The outbreak of the COVID-19 pandemic has led many peopleto fall back extensively on digital infrastructure–be it collaborating virtually with co-workers and clients across geographies or orderingessential goods and servicesthrough e-commerce portals. If the growth of connected devices which are predicted to nearly triple its current level by 2025, from 26+billion IoT devices to 75+ billion by 2025[1], was the first impetus, COVID-19 may well be the second to accelerate the use of digital payments. The countrywide lockdown has, onthe onehand, propelled citizens to go digital and, on the other, migrated a new set of consumers into the digital payments ecosystem. At the same timeWorld Economic Forum’s Global Risks Report 2020[2] mentions, data theft as one of the top risks that businesses are likely to face in the long term. And with this unprecedented digital dependency, what becomes really critical is safe and secure access to online services andunwavering data protection of organizations and consumers. With a possible rise in cyberattacks under the current circumstances[3], this is a must-have.
How effective are passwords?
Even though computer passwords have come a long way since the 1960s, the traditional methods of keying in a password, including additional security questions is still not tamper-proof, as the information is often misspelt, forgotten or stolen. With compromised credentials responsible for over 80% of data breaches as per Verizon Breach Investigations Report 2019[4], at a time when remote working is gathering steam, and is being contemplated as a long-term move, employees, the human element, can prove to be the weakest link in an organization’s security chain.Hence, organizations are now realizing the need to adopt strategies that depend less on passwords, by implementing multi-factor authentication systems.
Technology to the rescue
The penetration of sophisticated smartphones and tablets equipped with fingerprint sensors and high-quality cameras and speakers, have enabled the integration of biometric authenticationin everyday life. These devices often form the core of working remotely, with VPN authentication, email access, document editing and collaboration tools, all possible on a smartphone. While this clearly reflects the findings of a Visa survey[5] released in 2018 – that stated consumer’s inclination to adopt at least one method to verify their identity – it also showcases their desire to drift away from legacy authentication methods like passwords that need to be typed. The same can be extended to banking, payments and other transactions where security is pertinent.
Time to adapt
The payments ecosystem is evolving and so should the waysin which we keep it secure. New authentication and anti-fraud technologies are making signatures and PINs optional for issuers and merchants. For instance, since the last one year, the regulator has mandated issuers to issue EMV chip-enabled contactless payment cards.Besideschanging consumer behaviour, which is embracing mobile technology to pay –security in payments is also being driven by mobile technology.
Hence as the payments industry starts adopting digital forms, the tokenization of card credentials will help banks and digital payment service providers to offer consumers a safe, simple and consistent purchase experience, regardless of where they are and what device they use to pay, playing an important role in moving away from passwords.
Another technology that will play a key role in securing payments, especially with more connected devices, is EMV®3-D Secure.This will deliver rich data to financial institutions and merchants to better authenticate consumers and reduce fraud on transactions made via a mobile or desktop browser, app, or connected device. Using sophisticated artificial intelligence across more than 100 applications and capabilities enables Visa to create a more secure payments ecosystem without sacrificing consumer experience. Machine Learning analyses fraud migration patterns that help issuers verify card applications in near real-time and at scale.
Although the current pandemic trains its focus on safe and secure digital payments for consumers,convenience is in the eye of the cardholder.Highly secure payment systems remove a key challenge for the digital ecosystem – the dropout of consumers from digital payments and bolster consumer experience without foregoing convenience. With seamless, secure payments where authentication and verification move to the background, the dependence on keying in passwords and security questions will reduce considerably, making payments ultimately more convenient for the consumer.
The future – biometrics, for everyone everywhere
Enabling a wide range of authentication capabilities is an extension of Visa’s broader strategy: to make payments more secure and convenient for everyone, everywhere. Technology has solved so many of life’s little frustrations—from paying for your bills online to waiting for a taxi. So why are we still fumbling with clunky passwords, which are easy to forget or mistype and vulnerable to theft?
With biometrics, all that is changing. By using the measurable human traits unique to each and every one of us, we have new tools for secure, accurate and convenient authentication. And that is making a password-free world more and more possible.
In Ukraine Visa teamed to pilot biometric payments such as face recognition both in retail and online. In Georgia we partnered with Bank of Georgia to test biometric facial recognition in the Tbilisi subway system. Using this innovative technology in public transport system provides the option of purchasing a ticket and passing through the turnstile in less than a second with facial biometrics.
This solution in test format is accessible on trial at Avlabari metro station and with our partner we plan to expand facial recognition payments to 30 more stations in the near future.
This approach means taking into account the unique preferences, habits and cultural attitudes of our billions of cardholders around the globe. It means factoring in the needs and capabilities of our stakeholders in different markets, and providing flexible solutions that work in a range of contexts. In short, there is no global, one-size-fits-all approach, which is why Visa is not choosing a single biometric solution or implementation. Rather we’re focused on enabling a broad range of technologies to address the varied needs of Visa’s clients and cardholders worldwide.
We’re excited about the tremendous progress happening in biometrics and authentication. And while we have some of the best minds in the industry working to make the process more secure and seamless, it will take time until we can fully eliminate PINs and passwords, since they are integral to payment infrastructure in many countries. Visa will continue to support and strengthen those means of authentication, while looking for new ways to incorporate biometric technologies and forging new ground in the world beyond passwords.
Discussion about this post