Most of the time, people feel secure about making payments online. Yet, a variety of cybercrimes are committed against organizations every day. Experts estimate that a cyberattack occurs every 39 seconds and that the global cost of cybercrimes is approximately $16.4 billion a day. It’s time for financial institutions and related businesses to move past current multi-factor identification and other firewalls once considered state-of-the-art.
In 2022, PayPal reported on its Money Hub page that online shopping scams were the second most reported type of fraud, costing consumers almost $400 million. Users are told to look for an “s” at the end of the https:// on a website’s URL. This symbolizes the secure sockets layer (SSL) certificate and verifies a website’s authenticity, assuring it is not a fake site designed to mimic a legitimate one, where the goal is to collect personal financial data. Still, this layer of protection may provide users with a false sense of security.
The rise in online banking led to more than $10 billion in losses from financial transactions, online shopping, bill paying, and money transfers in 2022. This was up 49 percent from the previous year, and the FBI’s Internet Crime Complaint Center received more than 800,000 complaints in 2022. Despite repeated warnings about creating strong passwords and using multi-factor authentication, online security via a mobile app (or a website) remains a critical issue. Credit card company algorithms that reject or flag transactions that seem out of the norm and alert the cardholder to verify are insufficient. As hacking techniques and technologies evolve, it is vital that the security of online transactions is strengthened.
The good news is that there are viable advancements in transaction security to balance tighter security standards with ease of use for payment apps and create more secure apps with fewer steps.
Make apps safer and easier to use
With the threat and occurrence of fraud on the rise, it’s important for end users to be educated about opting in for multi-step verification and text messages about transactions to make apps and online transactions safer. Additionally, they need to understand the dangers of using simplistic passwords, easily deduced by powerful computers or artificial intelligence (AI). The reality is that many users will gravitate toward simpler payment apps with fewer hoops to jump through. This is a selling point for businesses that market their apps or websites as “safer but simpler.”
A recent study revealed that despite general satisfaction with financial institutions’ security measures, half of the customers wanted more security safeguards. Nearly three times as many consumers now prefer to access their bank accounts via a smartphone instead of a computer. Consequently, more companies use biometrics such as individual physical identifiers (fingerprints, facial recognition, retinal scans, and voice recognition) with smartphones for security purposes. Biometrics ensure that mobile apps are only accessed once the phone recognizes the user’s unique physical characteristics via software analysis. The use of digital wallets on mobile phones to store encrypted financial data for ease of use has grown considerably in recent years (i.e., Google Pay, Apple Wallet, Venmo), and security is fortified by using one-time PINs and multi-factor authentication, but a lost or stolen phone in the wrong hands can lead to security breaches.
Faster and safer payments
Companies can take proactive steps to mitigate the risk and occurrence of fraud. One solution is the addition of tokenization of online payments. Tokenization uses algorithms and encryption methodologies and can convert sensitive payment data into a nonsensitive equivalent, which is stored and transmitted to the app used to make a transaction without exposing the original data to potential security threats. When tokens are used for transactions, details from credit or debit cards or bank accounts do not need to be entered again. This limits the opportunity for hackers to see a user’s financial details and passwords. It can also create faster, smoother, and simplified processes at the checkout step. Network tokenization can reduce the compliance burden for the payment card industry, as it lowers fraud risk at the same time. It replaces the primary account number data prevalent today in many card-on-file payment systems.
Integration with Click to Pay is an additional tool for secure and faster checkout. Introduced in 2019, the Click to Pay service stores all credit card information in one “bucket.” Click to Pay is EMVCo based e-commerce solution. When online, shoppers click the Click to Pay symbol, enter a one-time security number sent to their phone, and then check out. Click to pay cards are stored on networks and are used at any merchant site for online transactions without requiring shoppers to reenter payment information repeatedly.
Increased use of biometrics to safeguard mobile app security is a positive move for login and transaction authentication and steers the industry toward zero trust security. Zero trust is a philosophy that states it’s critical for organizations to not automatically trust anything inside or external to their networks.
The power of AI in bolstering online transaction security should not be underestimated. AI can analyze trends and statistics to detect irregular consumer purchasing patterns, assigning “risk scores” to purchases based on transaction history and looking for signs of possible fraud. The COVID-19 shutdown led to a surge in online transactions by people staying home—and a spike in fraud attempts. It has fueled an increase in cybersecurity and other fraud protection investments by e-commerce-centered companies, a market that may approach $70 billion by 2028.
Looking ahead
The future of online payments will reflect a complex combination of technology, user experience, and marketplace adaptability. Investing in the right technologies and strengthening security will be essential for any business engaging in digital transactions. It will be vital for organizations to strike a balance between speed and safety. As payments become seamlessly integrated into a virtual and interconnected world. As the desire for digital payment options grows, it will be necessary for payment networks developers to collaborate to build fresh solutions that cater to the needs of consumers and merchants, giving all users what they want: more robust security with ease of use.
About the Author:
Dipali Pandya is a global product development manager with over 15 years of experience in digital payment including authentication and security initiatives. Dipali also specializes in backend technologies, mobile application development, product development, and software development. Dipali is the recipient of the 2023 Change Maker of the Year award and holds master’s degree in computer applications from India’s Maharaja Sayajirao University of Vadodara. For more information, contact dipali.c.pandya@gmail.com.
