About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Take On Payments

« Top 10 Payments Events in 2014 | Main | Forming a More Perfect Union (for Faster Payments) »

January 5, 2015


Can Insecurity Keep Us from Faster Payments?

Helen Keller once said, “Security is mostly a superstition. It does not exist in nature.… Avoiding danger is no safer in the long run than outright exposure.” It is unlikely that Ms. Keller was considering real-time payments when she offered this perspective, but this post will.

As part of its broad effort to chart a future for payments, the Federal Reserve conducted a Payment Security Landscape Study. It was no surprise that the study highlights “persistent and ever-changing threats” as a given within payment systems. The study suggested several improvement or focus areas:

  • Improve industry coordination to increase the timely adoption and implementation of technology, standards and protocols.
  • Improve the protection of sensitive data that can be used to perpetrate fraud, including devaluing or eliminating such data from the payments process.
  • Strengthen authorization and authentication of parties and devices across all payment methods and channels and adapt approaches as the payment system evolves.
  • Improve the collection and reporting of aggregate data on fraud losses and avoidance.
  • Broaden access to actionable security and fraud threat information to payments system participants, including less technologically sophisticated participants and end users.

Applying Ms. Keller’s risk perspective to payments systems would suggest that work to prevent security breaches, fraud, or theft is futile. Fortunately, using the foregoing list as evidence, it’s clear that those considering the future of payments haven’t adopted this perspective. The most critical elements for optimizing the security of payments are all there, though some could surmise that detection or prevention measures have a disproportionate emphasis, with response measures perhaps rating as secondary. It is important to make sure that risk management is optimized across all three broad areas—prevention and detection, yes, but also response. In particular, in the context of response, the enforcement landscape will need to be ordered such that consequences for perpetrators are both timely and proportionate to the harm a given incident may cause. User protections will need to evolve as well.

If one agrees that advancing faster payments offers rewards and that holding back doesn’t promise freedom from harm, it’s encouraging to observe industry direction. Indeed, it seems reasonable to conclude that faster payments scheme architects will heed the notion that real-time payments will require real-time security. Particularly encouraging is that the discussion on payment security is at the center of industry dialogue and likely to remain so as the work to advance faster payments continues.

By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed

January 5, 2015 in consumer protection , data security , emerging payments | Permalink

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a01053688c61a970c01b7c72c9476970b

Listed below are links to blogs that reference Can Insecurity Keep Us from Faster Payments? :

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

Google Search



Recent Posts


Archives


Categories


Powered by TypePad