Data security is the centerpiece issue for payments transactions that have been plagued by several notable breaches in recent years. The following article describes some technology tools available to merchants in the battle against fraud.
Whenever a credit or debit card is used, whether that’s a swipe at a grocery store or buying concert tickets online, there is a transmission of its numbers representing the payment account. Upon authorization, a common approach in ecommerce is to store the numbers in the merchant’s system to facilitate the exchange of money for goods or services. These stored numbers also attract those looking to steal that information, but a security measure known as tokenization is helping to make this kind of data theft much more difficult.
Credit card tokenization is a method of security in the payments industry in which a cardholder’s credit or debit card numbers are replaced as they enter a merchant’s system by a random string of numbers or symbols. This means the merchant does not have access to the actual credit or debit card number, which all but eliminates its sales system and data as a target for hackers.
Anything that can slow down data breaches is very much needed. In 2015, 170 million consumer records were uncovered by hackers, which globally cost businesses $400 billion.
“Tokenization is important for some merchants to adopt because it substantially reduces the risk and liability that is inherent in storing and maintaining a large database of cardholder data,” Verifi Senior Vice President of Business Development Rick Lynch said. “As we see many of the largest global merchants breached repeatedly throughout the last few years, it’s clear that no system is safe or impenetrable, and the safest approach may simply be to not store cardholder data at all.”
Merchants of all sizes, and especially smaller ones, face difficult business decisions related to their cash flow and profitability. Every merchant could spend unlimited amounts on key categories such as technology, marketing, and talent. As the author suggests, while tokenization represents just one fraud management tool, it represents a valuable ROI given the decreased fraud and lower chargeback costs that would be realized.
Overview by Raymond Pucci, Associate Director, Research Service at Mercator Advisory Group
Read the full story here