Friday, 3 July 2015

New Generation Payments

By Saranya Haridass

As the payment industry grows across the globe, newer and convenient ways of making payments are the current trend, wherein we are moving towards cashless payments. The next generation of customers is looking at using their favorite things as payment devices.

In this direction, the emerging new payment technology is contactless payments, extensively carried out through mobile payments. Contactless payments are also known by the name ‘wave and pay’, ‘touch and go’, ‘scan and go’ and ‘tap and go’. Payments can be made without the physical contact between the payment device and the terminal, with the help of radio frequency technology. These types of payments have lower limit, i.e., the amount is limited per transaction. Payments of this kind are most effectively used in transportation services, parking, fast food restaurants and vending machines. Because of its lower limit and secured features, there is a remarkable increase in the usage of contactless payments. Fraudsters might not be interested in contactless payments as the amount limit is low.

Contactless Payment Devices

There are quite a few options available for contactless payments such as Contactless cards, contactless wrist bands, contactless key fobs, contactless mobile, contactless stickers and many more.

Benefits
  • Faster - The time is saved considerably, thereby speeding up the transaction process during the peak time as the PIN or signature is not required usually. As a part of security requirement, sometimes the PIN might be required to complete the transaction.
  • Customer friendly - These types of payments are more convenient for the customers to use, as they do not have to enter PIN, sign the bill or take cash for the low cost payments.
  • Highly secure - Contactless payments are more secure as the devices have a unique built-in key, which generates unique code for each transaction. Any attempt to pay using the same transaction information will be rejected. The payment device is safe as it will always be with the customer during the entire transaction process. No other details such as customer name etc. are communicated to the device apart from the amount alone during the time of the transaction. 
  • Protection - Similar to other payments, contactless payments are also covered by fraud protection regulations. Money will be refunded to the consumers’ accounts in case of fraudulent transactions.
 How it works
  1. Payment device and the card reader both should have the contactless symbol indicating that the contactless payment can be executed
  2. Merchant enters the payment amount in the card reader and the card reader prompts for the customers to present their payment device
  3. Customer should verify the payment amount and place the contactless payment device above the contactless icon in the card reader less than 4 inches of distance 
  4. The terminal reads the data from the card
  5. A beep sound or green light indicates that the payment is being processed
  6. Customer will receive the receipt for the approved payment
Conclusion

In the coming years, contactless payment devices will substitute the plastic cards and other types of payment options. With the increase in security and customer confidence, the technology is slowly moving towards the cashless way of life.

Utility of next generation technology explored at its best!
Posted by at No comments:

Payment Tokenization

By Santosh Srinivasa

Background
The payment industry has been facing the challenge of providing solutions for payments that protect against various types of frauds like counterfeit, theft, account misuse and others. The implementation of EMV chip and usage across the globe has provided protection for card-present transactions, while there is a need for something similar for the card-not-present transactions and for new environments, which combine elements from both card-present and card-not-present transactions. The payment tokenization technology promises to address this issue.

The industry has spent a lot of time working on this; Apple Pay, introduced in October 2014, used the tokenization approach provided by Visa, MC and AMEX as an answer for this. Visa is planning BIG through the NFC tokenized mobile payment approach, which will change the world of payments.

When we usually make a payment for something, we handover the card to the merchant and wish for the cards details to be safe and secure. The card details from the merchant are sent to the acquirer through a switch and reach the issuer via the card schemes for authorization.

The emergence of mobile payments has created the risk of relying on the phone itself to carry out many transactions, thereby tracking/monitoring the device for fraud prevention. The new solution will convert all the sensitive card related information to a single-use token generated by a third party system. This makes it difficult for the hackers to access any data or use it for purchases.

The concern with the merchants is of not having the PAN used for more than just the transactions; bonus/loyalty points and dispute claims. The obscuring of PAN leads to merchants not possessing important data for processing. The token service will ensure that only a portion of the PAN is masked with the first 6 digits available.

An Overview of Tokenization

Tokenization is a process where the PAN (Primary Account Number) is replaced by a surrogate value called as ‘Token’. The process is very secure with properties, making it difficult to determine the original PAN from the token. The token will be mapped to the PAN and used by other systems and applications within the environment.

The tokenization system once implemented, limits the storage of card holder data by the merchant as per the PCI-DSS compliance. The token system will generate random numbers unrelated to the used PAN to make payments. This is the technology driving the Apple Pay service, keeping the credit card details safe and secure on the mobile phone device, which cannot be transmitted. The merchants cannot see the real PAN and in case of any security breach, the customer need not apply for a new card.

Tokens and Data in Payment Cards

There are many mobile wallets available in the market like – Google, Venmo, Payfone, ISIS, CSAM and mPOS solutions, which can be considered for this service.

The tokenization solution will benefit acquirers, merchants, card issuers and card holders.

The main components in this are:
  • Token generation
  • Token mapping
  • Card data vault
  • Cryptographic key management
The ISO standards applicable for this are ISO 7812, ISO 8583, ISO 9564, ISO 1349, ISO 27001, PCI-DSS

Conclusion
The security of using mobile payments with Apple Pay and Android devices is the key for the growing market. The token service will be the future, supporting the token application on the mobile device. The customers shall be satisfied with the payment applications providing this facility and will not have a clue about the token service.

Visa has already implemented the token service in the US and is looking forward to cover it worldwide in competition with the others offering NFC-HCE (Near field communication - Host card emulation) solutions for the same.

The future for online payments is mobile payments with token service.
Posted by at No comments:
Subscribe to: Comments (Atom)