A monthly forum of compiled insight from top leading industry thought leaders to help you protect your payments and boost your profits
Question of the Month
How can I get a handle on all the different device authentication technologies available and what are the best practices to boost security without boosting false declines?
Card-Not-Present (CNP) commerce is on the rise and global retail e-commerce projected to hit $2 trillion by 2016. The increasing popularity and adoption of smartphones is boosting these numbers, as almost a quarter of people worldwide own a smartphone. Mobile remote and proximity payments will continue to grow, prompting additional security measures to garner consumer trust and adoption and to protect payments across all channels. There’s no silver bullet when it comes to device authentication but using a layered, comprehensive approach is the best bet. Multi-layered authentication enables businesses to tailor fraud and security controls to their unique needs and business models. With new device authentication technologies, businesses can effectively do this without sacrificing consumer conveniences.
Here is what the experts are saying:
- “Cool” may not mean safe. MasterCard recently demonstrated how it plans to accept ‘selfie’ photographs and fingerprints as password replacement/alternative for online payment verification. While this is a cool concept that is sure to be embraced by the smartphone selfie generation of Millennials, merchants should also take heed. Another company was able to create a spoof finger with clay and some Play-Doh.
- Multi-Layered Authentication vs. Biometrics. Biometrics verifies user identity through unique biological characteristics (voice, fingerprint, retina, signature). The benefit of this technology is that the user always has this biological “password” with them, negating the need to remember an actual password or pin or code. Multi-layered authentication uses multiple factors to verify a person’s identity: something you know, like a user name, and something you have, like a mobile device. They both have downsides: biometrics can be replicated in some instances and multi-factor authentication requires a level of network dependency for issuing unique login codes, etc. Both are great options for merchants looking to stay ahead of the security curve.
- The true cost of false positives. Research shows that merchants are declining legitimate transactions they suspect to be fraud more than they think. This is costing merchants in a big way. $118 billion was falsely declined whereas only $9 billion was lost to fraud in 2014 and 32% of those falsely declined opt to never shop with that merchant again.
- Use a Gateway Partner to Centralize and Streamline Fraud and Risk Prevention. Implementing best practices and adhering to industry standards for device authentication takes time and resources. Creating and executing a successful, risk-appropriate authentication strategy requires fine-tuning that many merchants simply don’t have the resources to perfect on their own. Working with a third-party vendor can alleviate the resource burden, freeing up merchants to get back to running their business.
Parting Words
Mobile remote and proximity payments will continue to grow, prompting additional security measures to garner consumer trust and adoption and to protect payments across all channels. Omni-channel merchants must balance a secure purchasing experience with a positive purchasing experience, taking into account the trade-offs between security and convenience and considering the total cost of each. The considerations outlined in this white paper should help merchants evaluate their current processing gateway and validate if it is agile enough to adapt to changing opportunities and security demands as fraudsters become more educated, dynamic and voracious in the CNP channel.
Verifi’s end-to-end payments protection suite tightly
couples our Global “Super Gateway,” Intelligence® Suite and Cardholder Dispute Resolution Network™ (CDRN) and Chargeback Representment (CBR) services so you can protect your revenue streams and process payments more securely and seamlessly. Gateway’s Intelligence® Suite provides a comprehensive fraud management platform that enables you to cost-effectively layer, test and adapt best-of-breed tools as the marketplace – and fraudsters
– evolve.
Don’t forget to download our updated ebook: What Every Card Not Present Merchant Should Know: Navigating Today’s Challenging Payment Ecosystem? Get it now!
Contact us to find out how to guard against online payments fraud and expensive chargebacks. Have your own thoughts on what you read? Ping us on twitter (@verifi) with #paymentstips and let us know what you think.