Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

STRATEGIES FOR SECURING RETAIL PAYMENT DATA

STRATEGIES FOR SECURING RETAIL PAYMENT DATA

André Stoorvogel, Director, Product Marketing in the Payments Group at Rambus

Verizon recently released its annual Payment Security Report. And for retailers, the report highlighted significant areas for improvement in encrypting data, securing transmitted data, and authentication.

This should serve as an industry-wide wake-up call, for the impacts of data breaches cannot be underestimated.

The average consolidated cost of a breach is $4 million, and this will undoubtedly increase for European retailers when GDPR comes into force, where fines can total up to €20 million or 4% of total annual turnover (Source: SecurityIntelligence).

The long-term reputational impact must also be considered. Consumers rank data breaches as one of the most damaging factors to a brand, on the same level with environmental disasters (Source: Dark Reading). Consequently, 19% of consumers avoid retailers who have been hit by a major breach (Source: Innovative Retail Technologies).

The good news is that retailers are being proactive and looking to take control of their payments activity. Ovum report that of the 80% of retailers entering payments, 40% cited security considerations as the main driver (Source: Ovum).

Securing retail payments with digital wallets

As retailers look to bring payments in-house, there are various approaches to consider. Deploying a digital wallet, however, may not be an immediately apparent option.

This is perhaps because the value of mobile wallets may be seen in the ability to provide a seamless and enhanced buying experience to consumers. But digital retail wallets are also a highly-effective means of improving payments security and mitigating risk.

Protecting data with payment tokenization

Tokenization technology is a key component to a truly secure digital retail wallet.

Payment tokenization replaces a customer’s primary account number (PAN) with a unique payment token that is restricted in its usage, for example, to a specific device, merchant, transaction type or channel.

This means tokenization can help to secure in-store transactions made via mobile wallets across differing payment technologies, such as NFC, QR Codes or BLE. It also reduces the risk and impact of card-on-file fraud using stored credentials.

Adapting to omnichannel retail

For many retailers, however, the distinction between in-store and eCommerce / mCommerce has become blurred. For example, a consumer may choose to shop in store, but checkout through an in-app payment within their mobile wallet.

In response to changing consumer behaviors and trends, EMVCo has released version two of its tokenization specification to address emerging use-cases and ensure a secure remote payments environment.

This is undoubtedly good news for retailers, as it will further enhance mobile wallet security by bringing the fraud prevention capabilities of dynamic tokens to increasingly popular checkout options, such as in-app and online payments, and recurring one-click-ordering.

Securing payments beyond tokenization

In addition to tokenization, various other technologies and protocols can be incorporated into digital retail wallets to provide additional security protections.

Biometric authentication, for example, provides an extra, visible layer of security, and can be deployed in parallel with other authentication protocols such as passcodes.

For hardware-grade security, secure elements and trusted execution environments isolate data and applications from the operating system. And on an application level, code obfuscation and white box cryptographic techniques hide or obscure sensitive code, data and algorithms.

Adopting a layered approach

It is clear that digital wallets that leverage tokenization are an effective means of ensuring secure retail payments, enabling retailers to adopt a modular, layered approach that is tailored to their own requirements and, importantly, strikes the right balance between security and convenience.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post