The price of payment processing has always been linked to the fraud risk inherent in the chosen method.
When comparing the costs of online and offline payment processing, you notice that online merchants pay a notably higher premium than their brick & mortar counterparts. The cause for this lies in the higher fraud rate attributed to online payments, which is then calculated into the final price.
These added costs are a good reason to start seeking more secure solutions for online payments.
The optimal situation would be to bring the online fraud risk to a level similar to the current chip card payments.
To achieve this, the current state of online payments needs to develop considerably.
One solution would be to bring the familiar security elements used in brick and mortar to private devices. The growth of Internet of Things (IoT), could be the the require step to enable this sort of development.
Card VS. Online Payments
We have arrived to a situation where offline payments can be called truly secure, with chip cards beating the alternatives since their launch.
To breach an EMV chip card, criminal has to expend way more resources than it is possible to gain from the crime. Due to this, most payment crime has shifted to exploit the apparent weakness of today’s eCommerce ecosystem.
The payment cards still retain vulnerabilities, but these are mainly tied to the problems within online payments. While it is easy to skim the information written on the physical card, it is nigh impossible to lift the data required for a transaction from the card chip.
The situation improves further, when we can finally retire the obsolete magnetic stripes, which have been a source of grief especially in the Finnish petroleum industry.
Ecommerce creates the weakest link of electronic payments. We expect that online payment security will need to go through a major overhaul in the near future, with improved user identification being a prime focus.
Tokenization used in e-wallets is a good step forward, but optimal solution is to enable the use of card chips’ security elements in personal devices.
The Lack of a Common Link
The technology for bringing Chip & PIN -identifiers to online payments already exists. Before, the problem has been the missing link between large device manufacturers and payment industry.
Currently, retail data security is developed by payment system manufacturers. So long as payment technology remains as specialty hardware directed to brick and mortars, the improved security of card chips will stay out of reach for the eCommerce industry.
The situation will start unraveling as soon as an international electronic giant realizes that they are able to acquire the technology required to read chip cards at home for a pittance.
Taking advantage of the security elements included in payment cards would allow for no-risk payments in web-stores, reducing the cost of payments for online retailers.
The wheels will start turning as soon as giant corporations like Sony or Samsung start seeking improved payment methods for their new IoT -enabled devices.
Internet of Things as the Connection Between Online & Offline Payments
Internet of Things might be the required impetus that introduces card chips to the smart home ecosystem. Most IoT services require frequent online payments, which in turn raises the provisional costs.
Adding a NFC or chip reader to a smart device, would be an interesting opportunity to improve the services’ profitability.
Worldpay’s new mobile app that serves as a payment terminal gives an indication of the direction that card payments and smart devices are heading towards. The existence of a virtual terminal brings device manufacturers and payment services closer together than ever before.
A solution like this still requires a merchant ID. But, what if said ID was attributed to the Internet of Things service provider? This could be one way to bring a secure “payment terminal” to consumers’ homes, and greatly improve the overall security of online payments.
Additional benefits come from the improved user experience.
There is nothing quite as simple as contactless payment at a brick & mortar. This should be the benchmark to be pursued with online payment experience as well.
When we consider the fact that a better payment experience also raises the conversion rates of eCommerce, we have plenty of reasons to seek new innovations in the payment sector.
As a side-effect of IoT development, the online purchasing experience will inch closer to traditional shopping. This is yet another step towards the payment industry’s omnichannel utopia.
Simplicity and Security are at the Core of Payments
Despite the fact that crime targetting physical payment cards has been all but eliminated, payment fraud is still alive and well. Now the vulnerabilities are just sought from online payments.
While the online based payments are going through persistent refinement, it is evident that we are still miles away from achieving the nigh impervious security of EMV chip cards. And this gap is unlikely to be bridged without an intervention from a bigger player.
Mastercard’s DSRP is a step into the right direction, though it fails to properly unify offline & online payments. Taking advantage of EMV based cryptography and the Mastercard network is a good start, even if it leaves most of the chips' security elements on the table.
In the future, eCommerce and conventional retail payments will be closely linked. Though, we still need a slight nudge, before payments can be called truly omnichannel.
Finland has represented the front-line of payments for quite a while now. As such, why should we not act as a trailblazer on Internet of Things' payments as well?
About the Authors:
Seitatech's CEO. Extensive experience in developing payment solutions to banking and retail sector provides Sakari a keen eye for the upcoming trends in digital payments.