Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 22 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

How can real-time payments be secured?

by The Gurus
June 18, 2018
in This Week's Gurus
Share on FacebookShare on Twitter

David Worthington, VP, Payments at Rambus

In today’s on-demand world, we expect to be able to spend, move and receive money instantly.

For this reason, real-time payments (RTP), also known as ‘faster payments’ or ‘instant payments’, are gaining momentum globally. Accenture estimates that there are now 35 countries with real-time payment schemes in operation or under development.

With account-based fraud on the rise, however, the move from standard to real-time transactions is causing significant security challenges for central banks and clearing houses.

Understanding account-based fraud  

Most fraudsters will usually follow the path of least resistance.

The success of anti-fraud measures like EMV® chip, EMV 3-D Secure and payment tokenization in mitigating card fraud in-store and online means fraudsters are turning elsewhere.

For various reasons, Demand Deposit Account (DDA) credentials, which relate to current, savings or checking accounts that are used for direct credit transactions through automated clearing house (ACH) processing, are an increasingly attractive target.

DDA credentials are already stored in their raw form across various locations, such as e-commerce websites, mobile and P2P wallets, invoices and payroll.

While the frequency and public awareness of ACH fraud is much lower than credit and debit compromises, the average value of unauthorized ACH transactions is actually much higher. This creates the potential for very large value frauds, and even systemic attacks against national payment systems.

Despite the threat, many central banks don’t actively monitor some of these types of fraud, with losses below a certain limit written off as a cost of doing business.

The move from standard to real-time transactions adds another layer of complexity and creates further opportunities for fraudsters. Quicker transaction times increase the chances of fraudulent transactions going undetected.

Faster payments = faster fraud?

This is because banks currently rely on a layered approach combining various techniques. But somewhat surprisingly in today’s automated world, checking payment mandates and unusual account activity manually remains a mainstay of the traditional clearance process.

The problem is, manual review is simply not feasible when the clearance time for account-to-account transactions is measured in seconds, not days.

Importantly, fraudsters recognize the challenges facing banks when transitioning and are ready to exploit any vulnerabilities as soon as a RTP scheme goes live.

Banks need to get ahead, be proactive and protect the account data itself, rather than simply be reactive and wait for the fraudsters to strike.

Securing real-time payments with tokenization

Enter tokenization.

Tokenization has been hugely successful in safeguarding payments in-store and online by replacing the consumer’s primary account number (PAN) with a unique payment token that is restricted in its usage, for example, to a specific device, merchant, transaction type or channel.

By removing account numbers from the transaction process entirely, tokenization can significantly reduce the risk and impact of account-based fraud to support the development of a safe and secure instant payments framework.

The good news is that tokenization is easily transferable to account-based transactions, is complementary to other anti-fraud measures, and is easily compatible with existing systems.

Account data, faster and safer

For banks, ACH fraud represents a bigger financial risk than card fraud and is going to become harder to manage as real-time payments become the norm. The ecosystem must work to mitigate fraud before it has been attempted. Tokenization, therefore, is primed to play a pivotal role within the broader security mix.

To learn more about real-time payments and how to secure them, download the Rambus eBook.

FacebookTweetLinkedIn
ShareTweet
Previous Post

Back to basics: Ten Tips for Outsmarting Ransomware

Next Post

Only 26% of researched security vulnerabilities are resolved

Recent News

WatchGuard

WatchGuard acquires CyGlass for AI-powered network anomaly detection

September 21, 2023
'open' sign on window ledge

SME Cyber Security – Time for a New Approach?

September 21, 2023
Keeper Security Logo

Keeper Security Named a Market Leader in Privileged Access Management (PAM) by Enterprise Management Associates

September 21, 2023
Synopsys leader in AppSec

Synopsys Recognised as a Leader in Static Application Security Testing by Independent Research Firm

September 20, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information