A new report from Aite Group provides insight into where end-to-end encryption (E2EE) is going based on the perspectives of key decision-makers at core vendors of such solutions. Among other things, the report considers the revenue models being adopted by E2EE vendors and speculates on the long-term prospects for E2EE adoption, standardisation of tokenisation, and the likelihood of a shift to EMV chip card infrastructure in the US.
Aite Group concludes that the most appropriate technological route to address current card fraud threats in the US is E2EE, particularly given the entrenched nature of magnetic card infrastructure in the US. While E2EE does not prevent the use of counterfeit or lost and stolen cards, it prevents criminals from accessing the raw materials for card crime: the card data itself. It also appeals to merchants, helping remove them from the scope of Payments Card Industry Data Security Standards (PCI DSS). In fact, vendors perceive merchants to be as likely to purchase E2EE solutions to offload PCI DSS requirements as they are to secure card data.
“Merchant choices will be highly subjective based on transaction fees, hardware requirements, and, not insignificantly, the degree to which an offering removes the merchant from PCI scope,” said Nick Holland, senior analyst with Aite Group and author of the report. “While a focus on PCI scope reduction may be a fine way for E2EE vendors to gain merchant attention, it loses sight of the fundamental aspect of solutions – protecting consumer cardholder data. Vendors should be careful not to over-focus on this aspect of E2EE promotion; ultimately, the definition of what takes PCI out of scope is in the hands of the PCI Standards Council, and not in the hands of vendors.”
The providers of E2EE are generally point-of-sale (POS) hardware vendors, payments processors, or security vendors that partner with E2EE experts to offer solutions. Among the providers mentioned in the report are Element, First Data Corporation, Heartland, Hypercom, Ingenico, MagTek, RSA, Semtek, VeriFone, and Voltage Security.
The annual BNP Paribas Cash Management University kicked off on Thursday morning with treasury professionals congregating in Paris from across Europe.
APIs may be a solution to MT940 challenges, says Karen Fagan, treasury operation manager, for British television company, ITV.
Kicking off the first day of the Singapore Fintech Festival, issues with cryptocurrencies were addressed by MIT media labs director, Joi Ito, and panels of technology leaders discussed how they’re using data analytics.
Sibos 2017 day two highlights: Brexit and banking, and why ‘data is the new oil’ in financial services
How nation first politics can impact global financial organisations It’s clear that data and regulation are the two key topics that are ... read more