This article first states what we all know – passwords are insufficient to protect accounts from being compromised. It suggests that two-factor authentication is the answer and that smart devices capable of biometric security should be used instead of passwords. It failed however to identify the primary problem regarding biometric adoption which is the easy low-cost enablement of every website to utilize the biometric already in use to unlock the phone. This problem and the solution to the problem are highlighted in the report “Biometrics: Driven by Standardized Authentication, Adopted by Consumers.” Of course biometrics offer only a single factor and so needs to be used in conjunction with another factor such as the possession of the device. The article touches on EMV 3D Secure which will collect more information from the consumer and merchant to help the issuer better authorize a purchase, but EMV 3D Secure will also enable the issuer to challenge the cardholder to validate identity. As identified in “Revisiting Authentication in the Age of SRC and EMV 3-D Secure” if this challenge introduces yet another method of authentication that the cardholder is unfamiliar with it is likely to drive abandonment rates similar to the first 3-D Secure implementation:
“The payments ecosystem is evolving, and so should the ways in which we keep it secure. New authentication and anti-fraud technologies are making signatures and PINs optional for issuers and merchants. For instance, since the past one year, the regulator has mandated issuers to issue EMV chip-enabled contactless payment cards. Besides changing consumer behaviour, which is embracing mobile technology to pay, payments are also being driven by mobile technology.
Hence, as the payments industry starts adopting digital forms, the tokenization of card credentials will help banks and digital payments service providers offer consumers a safe, simple and consistent purchase experience, regardless of where they are and what device they use to pay, playing an important role in moving away from passwords.
Another technology that will play a key role in securing payments, especially with more connected devices, is EMV®3-D Secure. This will deliver rich data to financial institutions and merchants to better authenticate consumers and reduce fraud on transactions made via a mobile or desktop browser, app, or connected device.
Using sophisticated artificial intelligence across several applications and capabilities enables payment networks to create a more secure payments ecosystem without sacrificing consumer experience. Machine learning analyzes fraud migration patterns that help issuers verify card applications in near-real-time, and at scale.”
Overview provided by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group.
For the complete article referenced in this coverage, please click here