Mobile payments are soaring in the UK and the US, and we’re not surprised. Seamless payments, convenient top-ups, increased flexibility in shopping patterns – what’s not to love? In our recent #MyNFCDay video series, we explored how mobile payments are revolutionizing urban life and opening up our cities to everyone, underlining the importance of advanced payment technologies.
However, for mobile payments to continue thriving, it’s crucial that we get security right. As you would expect given this backdrop, payment security has emerged as a key theme at Mobile World Congress 2016. Here are some of the areas and innovations we’ll be talking about at the show.
Taking advantage of the cloud
There are all sorts of advantages to businesses embracing mobile payment services, but there a number of obstacles that have to be overcome. Decision makers have to select the security solution which reaches the maximum number of end users, provides an adapted level of security and helps issuers keep the control of their customers’ data. Wouldn’t it be great to discover a solution which simplifies and defragments the whole process and satisfies all the stakeholders in the mobile payments process?
If you’re at MWC, come and discuss these challenges with us. We’ll be giving demonstrations of our cloud-based mobile payments service, using tokenization to provide protection at every step of the transaction – enrolment, card digitalization to token lifecycle management while ensuring a very easy user experience.
Mobile dynamic code verification
Card Not Present (CNP) fraud can be difficult to prevent because it can be tricky for vendors and financial institutions to verify that the individual inputting card details is the genuine cardholder. In the US alone, it’s expected to be responsible for eye-watering losses of $6.4 billion alone by 2018, while globally it’s estimated to account for 25% of total fraud losses –astonishing sums which underline the need for robust security solutions.
Cybercriminals acquire card information using a variety of techniques. Sometimes they’ll use card skimming, copying details while a customer isn’t looking, perhaps in a busy bar or restaurant. They can also use phishing, where bogus emails and phone calls are used to win people’s trust and persuade them to part with their card information. Alternatively, hackers have been known to intercept live transactions directly. Consequently, security solutions must render static card information less valuable.
At our MWC stand we’re demonstrating a solution which meets that requirement, and it’s called mobile dynamic code verification. Mobile DCV replaces the static security number traditionally used for completing online transactions with a continuously evolving code. The effect is to make static card information less valuable to cybercriminals without compromising customer experience, which is so essential to mobile payments and eCommerce.
The new mobile payments ecosystem must place strong identity management and authentication at its core, otherwise payment facilities will be vulnerable to hackers. How can security solutions tackle the threat without undermining customer convenience? It’s not enough to rely on a traditional user ID and password – multi-factor authentication is the way forward. Multiple layers of protection are needed to tackle the growing threat of cyber-attacks.
Fortunately, technology now exists which enables MNOs to easily become universal digital identity providers and establish Mobile Connect services. Along with a simple mobile login, Gemalto’s Mobile ID includes extra security layers which rely on unique secret codes and advanced digital and public key certificates. Come to our stand if you’d like to hear more.
Another important consideration in mobile payments is allowing consumers to pay for services – from mobile content to a car parking space – via their regular phone bill. Enabling transactions like this to take place securely and consistently is crucial, and our Gemalto NetSize team will be on hand to show you how our solution helps.