B2B Payments

The Fed Prioritizes Security As Payments Speed Up

The U.S. Federal Reserve is turning heads for its attention to faster payments, but the Fed has recently announced yet another initiative in the payments innovation space.

Last week, the Fed’s Secure Payments Task Force called for comment from industry stakeholders about what challenges they face when it comes to payments security. The task force, made up of about 160 members, will explore areas of payments security, like identity management and data protection, in hopes the survey will help guide its plan of action for 2017 as it moves through its three objectives: represent views on future needs for more secure payments, address other issues to ensure the development of effective payments security and assess alternative approaches to security when it comes to faster payments capabilities.

“Tackling today’s security challenges will require the commitment of all payment system participants,” said Gordon Werkema, the Fed’s payments strategy director, in a statement last week. “The Secure Payments Task Force is particularly interested in understanding any barriers that may exist to implementing the planned solutions.”

Todd Aadland, the Fed’s SVP and payments security strategy leader, and Connie Theien, VP of industry relations at the Fed, offered PYMNTS more insight into how the Federal Reserve will tackle the issue of payments security, especially as faster payments initiatives from the Fed and other players change the game.

“We looked broadly across what’s going on in other countries in terms of their migration towards faster payments,” Aadland said. “As they move to faster payments, criminals take advantage of the speed and actually circumvent controls at the weakest link.”

With that in mind, the Federal Reserve’s Secure Payments Task Force has developed various work streams on which its members can focus, with payments security in the context of faster and real-time payments a key theme.

“The key is,” explained Aadland, “without having that post-transaction security net that you don’t get with real-time payments, it’s really imperative that we enhance the controls upstream from final payment settlement to identification management and data protection.”

Theien added that the Fed’s Faster Payments Task Force is collaborating with the payments security team for this very reason. She noted that 11 of the criteria issued by the Fed for what constitutes effective faster payments involve payments security.

“The Secure Payments Task Force is playing an important role in advising the Faster Payments Task Force,” she stated. “Both task forces recognize the importance that we design future payment systems of ensuring that security is built in and designed on the front end to address specifically some of those risks that are unique to a real-time payment environment.”

In any payment environment, corporate payments face a broad range of security threats. There are those high-profile credit card data breaches that create massive headaches for merchants, while the Federal Bureau of Investigation has continually warned the nation about corporate phishing attacks that specifically target the B2B and supplier payment process, convincing businesses to pay a fake supplier.

These are the types of scenarios that led the Secure Payments Task Force to zero in on focuses like identification management and data protection.

“We’re looking at identification weaknesses in how to authenticate and ID end users, providers and devices,” Aadland noted, adding that this is crucial for B2B and B2C transactions. “The scope of another working group is data protection, how to go about identifying what data of a B2B transaction needs to be protected and how best to protect it.”

Theien added other sources of uncertainty in payments security, like transaction authorization, enrollment and account takeovers.

With the survey out by the Fed, the Secure Payments Task Force will be looking for commentary about these questions and others.

After aggregating the responses, the task force will then look to see whether it needs to pivot in any certain direction to ensure all areas of payments security are covered. It’s just the first steps in creating real change in the national payments landscape, but according to Theien and Aadland, even the preliminary results of the survey can have real impacts on payments innovation today.

“Hopefully, a benefit of [this survey] would be that some of these products and vendors and providers would look at the output of these work streams, as far as the controls that the industry is saying they would need to be present and start to look at these as indicators to what to start building in their own product set,” explained Aadland. With some payment service and product providers acting as members of the task force, the industry may have a lot to learn from the survey’s eventual feedback. With such a fluid and rapidly evolving space like FinTech, the latest insight about security needs and concerns could be the competitive edge one innovator needs.

“There is a lot of exciting innovation happening in the payments industry,” Theien said. “And we have lots of folks who are guiding that innovation at the table. I think, across the board, everyone recognizes that, while we want to develop and advance the capabilities that better service their needs, the security of payments is job one.”


Featured PYMNTS Study: 

With eyes on lowering costs to improving cash flow, 85 percent of U.S. firms plan to make real-time payments integral to their operations within three years. However, some firms still feel technical barriers stand in the way. In the January 2020 Making Real-Time Payments A Reality Study, PYMNTS surveyed more than 500 financial executives to examine what it will take to channel RTP interest into real-world adoption. Here’s what we learned.

Click to comment