Payments stories this year have been dominated by a seemingly unending string of data breaches, putting security at the forefront of the agenda for the industry. Authenticating users to prevent intrusion by criminals tops the list of concerns when implementing new electronic payments systems, according to a new survey commissioned by HP Atalla and conducted by the Ponemon Institute. Two thirds (66%) of the 634 IT professionals surveyed said authentication is the biggest problem when deploying new digital payments systems like e-wallets.
But those authentication concerns aren’t stopping the organizations represented in the study from adopting new digital payments technologies. Three quarters (75%) of the respondents said their organizations plan to support payments via a mobile device or phone number, and 43% said they would support payments with virtual currencies.
[For more on security and authentication, check out: 3 Keys To Making Payments More Secure.]
“Support for virtual currencies is being driven by two components: economics and security,” Albert Biketi, general manager of HP Atalla enterprise security products, explains. “It’s a way to break the economics of the system that imposes transaction fees that can add up for a merchant. For a large retailer, having 3% to 4% [of your revenues] being charged for transaction fees can be a lot of money.”
On the security side, Bitcoin’s blockchain creates more trust in the system, since a third party verifies every transaction. “It’s a system built on aggregate trust. You're not just trusting one institution [with the transaction]. If you look at the architecture of Bitcoin – it’s really hard to cheat. And every transaction is logged in near real time.”
The study also found that data privacy isn’t an urgent concern, compared to security for organizations adopting new payments technologies. Only 38% of the respondents said that would be wary of new payments technologies to protect the privacy of their data.
“I think consumers realize that the data that they share with their banks and retailers helps those organizations serve them better. Retailers especially rely on that data to serve their customers better. It’s how they create value for their customers,” Biketi remarks.
Tokenization topped the list of security measures that could help mitigate the authentication concerns over new payments methods, the report found. “Attackers right now are very focused on getting credentials and valuable data. Tokenization is an excellent way to neutralize [the impact of] breaches,” Biketi suggests.
Even though 75% of the respondents said one-time passwords and tokens were “very important” or “essential” to securing new payments methods, only 48% said their organization uses them for security.
“Tokenization hasn’t been widely adopted because of structural and budget issues. I think it will gradually become a basic standard. But there are different approaches to deploying tokenization, and organizations want to extend it to as many systems as possible. That can be difficult across some [complex] architectures,” Biketi explains.
Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio