While keeping up with the pace of innovation in consumer technology is a challenge in itself for many payments players, it also makes it more difficult for them to guarantee security, a panel of experts agreed at Visa’s 2013 Global Security Summit yesterday.
With the proliferation of new technologies — particularly the many devices and operating systems at play int he mobile market — innovation is creating more complexity in the payments landscape, providing more opportunities for fraudsters to do their dirty work, the experts said.
For instance, when a merchant starts accepting mobile transactions, they tend to get a measurable increase in fraudulent transactions, according to a survey of 1100 merchants by Javelin Strategy and Research. But surprisingly those fraudulent transactions don’t usually come from the mobile channel; instead fraudsters take advantage of the added complexity that the new mobile acceptance creates, and attack other areas, Javelin’s CEO Jim Van Dyke, who led the panel, explained.
But innovation has to go ahead if in step with consumer demand, Benoit Boudier, SVP of international sales for ROAM, a provider of mobile point of sale solutions. “Our job is to innovate; innovation can’t be stopped,” Benoit remarked. “We just have to build security into everything we do from the beginning.”
That imperative of building security into each and every innovation from the beginning is especially important because of the fast rate of consumer adoption that often greets new technologies, Dawn-Marie Hutchinson, the senior manager of IT security for Urban Outfitters, noted. “If you don’t bake in security from the start you could be starting a forest fire if a solution has a rapid rate of adoption,” she explained. “You have to think all along about what can the user do with a new technology that I don’t want them to do.”
But innovation is also opening up new opportunities to improve security, with new technologies like biometrics, some of the panel experts said. The Brazilian bank Banco Bradesco Cartoes, for instance, has introduced fingerprint readers for biometric authentication at its ATMs, the bank’s director of operations, Alexandre de Freitas Monteiro, said during the panel.
But banks and processors also have work to do on the back end to guarantee security in today’s increasingly complex security environment. Having complexity on the back end can damage security as well, particularly when it comes to data silos, which are common across many players in the industry. “There are a lot of big data challenges in the industry that are really technical problems,” said Alexandra Beyer, an analyst in Palantir Technologies’ IT security practice. “Integrating data in a unified environment to enable analysis is a major challenge for many banks.”