An article with some thoughtful points about managing fraud in a faster payments environment appeared in Bank info Security. It raises concerns that are still unaddressed around fraud and faster payments, particularly identity management. The basis for this article were comments made at Information Security Media Group’s recent Boston Fraud and Breach Prevention Summit:
Richard Parry, an independent consultant who formerly led consumer risk management at JPMorgan Chase, says he’s not optimistic about a U.S. shift to faster payments, especially given the ongoing legal and legislative wrangling surrounding payments among banks and merchants. “It will become an interchange issue,” Parry argued during a panel discussion with Crowe at our summit. “It always comes back to money, not security.”
Parry says the most fundamental risk to payments is poor identity management. And it’s a legitimate concern. After all, poor identity management apparently enabled hackers to steal $81 million from the central bank of Bangladesh in February, as part of a fraudulent transaction that was approved by the Federal Reserve Bank of New York.
The approach to faster payments was compared to the U.S. experience migrating to EMV chip technology which is a valid comparison. There may be security surprises and unintended consequences with the U.S. approach to faster payment despite the results and experiences in other countries that already have launched solutions. Just like EMV:
Parry believes tensions between banks and retailers over interchange fees will overshadow security in the migration to faster payments, just as they have with EMV
“EMV chip and PIN versus chip and signature in the U.S. became an interchange issue, rather than a security issue,” he said during the panel. “I see faster payments going in the same direction. I think interchange will play a bigger role than security.”
Overview by Sarah Grotta, Director Debit Advisory Service at Mercator Advisory Group
Read the full story here