View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. Analysis
September 21, 2020updated 18 Sep 2020 11:34am

Digital payments and minimising risks of security threats

By Mohamed Dabo

With the threat landscape continuously evolving, comprehensive digital payments practices have become paramount in today’s market. Mohamed Dabo reports on procedures that are likely to yield optimal results

Free Report
img

Prepare for changes in the Payments market

 The Payments market has seen drastic changes in the past few years, with this only expected to continue. What does your company need to do to prepare for what’s to come? GlobalData’s Payment Trends for 2022 report explores the key trends in technology, consumer habits, and regulations shaping the market. We also identify the leading companies in this changing market, giving you a competitive market outlook. This report covers the impact of:
  • ESG
  • E-commerce
  • Mobile payments
  • Alternative payment rails (Real-Time Payments, Blockchain, BNPL)
  • Fraud & Cybersecurity
  • Regulations
Download the report now to learn essential strategies to maximize your growth in the face of rapid change.
by GlobalData
Enter your details here to receive your free Report.

The Covid-19 pandemic has brought about a proliferation of digital fraud and data breaches, putting businesses under increased pressure to maintain transaction and data security.

Toronto-based international law firm Torys has developed ways for organisations to adapt strategies and develop a risk-mitigation approach. Although taking a Canadian perspective, the practices would allow businesses everywhere to stay competitive in the evolving digital payments ecosystem.

Risks for organisations

As they implement products and services within the digital payments’ lifecycle, businesses must consider their risks and vulnerabilities.

Data breaches

When businesses enter the digital payment space there is an increase in cyber-related threats in part because the volume, variety and sensitivity of information an organisation may process is expanded.

A business that relied on in-person transactions, or that has pivoted from wholesale to consumer service, may traditionally not have collected the sensitive personal data associated with digital consumer payments, and may be unprepared to adequately protect it.

Covid-19 further compounds these risks because employees may be accessing sensitive payments data from personal devices or home Wi-Fi networks that are poorly secured in comparison to corporate IT infrastructure or using new tools that may not be vetted by corporate IT.

Regulatory and related risks

Digital payments bring with them new forms of data to which organisations may previously not have had access, including transaction and consumer behavioural data. Organisations need to ensure that they collect, use, share, and safeguard such data in compliance with regulatory and contractual obligations as well as industry standards.

In addition to privacy and competition law obligations, organisations need to be mindful of whether they need to comply with industry-based regulations such as the Payment Card Industry Data Security Standard, and contractual obligations by financial institutions or card networks.

Organisations also need to prepare for upcoming changes in the regulatory landscape such as the federal government’s proposed introduction of open banking in Canada. Failure to comply with regulatory obligations can result in complaints to regulators, or independently attract a regulator’s attention, which can result in penalties.

Quebec, as part of its privacy reform, is proposing to impose monetary administrative penalties of up to C$10,000,000 ($7,320,000) or 2% of the organisation’s worldwide turnover, for a variety of contraventions, including for failure to report a breach and processing of personal information in contravention of Quebec’s private sector privacy act.

Litigation

Organisations are increasingly facing civil liability for failing to comply with regulatory obligations, predominantly in the form of privacy and data breach class actions. Compliance violations associated with sensitive consumer payments data are particularly likely to attract civil litigation.

Adjust digital strategy 

Companies that see, and seize, opportunity in the current crisis to invest in proactive measures and build relationships of trust with customers will fare best in this time of rapid transformation for digital payments.

Companies that invest in prevention, detection, monitoring and ongoing response to cyber threats will stand out from those that merely try to ride the changes out without investing in infrastructure or relationships.

This may be the time to map company data flows, test organisational infrastructure, identify weaknesses that fraudsters could exploit, and triage the plan for improving those systems.

It is also the time to undergo careful diligence on any third-party partners for payment processing, ensuring that contractual safeguards keep third parties accountable, and confirming that backstop measures such as cyberinsurance, alternative data processors, and record-keeping systems address the risks associated with consumer payment incidents.

It would also be timely to review internal cyber and privacy training plans, and the frequency of refresher communications.

The current momentum in the adoption of digital payments offers an opportunity to build on existing relationships with customers and clients through communication and education on privacy and security.

  • Explain the risks and ensure that customers are clear on what types of communication they should and should not expect, so they can better avoid falling for scams;
  • Remind consumers of the importance of creating difficult passwords and changing them regularly, and send out ‘calls to action’ when passwords are changed;
  • Consider creating a reporting service where customers can participate in helping to curb fraud by reporting suspicious texts and emails they receive – Interac was able to take down 4,400 phishing sites that were fraudulently using its logo through this method alone.

Businesses that keep at the forefront of these changes will build enhanced trust with their customers and within the wider community, gaining a competitive advantage as they move to implement robust digital payment systems in their organisations.

Free Report
img

Prepare for changes in the Payments market

 The Payments market has seen drastic changes in the past few years, with this only expected to continue. What does your company need to do to prepare for what’s to come? GlobalData’s Payment Trends for 2022 report explores the key trends in technology, consumer habits, and regulations shaping the market. We also identify the leading companies in this changing market, giving you a competitive market outlook. This report covers the impact of:
  • ESG
  • E-commerce
  • Mobile payments
  • Alternative payment rails (Real-Time Payments, Blockchain, BNPL)
  • Fraud & Cybersecurity
  • Regulations
Download the report now to learn essential strategies to maximize your growth in the face of rapid change.
by GlobalData
Enter your details here to receive your free Report.

NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. A weekly roundup of the latest news and analysis, sent every Wednesday.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU

Thank you for subscribing to Electronic Payments International