security.

Security solutions need to work on the premise that fraudsters will continue to outsmart technology, infiltrate our systems and devices, and steal our credentials. The eco-system is so complex that it is virtually impossible to stop them but the technology exists to stop them from benefiting from using that data.

Using a multi-factor and multi-layer authentication approach that incorporates visible and invisible layers, creates a very complex security model that makes it extremely difficult for a fraudster to compromise the customer, yet maintains a very user friendly experience. As I’ve discussed in previous blogs, four factors are needed to sufficiently secure transactions, namely something you know (a PIN or password), something you have (a phone), something they you (for example your voice), and somewhere you are / are not (jurisdiction authentication based on proximity analysis).  However, we can take the security model even further by applying a 5th Factor, the trust factor.

The trust factor is a protected channel, created in real-time, that exists for the duration of the transaction only, and like the other factors, is an invisible layer of security that ensures that data transmitted is protected to the highest level of encryption standards. These invisible layers can be blended together, dynamically, relative to the perceived risk of any transaction, to ensure that transactions are adequately secure but, at the same time, don’t burden the user with overly complicated security procedures, making customer experience a pleasant one.

4038

Comments: (0)

Pat Carroll

Pat Carroll

Founder/Executive Chairman

ValidSoft

Member since

17 Mar 2011

Location

London

Blog posts

79

Comments

40

More from Pat

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.


See all