At the close of 2014, the payments industry reflected on technology trends that shaped the year – and braced themselves for the significant changes that were sure to come in 2015. In early January, Ingenico released a summary of the six key payment trends expected to dominate 2015. From the continuing march of data breaches and the ongoing discussion on EMV and point-to-point encryption (P2PE), to innovation in mobile wallets and NFC, the payment space continues to rapidly evolve. Here’s Ingenico’s list of payment trends and the role they were expected to play in 2015.
EMV relies on chips embedded in cards rather than the far less secure magnetic stripes. Effective October 2015, the card brands shift the liability for card fraud to merchants unless they change over to the EMV standard – prompting merchants to upgrade their payments infrastructure prior to October.
NFC, or Near Field Communication, the basis for Apple Pay and other contactless payments methods, often goes hand in hand with EMV. As merchants upgrade for EMV, the vast majority of the time those new systems are also NFC-enabled.
P2PE, or point-to-point-encryption, is a security standard that decrypts card data at the point-of-entry in a POS system, preventing clear-text data from being present in the merchant’s system, where it could be accessible in the event of a breach.
Tokenization replaces a customer’s debit or credit card number with a surrogate value called a token. Issued by a merchant’s payment processor, tokens eliminate the need for merchants to store customer card data in their own systems. Thus, in the event of a data breach, criminals are not able to access actual card data – just encrypted tokens.
Paperless Check-in for Hospitality
Newer smart payment terminals can help eliminate paper check-in by enabling guests to digitally read and sign registration cards on a 7-inch tablet screen. This improves record keeping, makes the check-in process more efficient and can help properties save thousands of dollars a year on paper.
Mobile POS systems can be used not just for payment but also for mobile check-in, whether that’s curbside, standing in the lobby, on a shuttle or even at the airport.
Dr. Robert Martin, Vice President, Security Solutions at Ingenico, recently published an article that builds upon their 2015 payment trends and explains the imperative need for a multi-layered approach to combat credit card fraud.
“To understand the multi-layered security approach, think of castles from medieval times. These ancient castles weren’t just guarded by a single layer of stone walls and guards, they had multiple layers of defense to protect themselves from attackers. Each of these layers had a different function and protected the castle in their own ways. Similarly, a payment transaction needs to have multiple layers of security to better protect itself from data breaches and fraud. Two payment security technologies – point-to-point encryption (P2PE) and tokenization – help merchants with just that.”
As merchants upgrade their systems to support EMV, NFC, paperless and mobile technology, Martin stresses the importance of protecting card data with P2PE and tokenization. Here’s why:
- EMV along is not enough: EMV chip cards protect the credit card data, but are only a piece to the puzzle of payment security. EMV when combined with P2PE and tokenization, can provide optimal security to both the merchant’s and customer’s data.
- Protection against data breaches is required:With data interception technology becoming increasingly sophisticated, security measures such as P2PE help protect a transaction from potential cybercriminals and ensure a secure transaction.
- Protect your brand – or lose your business: Merchants face the risk of harming their brand’s reputation in an event of a data breach. With sensitive credit card information at stake, brands that are victims of these data breaches resulting in theft of customer’s card information can receive a lot of negative publicity, thus having a dramatic impact on their brand reputation and customers’ willingness to buy in the wake of these occurrences
Bluefin is a proud partner of Ingenico as well as a provider of PCI-validated P2PE and tokenization solutions to major merchants, enterprises, Independent Software Vendors (ISVs) and small to medium-sized businesses. Check out our past PYMNTS.com webinar on our holistic approach to payment security and stay tuned for details on our new webinar in September on PCI P2PE 2.0, hosted through Digital Transactions.