EMV Liability Shift, How Mobile Authentication Can Ease the Pain

In October of this year, any merchant in the US who does not demonstrate the ability to accept EMV transactions can be deemed liable for the fraud associated with counterfeit cards.

That’s only 7 months from now.

Most people in the EU can’t really understand the confusion this has generated – we’ve had chip & PIN for well over a decade – but for the population of the US swipe & signature is as natural as handing over cash. Retailers are rightly concerned that adoption will be a slow and painful process. However, that may not be their biggest concern.

Estimates of the cost of transition from magnetic stripe to chip range from $8 – $12 Billion, and the lion’s share of the burden will fall to the retailers who must replace their existing payment entry devices (PEDs) with chip compatible ones. The chances are good that this expense was not in their long-term costings, and bringing forward the end-of-life of their PED infrastructure is simply not an option in an industry where profit margins are razor thin.

But the thing that few people realise is that while the chip alone is a positive factor in fraud reduction (anti-counterfeit), the greatest benefit of the roll-out of EMV is only achieved when deployed in conjunction with the use of a 4 digit Personal Identification Number (PIN). This effectively adds a second factor of authentication (the card is something you have, your PIN is something you know) making card present transactions significantly more secure. PIN alone would have significant positive impact as well.

Read more

Biometrics is Only PART of the Answer

The time will come when you will be able to walk into any shop, chose what you want, pay for it where you are standing, and walk out with it, without having to go through the nonsense of lining up. The same will apply to getting through airport security/immigration, into a concert, onto public transportation and so on. Each of these ‘transactions’ will happen in the background.

The time will also come when whom you are is enough to make all of these transactions happen almost seamlessly, and biometrics will be an enormous part of that. However, WHAT you are does not equal WHO you are, and that’s where biometrics vendors miss the point. No form of static authentication (of which biometrics is one, same as passwords) can encompass your entire identity. Your likes, dislikes, hopes, fears, ambitions, friends & family interactions, even your reputation. The things that make you human, and 100% unique.

Also, what biometrics cannot do is replace every other form of authentication in the near term. Certainly not the authentication of payments for example when you consider that all payment card schemes globally are united behind the PIN.

Read more

Shopping Cart Abandonment, Authentication to the Rescue

According to Business Insider, approximately $4 TRILLION worth of merchandise will be abandoned in online shopping carts this year, of which only 63% is recoverable for those retailers with the necessary “savvy”.

The reasons behind this abandonment are as myriad as the individuals making the purchases, but to truly understand the root cause, you must examine the people themselves. From an online purchasing perspective, they fall roughly into these 5 categories:

  1. Mind-Changers – People change their minds all the time, which is much easier when you’re online than when you’re face-to-face with a sales rep. The longer the purchase process, the more time retailers are leaving open for this category to have second thoughts.
  2. Distractors – For those who don’t really care about their purchase, the slightest distraction will cause them move on. Long and complicated check-out processes will see these folks following the next shiny thing.
  3. Impatient – Again, long check-out processes will see the impatient group give up fairly quickly even though it means starting again. The issue is that they will undoubtedly start again on a competitor’s site.
  4. Private – Asking a significant number of questions unrelated to the transaction itself, or forcing them to create an account first is not an option for this category.
  5. Frustrated – Too many steps and customers become frustrated and lose interest in purchasing the item.

Other reasons include hidden fees, unreasonable shipping & handling cost, loss of bandwidth and a multitude of others, but these are mostly issues with the merchant, not with the buyer.

Read more

Biometrics in Payment & Banking – an Uneasy Partnership

No form of single factor authentication has ever provided an optimal level of security. As technology moves forward, biometrics has been introduced into the world of payments to enhance security and convenience. Rightfully so, as a form of authentication, biometrics is here to stay.

Traditionally we talk about three types of authentication:

  1. Something you know (e.g. a password)
  2. Something you have (e.g. an physical token)
  3. Something you are (i.e. biometrics)

But if we want to solve the challenges in a meaningful and sustainable way we must also think about identity management in terms of static and dynamic authenticators as well as multi-multi-factor authentication.

Read more

World Mobile Congress 2015, What WE Want to See

The race for ‘mobile supremacy’ is on. It has been for some time actually – but clearly no-one has it right or we would all be using the same things. In no aspect of the move to mobility is this truer than in payments and other forms of financial transaction.

At the World Mobile Congress 2015 (WMC) next month almost 2,000 exhibitors and an expected attendance of 90,000 will descend on Barcelona in an attempt to find answers to their questions. However, both history and experience have shown that organisations rarely ask the right questions and end up spending time and money following the latest trends so as not to be left behind.

One look and WMC’s very impressive 60-page brochure and the distinguished line of keynotes speaks volumes to the unprecedented interest in everything mobile. With 7 billion mobile phones in the world (2 billion of which are smart phones) this is hardly surprising.

Read more

Mobile Fraud is on the Rise. Are You Actually Surprised?

Each day we are bombarded with headlines about successful attacks against mobile payments and the massive rise in mobile payments fraud in general. Yet none of this should be a surprise, and the reasons are simple.

First, we need to understand that the reason we read so much about the losses in the press is that negativity is often the only thing that makes the news. When was the last time you saw the headline; “Mobile Applications Work, Hackers Thwarted!”

The fact remains that for every transaction lost, thousands or even millions of transactions work just fine. However, this sells neither newspapers nor security products.

That said, mobile applications are notoriously insecure. Some of the weaknesses are entirely avoidable and others will be resolved only with a significant shift in both payment methods and the capability of authentication and identity mechanisms.

Read more

Merchant Payment Ecosystem (Berlin) – Will Merchants Finally Be Asking the Right Questions?

If someone had asked you 10 years ago; “What functions do you need on your mobile phone?”, do you think you would have come up with even 10% of what’s available now? So what about brand new merchants looking for a payment service provider? Do you suppose merchants know what to ask for?

At MPE Berlin this week, all the usual suspects will be under one roof; card brands, terminal manufacturers, issuers, acquirers, and all the big names in retail. On top of this there are also going to be companies looking to change the payments world.

Unfortunately, few of these vendors will be able to answer the question on every merchant’s mind; What’s next?

The two vendor camps; those who are already established, and those trying to break in, are diametrically opposed. The established camp wants things to stay the same (or to change very slowly) and the new guys want to change everything, yet both sides seem to have forgotten what’s most important.

Read more

FinovateEurope – what will the 2015 payment ecosystem bring?

Once again, FinovateEurope descended on London this week – a two day event featuring Fintech’ players, from around the world showcasing their technologies and innovations. Over the years presenters have run the length of the financial technology industry and have covered; debit rewards, alternative payments, person-to-person (P2P) lending, new marketing tools, security solutions, big data, mobile apps, social investing, personal financial management, youth banking, credit, and next-generation online banking platforms[1].

So what will the 2015 payment ecosystem bring? At MYPINPAD we predict Identity Management and authentication will move further into the spotlight; because without significant advances to Identity Management, the necessary changes to the payment ecosystem come with significant challenges.

Read more

MYPINPAD – An Introduction

Our company blog launches today, here we will be expressing our news and also views on industry events and issues. 

The MYPINPAD team have a busy year planned for 2015, including attendance at global events and awards, so follow our news here and on Twitter @myPinPad

We were founded in 2012 by an alliance of payments industry leaders. MYPINPAD was created to become the world’s first consumer authentication company to solve multi-channel security with PIN.

The MYPINPAD solution is a transformational self-hosted based platform, which delivers secure PIN authentication on unsecured electronic devices such as mobile phones, tablets and personal computers. The solution optimises security around the payment process, reducing risk and fraud. Crucially in the digital world of today where people are inundated with new technologies, MYPINPAD provides consumers with a familiar and simple authentication process.

Enjoy our posts!  

Follow us @myPinPad