CSI Resources

You are here:
close up of the word paid

What Are the Next Big Steps in Payments Security?

  • by Matt Herren
  • Jan 31, 2019

Over the past few years, the financial sector has witnessed the jet-fueled expansion of e-commerce. More consumers flock to the convenience of online and mobile shopping today than ever before, and the discussion surrounding payments security has pivoted from a point-of-sale and EMV focus to that of e-commerce and tokenization. But where are those discussions taking us? What are the next big steps for the payments security landscape in the coming year?

The answer lies in a unified payments front: a healthy mix of industry collaboration and technical innovation.

The Online Shift Continues

The introduction of EMV chip card technology revolutionized payments security, both in the U.S. and abroad, and EMV usage is still on the rise. According to Market Research Hub, the global EMV point-of-sale terminal market is expanding at a compound annual growth rate of 9.9 percent through 2021.

But despite the growth of EMV, e-commerce has emerged as a favorite for today’s consumers. According to eMarketer, e-commerce is growing immensely, and in 2017 alone, mobile commerce (m-commerce) via smartphones and devices represented more than one-third of all retail e-commerce sales in the United States.

Tokenization Continues to Impress

Tokenization—or the process of replacing static card credentials with a series of tokens—continues to be the bedrock of payments security innovation. Therefore, before the next “big idea” in the payments ecosystem is addressed, we must first take stock of our everyday usage of tokenization.

Currently, there are a handful of digital wallets (aptly nicknamed the “Pays”) within the marketplace, such as Apple Pay, Samsung Pay, Google Pay, Fitbit, Garmin, etc., all of which utilize tokenization. As consumers continue to shop online, tokenization will likely spur the growth of credential-on-file (CoF) e-commerce. CoF e-commerce occurs when a merchant stores a customer’s card information online for future or recurring purchases. This is made possible through the Secure Remote Commerce (SRC) initiative.

SRC Steps up to the Plate

Looking ahead, the industry is likely to see the SRC initiative enable Visa, Mastercard, American Express and Discover to create a standardized token process for merchants to offer through a single-buy button. In other words, think PayPal, but leveraging tokenization.

Introduced in May 2018, SRC provides unified digital checkout guidelines to allow more secure and interoperable card acceptance through a standardized technical framework. Already backed by Visa and Mastercard, this standard eliminates the need for consumers to enter data multiple times for each company with which they conduct business; and because SRC is platform-agnostic, consumers gain the ability to pay with whatever method they choose.

Big Names Join the Party

Several merchant processors, including PayPal, Worldpay and Amazon, have already expressed plans to leverage the benefits of tokenization for their merchant customers through Visa and Mastercard. Furthermore, major retailers (including Amazon) are expected to join the likes of Netflix from a card-on-file tokenization perspective. As a result, the payment credentials these retailers receive from customers will maintain a higher level of security, since they are not static card numbers that can be used elsewhere. In addition, these credentials can be “bound” to a specific user’s account, making them essentially worthless to potential criminals.

With security threats continuing to present major issues for the financial space, especially within the payments sector, many will lean on the latest innovations around tokenization to protect both themselves and their valued customers.

In his role, Matt Herren has employed advanced analytics and data analysis to not only react to fraud, but also to prevent it. As the Director of Payment Services, Matt has expanded CSI’s ability to address fraud through early identification of merchant breaches and fraudulent testing techniques. His work helps to increase bank profitability through fraud mitigation and card portfolio analysis, allowing customers to realize industry-leading results and maximize program performance.