5 predictions for protecting data in the payments and security ecosystem

As demand for personalization and seamless consumer experiences grow, security must keep up, said VISA's chief risk officer.

A new decade calls for greater personalization and more seamless consumer experiences, but it also presents challenges around the scale and frequency of cyber threats and breaches, according to VISA.

That sentiment is shared by Gartner, which noted last summer that "Payments have the potential to be entirely cashless, but may bring additional challenges in reliability, security, and convenience."

SEE: Tech Predictions For 2020: More must-read coverage (TechRepublic on Flipboard) 

Deloitte has also published a list of five payment trends for 2020. Among them are a set of new standards to govern the flow of money globally. 

"The increasing globalization of payment processing is highlighting the need for new standards to govern the flow of money and protect customer data," the firm said. "Payment players will need to get their data houses in order, given that we anticipate the introduction of new payment rails and open solutions in 2020, as well as a sustained increase in cross-border transaction volume." 

The past decade has brought significant advances in risk scoring for fraud prevention, encryption, and industry specifications for securing new ways to pay to help protect the billions of transactions consumers made, wrote Diego Paul Fabara, VISA's chief risk officer, in a blog post. Now, in 2020, we can expect the continued expansion of digital payments globally, but that will continue to present challenges and opportunities.

Here are five payment predictions from Fabara for the next decade:

1. Data breaches will force adoption of more dynamic security to protect data and manage fraud

Headline-grabbing data breaches are not likely to end anytime soon. The best defense is to assume your organization is a target and take proactive steps to defend against falling victim or enabling the use of stolen data in your systems, he said.

"I believe we will see significant growth in adoption of payment tokens and the updated EMV 3-D Secure specification globally," Fabara wrote. "Payment tokens help make transactions safer by eliminating the transfer of actual payment data for e-commerce and mobile payments and can deliver a seamless yet secure digital payment experience."The updated 3-D Secure specification enables real-time exchange of 10 times more contextual data between merchants and financial institutions (FIs) to improve decision-making. That way, both parties can better manage fraud in digital channels while optimizing sales, he said.

SEE: Special report: A winning strategy for cybersecurity (free PDF) (TechRepublic)

2. To maximize sales, merchants and FIs will use digital identities to deliver a better customer experience

Traditional approaches to online payments, like manually entering static passwords and payment credentials for every purchase, offer incremental security for digital channels, Fabara wrote.

"Fortunately, digital identities make payments faster, easier and more secure when using computers, mobile devices, apps, wearables and future Internet of Things (IoT) devices. As fraud threats persist, digital identities can end the use of passwords so consumers can shift to more secure methods of authentication such as face, fingerprint, or voice recognition."

In Europe, Strong Customer Authentication (SCA) is taking hold as part of the European Union requirements for multiple layers of consumer verification for digital transactions. "As many thousands of financial institutions and merchants meet these requirements in Europe, global companies may look to extend the most innovative authentication solutions to other markets,'' Fabara wrote.

FIs will need to come up with faster and safer ways to pay to meet global consumer demand for greater speed. This is prompting Visa to explore payment innovations ranging from biometric payment authentication and wearables to new mobile applications like digitally issued cards at the Olympic and Paralympic Games Tokyo 2020, he said.

3. Real-Time Payments (RTP) will require a new approach to fraud prevention

Consumer expectations of speed and convenience have extended to business-to-business payments and have disrupted wire transfers and check payments with instant payments. However, speed and convenience cannot come at the expense of security, Fabara noted.

"As payment volumes grow among RTP networks and peer-to-peer applications, the seen and unforeseen vulnerabilities in the systems will have to be addressed as quickly, if not quicker than, the payments themselves." RTP providers, and FI's must begin thinking differently, and he predicts they will collaborate with trusted payment security partners to address the challenge.

4. AI will be used in the battle between good and evil

Like other aspects of society, artificial intelligence (AI) will continue to fuel new products and services in payments and have a significant impact on society, Fabara believes. This also means greater challenges since threat actors may also use AI.

Looking ahead, "the challenge of AI … will require a collective effort across industries to limit the darker side of the technology to ensure it is used to deliver opportunities and improvements to society,'' he said.

SEE:
The ethical challenges of AI: A leader's guide (free PDF) (TechRepublic)

5. Users will continue to be a weak link

Advancements in payment security will continue to help drive down fraud as EMV Chip did for counterfeit fraud, Fabara wrote, but technology can only do so much since it still needs to be implemented by people -- and people make mistakes. 

More importantly, social engineering continues to evolve and prey on those with their guard down. "One person falling prey can put an entire organization or network at risk. Social engineering will continue because it works,'' he said. "We need to empower users with education and tools since they are often the first line of defense.

People, businesses, and institutions thrive when barriers to progress are low, and trust is high, he said. Preserving that trust requires driving innovation and choice and redoubling our commitment to payment security.

"By drawing on the lessons from past years," Fabara said, "we can both address future challenges and capitalize on the opportunities stemming from our increasingly digitized society."

Also see

Internet security cyber concept pcb lock futuristic lines background

Image: Kirill_Savenko, Getty Images/iStockphoto