New guide shows mobile security advantages over traditional payment methods
Advancements in mobile payment security technology are curbing risks and improving consumer trust beyond levels traditionally associated with plastic payment cards, according to new research from global IT association ISACA.
A complimentary guide released today, “Is Mobile the Winner in Payment Security?,” outlines several advantages of mobile payments relative to physical and e-commerce transactions. Tokenization, device-specific cryptograms and two-factor authentication are described as key improvements positioning mobile payments appeal to both consumers and vendors.
ISACA’s “Is Mobile the Winner in Payment Security?”is a free download atwww.isaca.org/mobile-payments.
“Mobile payments, with embedded, improved and transparent security controls, are a great example of how security can act as a business enabler, contributing to the creation of end-user trust,” said Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, who is ISACA Board chair and group director of information security for INTRALOT.
Some of the mechanisms empowering advancements in mobile payment technology include:
- Tokenization. Secure mobile payment applications—or mobile wallets—do not transmit a card’s primary account number (PAN), instead sending a randomly generated token to the point of sale (POS) terminal and payment network. This token safeguards the consumer’s data while in transit. “Tokenization is the security solution that is pushing mobile payments ahead of card payments in consumer sensitive financial information protection in the continuous race to stay ahead of hackers and other threats,” according to the ISACA guide. The tokens can be configured to only work for transactions that match specific criteria for an exact period of time, specific retailer and certain monetary amount. Only the issuing bank and authorized entities can securely map tokens back to the original payment card data.
- Device-specific cryptograms. The cryptogram ensures that the payment originated from the card-holder’s device. If a hacker obtains mobile payment transaction data, the cryptogram that is sent to the POS terminal with the token is unable to be used on another mobile device. This helps render any stolen data unforgeable and useless.
- Two-factor authentication. This provides an additional layer to guard against mobile payment fraud by utilizing two independent mechanisms for authentication. Among the common credentials used are something the user knows (such as a password), something physical that the user has (such as a payment card or phone) and a biometric such as a fingerprint, voice print or facial recognition.
If a mobile device containing a mobile wallet is lost, the mobile device can be remotely erased. And since the consumer’s payment card information is not on the mobile device, the payment cards do not need to be replaced.
Like consumers, merchants stand to benefit from mobile payments in many instances. “A key benefit for merchants is that enhanced security should lower fraud and thereby lower costs,” according to the guide. The report also notes that integrating mobile payments into a merchant’s business creates opportunities for more robust customer loyalty programs and allows for purchases in circumstances when customers do not have access to their physical payment card.
The security advantages of mobile payments may surprise the public as well as security experts who perceive mobile payments as risky. ISACA’s 2015 Mobile Payment Security Study shows that only 23 percent of IT and cybersecurity professionals said they believe mobile payments keep personal information safe. Still, the global number of mobile payment users is expected to reach 1.09 billion by 2019, according to Ovum, up from 44.55 million in 2014.
While modern mobile payment methods offer many benefits, the guide also notes some potential vulnerabilities, including during the one-time enrollment when users register a payment card in the mobile wallet application. Mobile wallet providers use methods such as sending payment card data and a device’s geographical coordinates to issuing banks, and any discrepancies can result in a call seeking additional verification.
The guide encourages vendors that adopt mobile payment options to regularly re-evaluate risk control measures to ensure any new scenarios that could emerge are sufficiently addressed.
Sunak to use budget to expand apprenticeships in England
LONDON (Reuters) – British finance minister Rishi Sunak will announce more funding for apprenticeships in England when he unveils his budget next week, the government said on Friday.
Employers taking part in the Apprenticeship Initiative Scheme will from April 1 receive 3,000 pounds ($4,179) for each apprentice hired, regardless of age – an increase on current grants of between 1,500 and 2,000 pounds depending on age.
The scheme will extended by six months until the end of September, the finance ministry said.
Sunak will also announce an extra 126 million pounds for traineeships for up to 43,000 placements.
Sunak’s March 3 budget will likely include a new round of spending to prop up the economy during what he hopes will be the last phase of lockdown, but he will also probably signal tax rises ahead to plug the huge hole in the public finances.
Sunak is also expected to announce a “flexi-job” apprenticeship scheme, whereby apprentices can join an agency and work for multiple employers in one sector, the finance ministry said.
“We know there’s more to do and it’s vital this continues throughout the next stage of our recovery, which is why I’m boosting support for these programmes, helping jobseekers and employers alike,” Sunak said in a statement.
(Reporting by Andy Bruce, editing by David Milliken)
UK seeks G7 consensus on digital competition after Facebook blackout
LONDON (Reuters) – Britain is seeking to build a consensus among G7 nations on how to stop large technology companies exploiting their dominance, warning that there can be no repeat of Facebook’s one-week media blackout in Australia.
Facebook’s row with the Australian government over payment for local news, although now resolved, has increased international focus on the power wielded by tech corporations.
“We will hold these companies to account and bridge the gap between what they say they do and what happens in practice,” Britain’s digital minister Oliver Dowden said on Friday.
“We will prevent these firms from exploiting their dominance to the detriment of people and the businesses that rely on them.”
Dowden said recent events had strengthened his view that digital markets did not currently function properly.
He spoke after a meeting with Facebook’s Vice-President for Global Affairs, Nick Clegg, a former British deputy prime minister.
“I put these concerns to Facebook and set out our interest in levelling the playing field to enable proper commercial relationships to be formed. We must avoid such nuclear options being taken again,” Dowden said in a statement.
Facebook said in a statement that the call had been constructive, and that it had already struck commercial deals with most major publishers in Britain.
“Nick strongly agreed with the Secretary of Stateâ€™s (Dowden’s) assertion that the governmentâ€™s general preference is for companies to enter freely into proper commercial relationships with each other,” a Facebook spokesman said.
Britain will host a meeting of G7 leaders in June.
It is seeking to build consensus there for coordinated action toward “promoting competitive, innovative digital markets while protecting the free speech and journalism that underpin our democracy and precious liberties,” Dowden said.
The G7 comprises the United States, Japan, Britain, Germany, France, Italy and Canada, but Australia has also been invited.
Britain is working on a new competition regime aimed at giving consumers more control over their data, and introducing legislation that could regulate social media platforms to prevent the spread of illegal or extremist content and bullying.
(Reporting by William James; Editing by Gareth Jones and John Stonestreet)
Britain to offer fast-track visas to bolster fintechs after Brexit
By Huw Jones
LONDON (Reuters) – Britain said on Friday it would offer a fast-track visa scheme for jobs at high-growth companies after a government-backed review warned that financial technology firms will struggle with Brexit and tougher competition for global talent.
Finance minister Rishi Sunak said that now Britain has left the European Union, it wants to make sure its immigration system helps businesses attract the best hires.
“This new fast-track scale-up stream will make it easier for fintech firms to recruit innovators and job creators, who will help them grow,” Sunak said in a statement.
Over 40% of fintech staff in Britain come from overseas, and the new visa scheme, open to migrants with job offers at high-growth firms that are scaling up, will start in March 2022.
Brexit cut fintechs’ access to the EU single market and made it far harder to employ staff from the bloc, leaving Britain less attractive for the industry.
The review published on Friday and headed by Ron Kalifa, former CEO of payments fintech Worldpay, set out a “strategy and delivery model” that also includes a new 1 billion pound ($1.39 billion) start-up fund.
“It’s about underpinning financial services and our place in the world, and bringing innovation into mainstream banking,” Kalifa told Reuters.
Britain has a 10% share of the global fintech market, generating 11 billion pounds ($15.6 billion) in revenue.
The review said Brexit, heavy investment in fintech by Australia, Canada and Singapore, and the need to be nimbler as COVID-19 accelerates digitalisation of finance, all mean the sector’s future in Britain is not assured.
It also recommends more flexible listing rules for fintechs to catch up with New York.
“We recognise the need to make the UK attractive a more attractive location for IPOs,” said Britain’s financial services minister John Glen, adding that a separate review on listings rules would be published shortly.
“Those findings, along with Ron’s report today, should provide an excellent evidence base for further reform.”
Britain pioneered “sandboxes” to allow fintechs to test products on real consumers under supervision, and the review says regulators should move to the next stage and set up “scale-boxes” to help fintechs navigate red tape to grow.
“It’s a question of knowing who to call when there’s a problem,” said Kay Swinburne, vice chair of financial services at consultants KPMG and a contributor to the review.
A UK fintech wanting to serve EU clients would have to open a hub in the bloc, an expensive undertaking for a start-up.
“Leaving the EU and access to the single market going away is a big deal, so the UK has to do something significant to make fintechs stay here,” Swinburne said.
The review seeks to join the dots on fintech policy across government departments and regulators, and marshal private sector efforts under a new Centre for Finance, Innovation and Technology (CFIT).
“There is no framework but bits of individual policies, and nowhere does it come together,” said Rachel Kent, a lawyer at Hogan Lovells and contributor to the review.
($1 = 0.7064 pounds)
(Reporting by Huw Jones; editing by Jane Merriman and John Stonestreet)
Robinhood plans confidential IPO filing as soon as March – Bloomberg News
(Reuters) – Online brokerage Robinhood, at the centre of this year’s retail trading frenzy, is planning to file confidentially for...
Wall Street Week Ahead: Investors weigh new stock leadership as broader market wobbles
By Lewis Krauskopf NEW YORK (Reuters) – A shakeup in stocks accelerated by the past week’s surge in Treasury yields...
SoftBank reaches settlement with former WeWork CEO Neumann
(Reuters) – SoftBank Group Corp said on Friday it has reached a settlement with WeWork’s special committee and the company’s...
Sunak warns of bill to be paid to tackle Britain’s ‘exposed’ finances – FT
(Reuters) – British finance minister Rishi Sunak will use the budget next week to level with the public over the...
Exclusive: European officials urge World Bank to exclude fossil-fuel investments
By Kate Abnett and Andrea Shalal WASHINGTON (Reuters) – Senior officials from Europe have urged the World Bank’s management to...