MasterCard on Mobile Payments Security

“Why don’t we just leapfrog over EMV and go right to mobile?” That’s just one of the questions that MPD CEO Karen Webster posed to MasterCard’s Chief Emerging Payments Officer Ed McLaughlin in Part Three of this Four Part Mobile Insiders Series. Don’t you want to know what he said?

As we make moves to fully adopt mobile commerce, several technologies exist (with many in the works) for issuers aiming to ensure mobile cardholder protection. These include, as McLaughlin mentioned in Part 2 of this series: biometrics, device identification, and for MasterCard, some exciting experiments around facial recognition and even wearable EKG technology.

We have the ability to use mobile devices, McLaughlin said, to make transactions more secure than ever before. So why, Webster asked, can’t we just skip over all that we’re doing to protect physical cards and “invest in accelerating the move to mobile?”

Mobile will be working against the same infrastructure as physical cards, said McLaughlin. “The foundation we have for making data safe, with EMV, whether it’s circuitry we’ve stuck on a card, or we’re using chips in the device, is saying we need to have underlying cryptology that applies to all of this,” he said.

We have the ability to apply the best technology to our mobile devices. What needs to be done, he said, is securing the entire system – we cannot make consumers spend $700 on a smartphone to access their payments and not offer them anything else.

“There is really no ‘versus’ here,” said McLaughlin. “Our objective is to say, if in the plastic world, I could type for a card-not-present; I could swipe, which is static information; or, I could dip, which gives me a full key-in cryptology around that transaction, we need to make sure everything’s moving to the most secure for that interface with a mobile device.”

The challenge, however, lies in the standard for implementing these processes – which is essentially to “make all of this stuff work together,” said McLaughlin. There are elements of standards that can be built upon – cryptology, for one.

The overarching goal in enhancing security, however, is using these technologies to seamlessly bring together, rather than fragment, the consumer experience.

This 15-minute segment covered the following key topics:

  1. If protecting cardholder data via the mobile device could be easier than the physical card, why wouldn’t we just invest in accelerating the move to mobile?
  2. What will the standard be for mobile payments/commerce acceptance and how will it get decided?
  3.  What’s the biggest obstacle in adapting to omni-channel if you’re a merchant, and how are you talking to merchants about getting that done?

To Listen To The Entire Conversation Click Here 

Next Up: MASTERCARD INITITIATIVES