With an explosion of digital payment channels, transaction security enhancement has become indispensable for all entities in the payment process – issuers, acquirers, merchants, payment brands, mobile and digital commerce solution providers. The risks and cost of securing a growing volume of transactions to meet regulatory and compliance requirements has increased substantively.
According to the Nilson report, October 2016 edition, general purpose and private label credit, debit and prepaid cards worldwide generated $31 trillion in total volume in 2016, a 7.3% increase over 2014. Losses based on fraud to card issuers worldwide reached $15.72 billion. By 2020, card fraud worldwide is expected to total $31.67 billion.
The continuous evolving and dynamic nature of fraud is the biggest business threat banks face today. The multiple facets of fraud include skimming, card trapping, shoulder surfing, card-not-present transaction fraud, inadvertent disclosure of PIN card information and pharming. Banks need to be vigilant and continuously upgrade fraud and risk management infrastructure and governance processes to protect card sensitive information and prevent unauthorized transactions. Over time, several controls have been implemented including chip-based cards, two-factor authentication such as OTP, Dynamic Device Authentication and Tokenization, with a view to safeguard the payments environment.
In addition to these measures, another major aspect banks need to focus on is consumer awareness and empowerment. It is pivotal that customer confidence and trust is maintained in yet evolving digital payments.
A consumer-driven card-control system empowers cardholders to control their payment instruments (credit, debit, prepaid or virtual cards, wallets) via an application ported on a smart phone. This would effectively lower the adoption rate for electronic channels. The card control app enables financial institutions to empower customers to set and control their card attributes, according to the preference on their existing card(s). The objective is to instil confidence and build the security cardholders need while performing a cashless transaction. A guaranteed security of managing a card will help banks optimise fraud risk spend and boost revenues from growth in digital transaction volumes.
The use cases that a card control app would enable includes:
Spend Tracking: Customers who wish to enable their card to be remotely configured can opt to enable a Toggle on/off control using the App. This would be like a primary switch that can activate or deactivate individual settings. Cardholders can set individual spend limits based on a range of parameters. This could include channel type, merchant category or place of purchase. Also, customers can receive notifications when such controls are breached or unusual transaction activity is detected on their payment instrument. This helps customers to instantly act on the fraud and take control of the issue immediately.
Parental Control: Parents can create customized spend profiles for each family member and can proactively monitor where, when and how dependents spend. Also, geo-fencing a card can enable parents to make their minor kids use the financial instrument within a known radius.
Safe Mode. Single Transactions: Customers can activate a safe mode to enable a single transaction on the card. For example, sending corporate staff on a specific errand.
Corporate Users: Card controls provide businesses improved control, transparency and reporting on expenses. Whether employees are stocking up on office supplies or taking a client to dinner or travelling abroad, FSS Toggle helps corporates allocate and track spends and bring transparency in transactions. Businesses can create spend profiles for each employee (sub-account) and monitor expenses to prevent misuse of official cards. For example, a maximum single purchase amount can be set, or transactions can be limited to specific merchant categories or to the total amount spent over a specific time-period.
Enlisting customers in the fight against fraud and crowd-sourcing fraud management can help banks achieve an added layer of security at a very low cost. FSS has launched Toggle, an application that allows the customer to proactively manage how, when and where virtual, debit and prepaid cards will be used. With Toggle, issuers can offer their cardholders the ability to set blocks and alerts on their cards and/or digital accounts using a mobile app or via the issuer’s mobile banking application or online website.
By Suresh Rajagopalan, President Software Products, FSS (Financial Software & Systems)