In an increasingly digital world, the threat of fraud continues to evolve and stakeholders continue to adapt. 

Writing for Payment Expert, Jon Horddal, Group Chief Product Officer, emerchantpay, detailed some of the most pressing threats when it comes to fraud and security. 

In today’s interconnected world, where technology and consumer behaviours evolve rapidly, the need for robust payment security is more critical than ever. Research shows that around 60% of consumers worry about the security of their devices. Additionally, a staggering 97 people fall victim to cyber breaches every hour.

As our world becomes increasingly interconnected, it’s important to recognise that evolving technology and consumer habits may inadvertently expose more of individuals’ private information to fraudsters and malicious actors seeking unauthorised access. Several threats demand the payment industry’s attention and must be addressed to safeguard the integrity of payment systems and protect sensitive financial data.

Card data breaches and phishing attacks

Two of the most impactful cybersecurity threats facing businesses today are card data breaches and phishing attacks, where sensitive data is obtained through increasingly sophisticated fraudulent emails or websites. 

Phishing attacks are getting more sophisticated, expanding beyond emails to text messages and various other avenues of personal communication. This results in not only financial headaches, but also a loss in customer trust, which can seriously damage the reputation of a business.

Card fraud presents a dual threat, affecting both merchants and consumers alike. For consumers, these breaches jeopardise their personal information, including email addresses, rendering them potential targets for various crimes, such as identity theft. For merchants, the stakes are equally high, encompassing not only the aforementioned risks but also potential lawsuits, revenue erosion, and the erosion of consumer trust in their business.

AI’s role in cybersecurity

With the advent of AI, we’re seeing tools that are being exploited by criminals, such as technology that can mimic people’s voices, so people think they are speaking to a trusted source and hand over their details. The ramifications of new technologies being used to bypass security measures invented when such applications didn’t exist, could lead to extensive breaches, impacting individuals and organisations alike.

While it’s hard to predict what the next wave of technology will do and what the risks might be from bad actors, there needs to be a shift toward more advanced and secure authentication methods to bolster payment security and provide a more robust defence against growing cyber threats – both old, new, and unknown. 

Multi-Factor Authentication for enhanced authentication

Multi-Factor Authentication (MFA), including the use of biometrics and behavioural analysis, plays a crucial role in reducing fraudulent activity and enhancing payment security by adding an extra layer of protection to the authentication process. For example, MFA requires users to provide multiple forms of identification before they can access their payment accounts or make transactions. This includes something they know (like a password or PIN), something they have (like a device) or something they are (like a fingerprint or facial recognition). 

By requiring multiple factors for authentication, MFA makes it significantly more challenging for cybercriminals to gain unauthorised access to accounts. Even if they obtain one factor, such as a password, they will still need access to other factor(s).

MFA methods can also be adapted to various payment scenarios, including online and mobile payments. This adaptability serves as an assurance that users can seamlessly employ MFA, regardless of the specific payment channel they engage with. At the same time, merchants need to collaborate closely with their payment service providers to deploy MFA whenever required and to maintain their conversion rates as optimised as possible.

The future of payment security

The evolution of payment security will likely include wider adoption of tokenisation, as well as more widespread use of stronger end-to-end encryption. We can also anticipate a surge in the integration of AI-powered biometric and behavioural data, reinforcing the authentication process.

AI and machine learning will also play an increasingly bigger role in real-time monitoring, empowering financial institutions to promptly identify and respond to potential threats. Stringent regulations, such as PCI 4.0, will establish new industry benchmarks, ensuring that security measures keep pace with emerging threats. In the future, payment security will not only be robust but also adaptable, safeguarding the financial ecosystem against the relentless evolution of risks.