Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
September 9, 2013
Improving Customer Authentication
The Retail Payments Risk Forum recently hosted payment industry participants at the Improving Customer Authentication forum. On July 31, banks, nonbank payment service providers, industry associations, law enforcement officials, and regulators listened as keynote speakers and panelists explored methods and technologies for improving customer authentication so that financial institutions and other payments stakeholders can better mitigate payments fraud. Forum goals were to help participants understand the challenges of current methods of authentication and the legal implications, as well as to explore emerging solutions, along with pros and cons, that can improve authentication in both the face-to-face and remote channels.
Some of the key learnings from the forum include:
- Customer authentication is critical to proving identity, authority, and consent throughout the entire payment process.
- Customer authentication can be achieved by any combination of factors within three categories. For best practice, different categories should be used:
- Something you know (user ID, password)
- Something you have (card, phone)
- Something you are (biometrics, activity pattern)
- Currently, no single, simple, legally approved method for authorizing a payment or ensuring that a particular payment is authorized exists.
- New payment types are stretching the boundaries of the current payments infrastructure and have created weak points that are being probed and exploited by cybercriminals.
- While overall payment card fraud levels, as expressed as a percentage of sales, are at an all-time low, certain categories of card fraud such as card-not-present (CNP) are significantly increasing.
- Financial institutions are encouraged to build relationships with local and federal law enforcement officials and to report fraud—it is possible that a crime at your institution is part of a larger network of criminal activity.
For a more complete summary of the forum and to see video interviews with two of the forum speakers, go to the conference website.
By David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
TrackBack URL for this entry:
Listed below are links to blogs that reference Improving Customer Authentication :
- Will Payments Be Getting REAL?
- Financial Solutions for the Younger Generation
- Encouraging Password Hygiene
- Should We Throw in the Towel When It Comes to Data Breach Prevention?
- Looking for Partners in Safer Payments
- The Range of Un-Friendly Fraud
- Payments Webinar October 10: Cash in the 21st Century
- "Insuring" Ransomware Will Continue to Flourish
- Designing Disclosures to Be Read
- Is There a Generation Gap in Cash Use?
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- account takeovers
- ATM fraud
- bank supervision
- banking regulations
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- credit cards
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- financial technology
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- online retail
- Payment Services Directive
- payments fraud
- payments innovation
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- skills gap
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workforce development
- workplace fraud