Cybersecurity: Keeping one step ahead

Security has never ranked so highly on the global risk agenda, while strong leadership in this area has never been more critical. Across the globe, people are witnessing the unprecedented convergence of the physical and digital world, leading to new challenges for us all.

The incredible rate of technological innovation we have seen over recent years has resulted in fundamental changes to every aspect of our lives. Whether it is in the way we live, work or play – we are all entering into uncharted territory. The payments industry itself must constantly evolve in order to stay one step ahead of the consumer – and several strides ahead of criminals.

Since the introduction of plastic payment cards half a century ago, the growth of digital transactions has revolutionised the way that people consume. Thanks to the latest technology, cardholders today have faster, simpler and more convenient ways to pay for whatever they want, wherever they are.

The potential impact of the so-called ‘Internet of Things’ era – in which everyday objects have network connectivity, allowing them to send and receive data – is huge. With the number of connected devices predicted to grow to over 20bn by 2020, consumer experience will change for the better, improving lives both at home and at work. People will be able to save time, be safer and healthier and more able to spend time on things that matter most like family, friends and passions. When it comes to payments, multiple devices can become commerce devices and we are seeing that today already with connected cars, refrigerators, accessories and even clothing.

Harnessing security to innovation

However, with every new connected device, security needs to be included from idea inception all the way through to product rollout. It is more important than ever that we address cybersecurity challenges while fighting hacks, breaches, stolen identities and more – all as part of a concerted effort to stay ahead of the bad guys.

Innovation cannot be done with security as an afterthought. Instead, security and innovation need to be developed hand-in-hand and planned for from idea inception to product rollout, and beyond.

Just as consumers have embraced the latest secure and convenient ways to make payments; criminals are also adapting, using increasingly advanced technology to commit cybercrime and fraud. Cybercrime is arguably the most serious threat to businesses and national economies of our time.

Last year saw the exposure of the biggest bank raid in history, in which a gang of hackers based in Russia were able to use incredibly sophisticated malware to steal US$1bn from more than 100 financial institutions worldwide. But big institutions aren’t the only victims of cybercrime of this magnitude. In this data-driven era, individuals and small merchants are also being targeted. In response, MasterCard is focused on rolling out state-of-the-art security technology as well as education programmes providing security advice for both consumers and businesses around the world.

It is crucial to remove human error as, by constantly stress-testing our safeguards and improving them, payments have undeniably never been more secure.

Yet at the same time, criminals have never been smarter – and they are relentless: 24/7, 365 days a year, they’re constantly plotting and innovating new ways of compromising safety and security systems. The technology to counter these threats is working, but needs to be adopted more widely and quickly.

Speeding up the transition

The slow uptake of what many of us already consider essential technologies is an indication of the need for everyone to adopt secure technologies faster. One example is the Europay, MasterCard and Visa – aka EMV – global standard for credit and debit payment cards based on chip card technology. While most of the world is rapidly transitioning to EMV, the adoption rate is still some way off 100%. But EMV’s effectiveness is clear, as it has helped reduce card fraud significantly in those markets that have embraced it.

A greater menace is the growing scourge of card-not-present (CNP) attacks, which account for more than half of all fraud but can be countered through existing identity verification techniques. Entry level tools such as password cardholder verification are still not universally used, yet far more secure methods using biometrics are already waiting in the wings.

These technologies, including MasterCard’s Identity Check – dubbed ‘selfie pay’ – is being trialed in North America and the Netherlands. The technology eliminates reliance on passwords which could be easily stolen or forgotten, thus making payments both easier and safer. Innovations supported by our network, such as tokenisation which powers the security of Apple Pay, demonstrate the potential in this field but they are just the tip of the iceberg.

Such successful partnerships show that collaboration is key. Ultimately, there is no one solution to deal with cybercrime and layers of security must be employed to secure electronic payments. To tackle these threats, the universal commitment of financial institutions, retailers, payment networks, governments as well as greater vigilance among consumers, is required to keep at least one step ahead of criminals.


Related reading