THE PAYMENTS SECURITY REPORT: 5 new security protcols aim to fix the massive credit-card fraud problem
There is a massive credit card fraud problem in the US. Fraud cost US retailers approximately $32 billion in 2014, up from $23 billion just one year earlier. Much of the fraud problem is the result of the relatively weak security of credit and debit cards.
To solve the card fraud problem across in-store, online and mobile payments, payment companies and merchants are implementing 5 new major payment protocols that could finally help mitigate fraud.
In a new report from BI Intelligence, a closer look at how the dynamics of fraud are shifting across in-store and online channels is taken and infographics explaining the top new types of security that are gaining traction across each of these channels, including on Apple Pay, are provided.
Here are some of the key takeaways:
- EMV cards are being rolled out with an embedded microchip for added security. The microchip carries out real-time risk assessments on a person’s card purchase activity based on the card user’s profile. The chip also generates dynamic cryptograms when the card is inserted into a payment terminal. Because these cryptograms change with every purchase, it makes it difficult for fraudsters to make counterfeit cards that can be used for in-store transactions.
- To bolster security throughout the payments chain encryption of payments data is being widely implemented. Encryption degrades valuable data by using an algorithm to translate card numbers into new values. This makes it difficult for fraudsters to harvest the payments data for use in future transactions.
- Point-to-point encryption is the most tightly defined form of payments encryption. In this scheme, sensitive payment data is encrypted from the point of capture at the payments terminal all the way through to the gateway or acquirer. This makes it much more difficult for fraudsters to harvest usable data from transactions in stores and online.
- Tokenization increases the security of transactions made online and in stores. Tokenization schemes assign a random value to payment data, making it effectively impossible for hackers to access the sensitive data from the token itself. Tokens are often „multiuse,“ meaning merchants don’t have to force consumers to re-enter their payment details. Apple Pay uses an emerging form of tokenization.
- 3D Secure is an imperfect answer to user authentication online. One difficulty in fighting online fraud is that it is hard to tell whether the person using card data is actually the cardholder. 3D Secure adds a level of user authentication by requiring the customer to enter a passcode or biometric data in addition to payment data to complete a transaction online. Merchants who implement 3D Secure risk higher shopping-cart abandonment.
Read More – http://uk.businessinsider.com/new-security-protocols-to-fix-credit-card-fraud-problem-2015-4