At the Visa Security Summit 2019, Chris Clark, the Regional President Asia Pacific for Visa spoke about evolving nature of fraud.
Not too long ago, committing fraud was as easy as stealing mail and getting an individual private financial details. This however was a tedious process, and generally only allowed access to one individual at a time.
However, with the digitalisation of much of our lives and the data that feeds our lifestyles, criminals have the opportunity to gain access to vastly large amount of data at a go.
Looking at the data hacks and leaks over the past two years globally, there have been so many events where tens of thousands or even millions of individuals had their private data compromised.
As summed up succinctly by Chris, there are two sides to the data debate: the promise and potential of data, and the problems associated with that.
We could add that the scale of the problems have also increased, thanks to the technology that allows for the storage and analysis of large amounts of data.
When it comes to financial data, many would agree that it is one of the most important verticals to safeguard online.
On June 19, Visa announced its Future of Security Roadmap for Malaysia. They’re taking what they call a robust approach to strengthening payments security in the country over the next 3 years.
“The payments landscape is evolving rapidly and there is an explosion of new and innovative ways to pay,” said Visa Country Manager for Malaysia, Ng Kong Boon, in a press release.
“We see the need to transform and balance between security and innovation, and more importantly, build trust and confidence among consumers and merchants in the payments ecosystem.”
These are the 4 key initiatives that Visa believes will enable security to evolve at the same pace as the technologies changing the way we pay:
- Devaluing data: This removes sensitive data (such as credit card numbers and passwords) from the ecosystem to make stolen account details inactive. Methods to do this include making us of point-to-point encryption, or tokenisation.
- Protecting data: Industry players and governments as well as regulatory bodies can do this via implementing safeguards to protect personal data as well as account details.
- Harnessing data: To identify potential fraud before it occurs and increasing confidence in approving genuine transactions
- Empowering everyone: All the members of the ecosystem must play their part in payment security, including account holders, third party providers and merchants.
Dictionary Time:
According to Technopedia, point-to-point encryption is the process that securely encrypts a signal or transacted data through a designated “tunnel.” This is usually applied to credit card information encrypted from the merchant point-of-sale (POS) entry to the final credit card processing point, often maintained by a third party.
Tokenisation replaces sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
-//-
When it comes to payment security, it’s not all doom and gloom. Fraud rates are actually at a historic low, and the Visa team believe that industry collaboration is key to reducing the current fraud rates by half.
But as we move more and more of our assets and resources online, we end up having to trust in the institutions and bodies responsible for all these transactions.
And it is increasingly clear that payment security is a big deal that is the responsibility of all.
As shared by Joe Cunningham, Head of Risk, Asia Pacific, “Anything that takes away trust of anyone making payments is a bad day.”
“Every data breach that occurs undermines trust in payments, every regulation after attempts to repair the trust,” said Chris.
So the end goal is to actually attempt to prevent such breaches from even happening in the first place, or at least to minimise their impact when they happen. And it seems that only way this can come into being is by having all players work together to aim to this future.