Categories: PYMNTS Topic TBD

Convenience Vs. Risk In A Connected Devices World

Visa and IBM’s recent announcement about their “Genius of Things” initiative highlighted their intention to make some 30 billion connected devices a point-of-sale (POS) opportunity over the next three years, while also reminding us of the importance of securing the data and privacy of those transactions for consumers, businesses and other relying parties.

That broad topic — keeping data safe and private — was the topic of last week’s PYMNTS Topic TBD, a conversation that Melissa Townsley, CEO of GIACT, described as a “blessing for consumers but potentially a curse for merchants that enable commerce through their app or online.”

The Authentication Balancing Act

Just based on the number of breaches in the U.S. in 2015 alone, Townsley said 29 million personal records were breached and approximately 858 breaches were made public. That, she said, means that there are a lot of fraudsters that have consumers’ and businesses’ personal information and can use that data to create and use synthetic identities in the pursuit of commerce at the legitimate accountholder’s expense.

“I think it’s really the greatest challenge that’s facing our marketplace today, but yet, it’s a basic prerequisite for anybody that’s doing business via an app or online — being able to recognize a good customer without creating friction and offending that good customer,” she said.

Townsley went on to say that the challenge for merchants in securing so many distributed devices is knowing both the device and the associated identity, as well as recognizing different events through the lifecycle from the time a person signs on to a website or an app to the time they log out.

“That provides both traditional and non-traditional information that, we like to say, covers the floor with traps so the fraudsters don’t know where the real authentication happens,” she explained.

More Data, More Problems

As fraudsters continue to gain access to more personally identifiable information, it becomes more complicated to safeguard against account takeovers and synthetic identities, Townsley continued, creating an even bigger challenge when the right tools aren’t in place to keep that data from being breached, stolen and sold.

“I think that it even becomes more complicated, and it really makes the single point of authentication almost obsolete because no longer can you just tie that identity to a device. You’re going to have to use alternative data and non-traditional information to stay ahead of the curve of fraud,” Townsley said.

That is especially true when it comes to using connected devices that are focused on providing a convenient experience — re-authenticating an identity on a device is a friction that merchants can’t afford to pass onto their consumers.

“It’s more important now than ever to do business online, be competitive and not to lose consumers to your competitor by having a process where the consumer is not even aware that the checks and balances are being done and that the fraud and risk is being controlled,” Townsley explained.

In this type of process, a merchant would only issue additional authentications to confirm a consumer’s identity if the fraud and risk solution observes several red flags.

Townsley noted the importance of a multi-faceted process that looks at multiple points to help a merchant authenticate and build a triangle of trust around that consumer.

“You can’t build your solution on a device or a card; you have to build it around that consumer,” she pointed out.

Powering Alternative Data

More than one-third of Americans have three or more devices and multiple email addresses that they are tied to, which is why Townsley said building a solution around the customer is key.

It allows that customer to seamlessly move from device to device but also seamlessly through different platforms and merchants to do business.

Townsley shared her own first-hand experience of what happens when that is not the case. She was declined while shopping with a merchant on an iPad that is typically used to make purchases by her husband. Despite the fact that the device is registered to her, the retailer didn’t use any alternative fact-based information to authenticate that she was tied to the device and issued a false decline.

By building out the identification of the device around Townsley’s husband’s information, the merchant declined her and lost out on what would have been a good transaction.

“You have to be able to bring in other information — alternative and non-traditional data that most people have not used in the past — to really know that a consumer is who they say they are, and you have to build multiple components,” she explained.

Get our hottest stories delivered to your inbox.

Sign up for the Newsletter to get updates on top stories and viral hits.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

Recent Posts

Why Payments Personalization Is Key To Enhancing User Experience For Digital Content Platforms

Consumers have come to expect personalization in their shopping experiences, whether using online marketplaces such as Amazon and Etsy or…

18 hours ago

Cottagecore, Wine Windows And Turning To The Past For Present Comfort

It started with the bread baking. Pushed by shutdown orders, limited supply and millions of consumers looking for something to do…

22 hours ago

Trump’s WeChat Ban Could Rock The US Consumer Landscape

President Donald Trump has issued two executive orders in two days banning two Chinese behemoths from operating in America –…

1 day ago

US DOJ Charges 14 With $28M In PPP Fraud

The U.S. Department of Justice (DOJ) charged 14 people in two separate investigations into their alleged participation in schemes to defraud the…

1 day ago

Digital IDs For Online Bowling, Voice Commerce, Apple’s Mobeewave Deal Top This Week’s News

Top News Apple Buys Mobeewave for $100M Apple has purchased Canadian company Mobeewave, which will allow it to create mobile…

1 day ago

TikTok ‘Shocked’ By Trump’s Executive Order

In its first public statements about President Donald Trump’s executive order to ban TikTok, the Chinese company said it is…

1 day ago