Rise of contactless payment and security implication for Fintech

Gone are the days when people had limited payment options. As per a research conducted by the Economic Times, the onset of the pandemic has led to a rise in contactless payments by 30 percent. Before the pandemic, people's priority was speed and convenience, and now it is shifted to safety and security, which is of paramount importance in stopping the spread. Fintech organizations need to strengthen their security to stop counterfeit cards and large-scale data breaches seeing the steep rise in contactless payments.

How contactless payment works?

Contactless payments are mostly made by contactless cards or mobile apps. According to Fiserv's expectations and experiences survey, 42 percent of consumers viewed tap-and-pay credit cards as the safest way to pay. These cards communicate with a contactless Point of sale reader. The antenna and chip embedded in the card establish a radio connection between the two. This way, payment information is exchanged.

What are the security features of contactless payment?

With all the comfort, benefits, and convenience follows the risks. Contactless payments may have it too. Fraud is possible in this mode of payment as information is being sent through a wireless connection.

Security features have been improving with the rise in contactless payment. Evidently, there are multiple layers of protection to reduce contactless payment security risk-

• Europay, Mastercard, Visa (EMV) global standard: It's an international standard that improves payment security and makes fraud extremely difficult. All Fintech companies have issued a new generation of contactless card with a microchip used to authenticate chip-card transactions.
• Unique transaction data: Fintech enterprises have enabled a unique transaction code for every payment. Every single purchase has its own encrypted code. It doesn't show any of the cardholders' information.
• Confidential cardholder information: Fintech enterprises don't need cardholders' information for any transaction. The chip in the card has no confidential information that can be stolen.
• Tokenization: Tokenization provides extra security. Tokenization replaces the primary account number with an encrypted number. During transactions, the cardholders' details are never transmitted.

What are the measures to be taken to strengthen the security of contactless payments?

Fintechs are actively working to make contactless payments secure. These steps have been taken to protect customers.

Customers fear losing their valuable data to Fintech companies. On many occasions, data breaches have led to sabotaging the privacy of the customers by exposing their data. Data sharing has always been a troublesome issue between Customers and Fintech companies.

Solution: Implementation of PSD2 and GDPR in EU and EEA and the Justice Srikrishna Report's recommendation in India will change the ways Fintech organizations collect data. Now individuals will have control over data sharing.

Counterfeiting, hacking, or cloning of cards has always been a concern for the customers. Customers are losing their money unknowingly because of frauds in contactless cards as well as payment apps.

Solution: Fintech enterprises are now exploring real-time data analytics and Blockchain, combined with cognitive learning. This reduces the risk of fraud in contactless payment. Biometric-based cards are being developed to reduce the risk.

The Bottom line

The coronavirus crisis has been a double-edged sword for the Fintech sector, resulting in a steep rise in the number of people opting for online and contactless payments. This has further demanded Fintech organizations to work on AI-driven tools and detect fraudulent activities. Fintechs have already started their hands-on tools like cryptograms to to check that the data they receive actually originated from the customer's mobile device. To discover software vulnerabilities such as insecure APIs, Fintech firms have undertaken a practice called AI fuzzing. This process uses machine learning to identify potential exploits in an app's codebase - ideally before hackers can find them.

References

• https://www.pwc.in/consulting/financial-services/fintech/dp/towards-a-more-secure-payments-ecosystem.html
• https://bfsi.economictimes.indiatimes.com/news/fintech/covid-19-is-a-turning-point-for-this-fintech/74861775
• https://www.intellias.com/how-to-avoid-contactless-payment-fraud/
• https://www.fiserv.com/en/about-fiserv/the-point/contactless-payments-rise-during-pandemic.html
• https://www.fintechmagazine.com/digital-payments/what-fintechs-can-learn-contactless-payments