Many major financial institutions are innovating with cardless ATM capabilities that allow consumers to withdraw cash using mobile devices instead of plastic cards to authenticate themselves and initiate transactions.

Financial institutions view cardless ATMs as a way to improve convenience by eliminating the need for people to carry and replace easily lost or stolen cards, and also to reduce the cost to the institution of continual card replacement.

While cardless ATM technology is not new, its growing acceptance is being facilitated by new innovations in mobile payments technology in general.

Threats to cardless ATM acceptance

Currently, consumer demand for cardless ATMs is relatively low. For its ATM Future Trends 2017 report, ATM Marketplace surveyed U.S. consumers about the top three services they’d most like to see available at the ATM. Only 14 percent selected cardless ATM access.

One key to improving cardless ATM acceptance among consumers is to build trust and comfort by ensuring that best-in-class security measures are in place. As with any emerging technology, early instances of fraud resulting in hard-dollar losses and reputational damage are already occurring as fraudsters rush to exploit security loopholes before they’re patched.

In one early instance of cardless ATM fraud, a bank customer was defrauded of $3,000 when cybercriminals gained access to her mobile banking login credentials, which they then used to register a new mobile device for cardless ATM access.

As the mobile device takes on an increasingly high-profile role in facilitating financial transactions of all types, organizations must focus on the device itself as the central component of security.

And while early adopters have taken varying approaches to implementing cardless ATMs, some transactions still unfortunately rely on less secure username and passcode protocols, as well as one-time passcodes, which can easily be intercepted and exploited by fraudsters.

A lack of insight into potential vulnerabilities, pressure to be first to market, and never-ending market demands to decrease costs, improve operational efficiency and enhance customer engagement often clash with the time and expense involved in implementing rigorous security standards and solutions.

However, organizations must ensure that innovations such as cardless ATMs are implemented from the onset with the latest security advances available, in order to mitigate against fraud and, in turn, establish the trust essential to facilitating consumer acceptance.

Without this level of trust, consumer apathy toward cardless ATMs — combined with scrutiny of digital security in the press — threaten to hinder adoption of emerging mobile payments technology.

Improve trust and increase demand for cardless ATMs

Fortunately, robust security solutions currently exist to help authenticate end users. Additionally, devices that use multifactor authentication to transact can also enable a positive user experience.

By implementing these high-tech security solutions in combination with sound operational policies and procedures, financial institutions can mitigate the risk of fraud at cardless ATMs, as well as improve consumer confidence in the technology to increase demand.

For example, a mobile fraud prevention solution with real-time decisioning provides the ability to detect many different types of risks inherent in mobile access to ATM transactions. The ability to thwart attacks on the device before it transacts with the bank helps reduce friction for customers, while still providing superior security.

Real-time decisioning capabilities help eliminate points of friction in the security flow for good consumers, while providing FIs the ability to flag suspicious access attempts for additional scrutiny.

Also, instituting MFA to authenticate users by leveraging advances in mobile biometrics capabilities is a more secure way to establish the identity of their customers.

Built-in mobile biometrics can reduce reliance on username and password protocols — and consumer acceptance of fingerprint biometric identification, for example, is already high.

However, stronger methods for identifying users are not enough on their own for optimizing mobile transaction security. A truly comprehensive mobile security strategy must also consider the security of the device on which the biometric operates.

A solution that establishes a permanent device ID is one way to identify a device using its unique attributes to uncover and analyze risk factors to establish the first layer of trust for cardless ATM access.

Organizations should use risk detection capabilities that detect evidence of malware, malicious and corrupted applications, emulators, GPS spoofers, device spoofers, key loggers, SMS forwarders and other fraud tools used by criminals to hijack accounts and defraud customers.

Once device trust has been established, financial institutions can confidently allow good customers to transact with minimal friction. At the same time, they can better identify devices with high-risk indicators so they can be challenged or denied outright.

Cardless ATMs represent the latest wave in mobile payments evolution. The technology is poised to provide unparalleled convenience for consumers, as well as cost-savings and enhanced efficiency for financial institutions. But for it to gain traction, financial institutions must ensure that they are providing customers a secure experience.

Getting ahead of the security curve now can have a profound effect on the proliferation of cardless ATM technology and will go a long way toward fostering consumer acceptance and trust.

On December 1st, 2017, MK Group attended the annual Vietnam Information Security Day 2017, co-organized by the Information Security Department of the Ministry of Information and Communications and the Vietnam Information Security Association (VNISA), held at Lotte Hotel, Ba Dinh District, Hanoi.

The event included the following activities: International conference and exhibition to display and introduce information security solutions from domestic and foreign vendors.

Vietnam Information Security Day 2017 featured the topic “Smart security in the new connected world”, taking place in the context of the ever-present challenges of information security and cyber security in parallel with the innovation of science & technology and the increased popularity of applications in the Internet of Things (IoT) environment. In addition to the risk of network attacks such as malware, invading system to steal data, increasing persistent threat, etc., the emergence of ransomware has become increasingly sophisticated causing huge losses for individuals and businesses. Technology infrastructures including telecommunication, data center, e-commerce application, etc. are also the targets of hackers and cybercriminals.

MK Group has endlessly strived to research and develop smart digital security authentication solutions to protect different organizations and their customers in the Industry Revolution 4.0.

MK Group also had a booth introducing different security authentication solutions for Finance – Banking, Government and Enterprise such as:

• Prim’X Premium Data Encryption Solutions granted the business licenses by the Government’s Cipher Committee to protect the entire IT infrastructure and internal and external content of the sharing data;
• KeyPassTM OTP secure authentication solution with a variety and flexibility of options fitting the budget and various security authentication needs to help protecting the identity and transaction of customers in e-commerce activities, e-banking and other online activities;
• Public Key Infrastructure Solutions – MK PKI solutions provide digital certificates/digital signatures, making financial transactions, e-commerce and electronic document management more secure.

In the framework of the event, at the seminar on “Information security for smart cities”, Mr. Le Minh Quoc – CTO of MK Smart made a presentation on “All-in-one security ecosystem using chip embedded into IoT devices and artificial intelligence (AI) with the Industry Revolution 4.0” with the main contents as follows:

• All-in-one security ecosystem using chips with security applications such as Public Key Infrastructure (PKI), Match-on-Chip (MoC), biometric authentication by OTP (One-time Password) & Secure-on-Demand (SoD) on a D-ID platform (Dynamic ID) with API programming libraries for chips embedded in the IoT, AI devices, etc.
• KeyPass Reader Token – security product for the All-in-one security ecosystem.
• Security with Tokenization using QR Code.

This past year has seen a number of significant changes in the payments industry. And below are eight key payments trends for 2018.

Mobile – The gift that keeps on giving

This is still my number one trend and has been for several years. In an industry that has been changing rapidly, this nifty little computer in your pocket has been at the centre of shifting consumer behaviour, and this year won’t be the one in which we say goodbye to this stalwart of the trend predictions. The mobile payment trend will continue to strengthen as we move ever closer to the cardless society.

Data protection

Having spent the past 18 months in the shadow of PSD2,the General Data Protection Regulation (GDPR)will go into effect on 25 May 2018. GDPR will bring a heightened focus on data – who owns it and how to protect it. It is likely that next year’s conversations will be very much focused on authorisation, who can and cannot use personal data, and who should manage it.

PSD2, err 3?

Shortly after the last of the champagne is consumed and we kick off the new year, the Revised Payment Services Directive (PSD2) goes live in January 2018. Many questions surrounding the pending regulation remain, such as how will the new TPP market unfold? What will consumer demands look like? Which banks will become PISPs? Will this bring the GAFA into the fold? 2018 will start to unlock these secrets and we may learn what the Revised Revised Payment Services Directive (PSD3) may be focused on.

“Cashless”

The term “cashless” gets thrown around a lot, however recent Generation Z findings show the trend towards a cashless Utopian existence may not be far off. We are beginning to see cashless markets appear in the Scandinavian countries and countries like India trying to create a more inclusive financial ecosystem. As more regions move towards a cashless society, we may also see more governments taking on cashless initiatives to help drive their economies into a new digital reality.

Biometrics

Facial recognition will lead us out of 2017 and into 2018, as the iPhone X moves away from the fingerprint and towards facial recognition software. This shift away from passwords and usernames and towards identity and digital identification processes will be at the heart of many biometric conversations in 2018. The evolution of biometric authentication will shy away from plastic, followed by a shift away from mobile. In time, it’s likely that we will not need a form factor other than ourselves to access our accounts.

Augmented reality

While Pokemon Go is a phenomenon from last year, the augmented reality space is still very much a near-term trend. The ability to enhance user experience via your device is an exciting development, be that something as simple as booking a restaurant reservation through an in-app camera experience whilst standing in front of your chosen restaurant or food item in store. This space is likely to boom as we move further into the IoT value chain.

Open

“Openness” will be at the heart of many discussions in 2018, focusing on the business decisions around Open strategies and how FIs will be able to monetise these strategies. .2017 was really the foundational layer for this trend and that theme will likely run throughout the next 20 years.

his trend. And while it may not have the decade-plus run as a top trend like our friend the mobile device, Open will be the foundational layer that the next 20 years of trends are built from.

Transformation

You can’t have a discussion about banking without mentioning transformation, and whether It is likely that 2018 will see the first “big bang” results of the first transformation strategies. Large-scale savings on annual reports will start to show up and large scale project announcements will gain speed as the top regional banks join the multinationals in undertaking transformation projects.

The bonus trend – Partnerships

Large scale partnerships will help drive change in the New Payments Ecosystem in 2018 and the biggest target will likely be cross-border immediate payments. As more and more countries come online with their immediate payments schemes, the next step will be to achieve ubiquity via partnerships. 2018 will likely be the seed year for this trend to bloom.

– paymenteye.com –

The European Commission has signed off on new rules that they say will make it more secure for consumers purchasing goods and services from European Union members.

According to a Monday (Nov. 27) report by Reuters, the rules will update the European Union’s payment services law, requiring two security features for online merchants instead of a single password or just credit card details when making a purchase in person. Merchants must be able to accept a password, PIN code, card, mobile phone, iris scan or fingerprint scan. The exemptions for contactless payments of more than 50 euros will remain in place.

In addition, account holders must also give third parties permission to access their data and the new rules prevent FinTechs from obtaining data by using a customer’s security credentials, known as screen scraping. Removing that capability was a nod toward banks that have been bristling at the notion of forcing that customer data to be shared with FinTechs. On the other hand, banks must provide access to FinTechs by adapting the existing customer interface online or by creating a new interface for FinTechs, a win for the FinTech firms.

“These new rules will guide all market players, old and new, to offer better payment services to consumers while ensuring their security,” said Valdis Dombrovskis, European Commission vice president, in a statement.

The new rules will take effect on Jan. 13, with some of the security measures not binding until September 2019. The European Banking Federation shared its thoughts on the new rules in a recent statement.

“At a time when cybersecurity becomes increasingly important, the EU risks introducing a system for online payments that is potentially harmful for bank account holders and the banks that offer these accounts,” the organization said.

The European Commission says that these rules aim to boost eCommerce for all European Union countries, thus fueling growth across its member countries.

The new rules aim to boost eCommerce for all European Union countries and thus fuel growth in the bloc.

– pymnts.com –