Latest Trends in Payments: How Secure Are They?

Payments Leader

Posted on March 27, 2014

A person pays with a credit card during an online purchase

Advancing technologies have paved the way for new payment solutions that could bring numerous benefits to vendors and consumers. But some are concerned about security and whether these new systems might simply lead to new problems. By reviewing emerging payment options, we can see if such concerns are valid.

Magnetic Secure Transmission

As smartphone use continues to grow, companies are looking to take advantage of a new, consumer ecosystem which has the ability to support contactless payment systems. Bluetooth Low Energy already exists on more than 200 million iOS devices, and millions more Android devices as well. However, in the highly-competitive smartphone commerce market, compatibility issues have given others a chance to make their own footholds.

Using a process called Magnetic Secure Transmission (MST), at least one company touts the ability to turn virtually any smartphone into a contactless payment system. The technology sends a magnetic transmission to a terminal’s mag stripe reader, causing it to act like a receiver – without having to upgrade the terminal’s software or hardware. All consumers need to do is download an app and attach a special fob or case to their phones.

Users simply select a card from their mobile wallet and transmit their payment information by moving within four feet of a payment terminal. Right now, the devices are said to work with about 90% of terminals, not including gasoline pumps or ATMs.

Because such a system promises convenience – and because it boasts respectable security measures, such as full data encryption and a PIN-protected app, which can be configured in such a way that it becomes unusable if your phone falls into the wrong hands – it is gaining some attention.

RFID

Radio Frequency Identification (RFID) employs radio signals for a variety of tracking and tagging purposes. Currently used all over the world, RFID tags contain a memory chip and antenna, which allow them to store and transmit data. While they can be used for an array of applications, in the payment world RFID is typically associated with “contactless” credit cards. Such cards may contain RFID chips, which are capable of transmitting account information and allowing for contactless payments.

Unfortunately, RFID chips are susceptible to “electronic pickpocketing,” in which thieves steal transmitted data using remote scanners.

But, does RFID really make it easier for thieves to steal credit card info? According to some experts, while thieves can use remote scanners to get your card info, they usually won’t be able to use it. Unlike magnetic stripe cards, RFID cards encrypt information. They also use a new unique authentication code for every single transaction, which makes them harder to replicate. Still, knowledgeable hackers do have the ability to successfully steal and use RFID info, leading some consumers to rely on RFID-blocking wallets or shields, which usually use steel or aluminum to block remote access and keep out prying eyes.

Bluetooth Payment Technology

For a while, it looked like Near Field Communication (NFC) would revolutionize the shopping experience by allowing consumers to purchase items by simply tapping a payment terminal with their smartphones. Now, Bluetooth Low Energy (BLE) seems to be stealing NFC’s thunder by making the tap obsolete.

By allowing consumers to pay without the need for close proximity, BLE looks poised to truly revolutionize retail shopping. Relying on beacons as transmitters, BLE allows vendors to accept contactless payments from customers as far as 50 meters away – in contrast to the extremely short range of NFC or RFID. The technology also opens the door for potentially lucrative in-store loyalty and marketing campaigns.

Obviously, since data is being transmitted from a distance, BLE comes with some security concerns; however, the technology does minimize risk by utilizing Advanced Encryption Standard (AES) and Counter with Cipher Block Chaining Message Authentication (CCM) cryptography to encrypt transaction data.

EMV Chip Technology

As the world of payments evolves, financial institutions are taking steps to stay ahead of thieves. Currently, Europay, Mastercard & Visa (EMV) is positioned as the next big defense against wireless credit card theft. Besides speeding up adoption of mobile payments, EMV chip technology adds elements to transactions to make account data more difficult to steal. With this technology, even if data is compromised, a potential counterfeit card would be useless without the presence of the original card’s unique elements. MasterCard, Visa, American Express and Discover are so confident in EMV chip enabled cards, in fact, they are forcing merchants to develop the capability to support EMV by October 2015 or accept liability for counterfeit card transactions.

The Bottom Line Every payment method comes with some level of theft risk. Even newer payment trends are not 100% safe. However, these new trends in payment technology wouldn’t exist at all if they weren’t at least an answer to risks consumers already face. In fact, the intense focus on security and payment fraud prevention brought about by current card weaknesses has most likely made the payments industry safer than ever; and efforts to increase security will only continue.

 

Leave a Reply

Payments Leader

Payments Leader from FIS provides insights on credit, loyalty, fraud and emerging payments strategies through blog posts from our industry experienced authors.