The financial services ecosystem has evolved tremendously over the past few years driven by a surge in the adoption of digital payments. This raises the question of where digital payment technologies will take us in the future, and how will this affect consumers?
In the latest episode of Thales Security Sessions podcast, I was asked by Neira Jones to join Simon Keates, Head of Strategy and Payment Security at Thales and share my thoughts about the major security and organizational challenges retailers and other financial services organizations are facing.
Pandemic has changed us all
It is important to understand the impact the pandemic had on consumer habits. Not just in terms of digital payments but in every aspect of our life. People’s behaviour also changed – some now prefer not to transact in cash or limit their face-to-face contact with other people. Inevitably this changed behavior led to an incredible acceleration to adopt different forms of digital payments. Our data shows us that in the first quarter of 2020, there was a larger shift to digital payment forms in 10 weeks than we had seen in the preceding five years. And not all of this behavioural change is temporary. According to research we carried our earlier this year roughly 20-30% of the Covid-related shift to digital globally is expected to be permanent and will stay well beyond the pandemic.
What are the major challenges?
The biggest challenge for both retailers and financial organizations was the rapidness of that change. It has been really difficult to keep up with the changing processes, because you have to adopt the right procedures and embed the right rigor and have the appropriate technology in place. Without it, it’s close to impossible for an organization to act securely and in accordance with rules and regulations.
Retailers have had to adapt quickly to new methods of digital payments to satisfy customer needs, but at the same time secure all these new online transactions. Engaging online with their customers was success defining not only from a security and safety perspective but also in terms of survival of the company.
Security is paramount; digital payments are not only authorized but they must be authenticated as well. From a regulatory perspective, strong customer authentication, using two or more factors, for online payments is in place across the EU and is being increasingly adopted around the globe.
The need for security in digital payments is essential for everyone transacting online:
- Consumers need to be confident that their sensitive data is protected
- Retailers need to provide a seamless journey without introducing too much friction while balancing risk
- Financial organizations must secure and process valid transactions, while being able to identify and reject fraudulent ones
Advice for secure digital payments
Retailers and financial organizations need to understand what controls and mitigations they have to put in place to secure their customers’ transactions. Even though credit card sensitive data is encrypted and tokenized in every digital transaction, what happens when a customer moves out of the “trusted environment”? What happens when a customer is “phished” to perform a bank transfer or provide their bank account details to complete a transaction?
As online consumers and available digital payment methods increase, cyber criminals become more innovative and active. The problem gets bigger during peak online sales periods, such as Black Friday, Cyber Monday and the upcoming Christmas period.
Consumers need to be informed and well protected. There are a number of ways consumers can protect themselves:
- Ensure you use strong passwords and they are regularly changed
- Transact with trusted and reputable retailers
- Use familiar and trusted payment methods
- Take a breath (or two) before doing anything. Stop. Think. Shop online safely
One thing is certain. The pandemic has changed our shopping habits permanently and increased the variety of digital payment methods we have available. Unfortunately, it also altered the way cyber criminals think and act to lure their victims and exploit their sensitive data.
If you want to learn more about this hot topic, listen to the podcast on the Thales Security Sessions site.