The covid-19 outbreak has led many to fall back extensively on digital infrastructure—be it collaborating virtually with co-workers and clients across geographies, or ordering essential goods and services through e-commerce portals. If demonetization was the first impetus, covid-19 may well be the second phase of accelerated digital adoption. The lockdown has, on the one hand, propelled citizens to go digital and, on the other, migrated a new set of consumers into the digital payments ecosystem. However, like the World Economic Forum’s Global Risks Report 2020 mentions, data theft is one of the top risks that businesses are likely to face in the long term. And, with this unprecedented digital adoption, what becomes critical is safe and secure access to online services, and unwavering data protection of organizations and consumers. With a possible rise in cyberattacks under the circumstances, this is a much-needed step.
HOW EFFECTIVE ARE PASSWORDS?
Even though computer passwords have come a long way since the 1960s, the traditional methods of keying in a password, including additional security questions, is still not tamper-proof, as the information is often misspelt, forgotten or stolen. With compromised credentials responsible for more than 80% of data breaches, according to the Verizon Breach Investigations Report 2019, at a time when remote working is gathering steam, and is being contemplated as a long-term move, employees—the human element—can prove to be the weakest link in an organization’s security chain. Hence, organizations are now realizing the need to adopt strategies that depend less on passwords, by implementing multi-factor authentication systems.
TECHNOLOGY TO THE RESCUE
The penetration of sophisticated smartphones and tablets equipped with fingerprint sensors and high-quality cameras and speakers have enabled the integration of biometric authentication in everyday life. These devices often form the core of working remotely, with VPN authentication, email access, document editing and collaboration tools all possible on a smartphone. While this clearly reflects the findings of a survey released in 2018—which stated consumers’ inclination to adopt at least one method to verify their identity—it also showcases their desire to drift away from legacy authentication methods like passwords that need to be typed. The same can be extended to banking, payments and other transactions where security is pertinent.
TIME TO ADAPT
The payments ecosystem is evolving, and so should the ways in which we keep it secure. New authentication and anti-fraud technologies are making signatures and PINs optional for issuers and merchants. For instance, since the past one year, the regulator has mandated issuers to issue EMV chip-enabled contactless payment cards. Besides changing consumer behaviour, which is embracing mobile technology to pay, payments are also being driven by mobile technology.
Hence, as the payments industry starts adopting digital forms, the tokenization of card credentials will help banks and digital payments service providers offer consumers a safe, simple and consistent purchase experience, regardless of where they are and what device they use to pay, playing an important role in moving away from passwords.
Another technology that will play a key role in securing payments, especially with more connected devices, is EMV®3-D Secure. This will deliver rich data to financial institutions and merchants to better authenticate consumers and reduce fraud on transactions made via a mobile or desktop browser, app, or connected device.
Using sophisticated artificial intelligence across several applications and capabilities enables payment networks to create a more secure payments ecosystem without sacrificing consumer experience. Machine learning analyzes fraud migration patterns that help issuers verify card applications in near-real-time, and at scale.
CONVENIENCE IS THE KEY
Though the current pandemic trains its focus on safe and secure digital payments for consumers, convenience is in the eye of the cardholder. Highly secure payments systems remove a key challenge for the digital ecosystem—the dropout of consumers from digital payments—and bolster consumer experience without foregoing convenience.
With seamless, secure payments, where authentication and verification move to the background, the dependence on keying in passwords and security questions will reduce considerably, to ultimately become more convenient for the consumer.
Vipin Surelia is chief risk officer, India & South Asia at Visa.