| | April 20189SECURITY IN DIGITAL PAYMENTSWith the current focus on reducing cost of acceptance on a debit card transaction, it is also important to reassess the security architecture (hardware & software) that supports cards operationsgeographical boundaries. Artificial intelligence and machine learning enabled solutions will be able to con-sume large data sets across payment channels and redefine fraud model-ling paradigm in the coming years. Within card payments, debit card contributes to more than 50 percent of the overall spends and any inci-dence of fraud in this payment prod-uct translates to an `instant' loss to a client. With the current focus on re-ducing cost of acceptance on a debit card transaction, it is also important to reassess the security architecture (hardware & software) that supports cards operations. In our market, we continue to witness higher fraud rates for card not present transac-tions. Quite often the root cause for such high fraud rates in this channel is a weak `authentication' layer. The process of establishing the identity of the person initiating the transac-tion is sometimes even more import-ant than reviewing the transaction data elements in the authorization stage. Robust authentication layer is the foundation on which a finan-cial institution can further build ca-pabilities to support cross channel authentication strategies. The shift from `what you know' to `who you are' presents an oppor-tunity to build an authentication layer which is intuitively more secure than static passwords or OTPs. The bio-metric based authentication solutions can be localized (on a card plastic or a mobile device) or be supported via a central server. Such authentication tools can also potentially be used for non-payment use cases such as reg-istration of debit card for repayment of a personal loan, access to mobile banking applications, third party transfers etc. Users want transactions to be virtually invisible; and bio-metrics as a mode of authentication supports such a near perfect payment experience. The constant effort to dif-ferentiate `good' vs `bad' transaction is to eventually prevent the `false de-clines'. It refers to a scenario where good customer/transaction gets im-pacted owing to the systemic rules maintained at the host level. Such an incidence can possibly be avoid-ed by breaking down the transaction further into individual data elements and build a transaction level score that uses each of those data elements to predict the probability of a fraud. This not only requires understanding of data science but also a good grasp on the building blocks of the financial message. The other important deci-sion is the architecture design of such a transaction level scoring solution to assess the merits of `bringing it in' in-stead of an externally hosted model. The use of Artificial Intelligence & Machine learning supported models will be a key to detect payment chan-nel frauds efficiently. As consumers interact with multi-ple digital devices for payments, it is useful to evaluate if such interactions can be profiled/templatised to an ex-tent that even if ones' credentials are compromised, the fraudsters are not able to replicate the `digital interac-tion' to take over the account. We are also witnessing a healthy adoption of the principles of `tokenization' to convert a sensitive data set (e.g. card number) into a data structure that in itself has no extrinsic value. This approach continues to solve for challenges around data protection & storage of sensitive information on multiple platforms. While we have made giant strides in the last 14 months, it is safe to assume that in an ever connected world, coming months will present newer challenges & opportunities for one and all in the payment ecosystem. Gautam Pande
< Page 8 | Page 10 >