Striking the right balance – why security solutions must be customer-friendly

Last updated: 06 May 2016

Striking the right balance

If you’ve been following our blog, you’ll know the financial services industry is witnessing rapid innovation, especially in the field of contactless payments. While this is good news for banks, who can seize on new commercial opportunities, and customers, who can enjoy speedy transactions with the tap of a card or smartphone, technological developments have unfortunately presented new opportunities for cyber-attackers.

Faced with these threats, it might be tempting for banks and fintechs to build complex and time-consuming authentication methods. Sadly, it can be all too easy to forget the importance of convenience and simplicity. Key stakeholders need to realize that if the solution doesn’t work for their customers, then it’s not going to work for them.

The challenge for the industry, then, is to build trust without jeopardizing the seamless experience of completing a transaction. One way of tackling the problem is by shifting from static to dynamic information. You’ve probably heard about the importance of changing your password regularly, making it more difficult for someone to hack into your account. Exactly the same principle applies to payment security.

Take CNP fraud as an example. It’s responsible for 70% of card fraud on EMV markets and is predicted to cause $6.4 billion of losses on the US market by 2018 if action isn’t taken. Why are CNP fraudsters successful? You guessed it – static information. By acquiring card details through devious techniques like skimming and phishing, cyber-attackers can make purchases on an unknowing cardholder’s behalf. Wouldn’t it be great if there was some way to ensure that this static information changed every so often?

That’s where Dynamic Code Verification (DCV) comes in. Every twenty minutes, the three-digit security code on the back of a card changes, making CNP fraud far more difficult. Best of all, the customer payment experience is barely affected. When making a purchase, all the user has to do is check the back of the card and type this ephemeral number in.

DCV

Of course, DCV isn’t the only way to prevent cybercrime, but the principles underlying it should be applied universally. Any successful security solution should aim to properly evaluate the security threats and implement security mechanisms appropriate for the risk. Where possible, data should be encrypted and stored on multiple servers. In addition, as we discussed in our post on the Money 2020 conference, banks actively consult with digital security experts in building robust and convenient security solutions.  “Collaboration, collaboration, collaboration” should be the message underpinning the digital financial ecosystem.

Developing strong but user-friendly solutions is something we’re passionate about. That’s why Gemalto’s Senior VP UKI and Global Accounts Banking, Howard Berg, recently discussed the importance of marrying security and convenience in an interview screened on The Business Debate. You can watch it below.

What do you think about keeping the customer satisfied when developing security solutions? Let us know by tweeting to us @Gemalto, or by posting a comment below.

One thought on “Striking the right balance – why security solutions must be customer-friendly

  1. Hi Maria,

    Great post!

    Obviously, customers are very important in businesses, they are the ones that keeping the business alive and keeping them satisfied with the service provided to them is one of the first priority of a business.

    In developing security solutions, a business should provide a satisfactory service so that they can keep their customers from finding another security provider.

    A high level security is what a customer wants so that they can be at ease in doing their business and to prevent data breaches and data loss..

    Thanks for posting this article. Learned a lot from it. 🙂

    Regards,
    Rio

Leave a Reply

Your email address will not be published. Required fields are marked *