Online fraud and risk managementare major concerns for the payments industry, as they shouldbe.Losses across the industry run into the billions of dollars,both in operational cost and reputational risk.Security isfrequently cited as one of the top reasons consumers don’t buyonline and the industry is spending a great deal of investmentcapital in figuring out how best to solve this problem.Solutionsinclude online PIN debit, one-time use card numbers, good funds ACHpayments, and most recently, a new card from Gemalto.
The card works through an onlinesecure password feature activated by pressing a button on the faceof the card. A one-time code is digitally generated which theconsumer enters on the web page, in addition to their user name andpassword.This post is not a comment on any particular solution, asGemalto is an industry leader in such solutions.However,considering the number of fraud-related strategies being introducedinto the market, it makes me wonder if the industry isn’t trying tosolve one problem by creating another.The issue I potentially seecoming down the road is similar to that being experienced by theTSA (Transportation Security Authority) – which is by continuing tolayer on process are we in effect, making a simple transaction muchmore complex?
Lately, there is much more chatterin the travel industry around reigning in the TSA’s physicalsecurity processes (so, are we eventually just going to have to flynaked?) and focusing more on analyzing and profiling travelers foradditional security checks.I might make the argument that, relatedto fraud, digging deeper into the capabilities of analytics-basednetworks coupled with the creation of a set of industry-widesecurity standards may have more sustainable value in preventingfraud in the payments system than continuing to layer on process -and be a lot less confusing.
