Payment security: Why anti-virus and firewalls are essential

Digital padlock and key illustration

Share this post

Answer Pay’s Peter Cornforth examines the significance of Request to Pay alongside CoP, highlighting their combined role in meeting regulatory demands and fortifying payment security.

In today’s ever-evolving digital payments landscape, security stands as a paramount concern for retail banks and Payment Service Providers (PSPs).

Regulatory requirements, including the UK Payment Systems Regulator’s mandates on reimbursements, have necessitated stronger security measures.

While confirmation of payee (CoP) has been widely implemented as an essential anti-virus measure, the time has come to ensure that Request to Pay is in place as a vital payment firewall filtering out fraudulent payees.

The regulatory shift

Regulatory mandates, such as the Payment Systems Regulator’s requirements on reimbursements, has prompted retail banks to re-evaluate their approach to payment security.

Recognising the limitations of consumer-led validation, banks now bear the responsibility of payment request validation. As banks adapt to this shift, the need for robust security measures, including Request to Pay, becomes imperative.

The synergy of Request to Pay and CoP

CoP has become a standard security measure, acting as an essential anti-virus component in the payment ecosystem. By verifying payee information post-authorisation, CoP detects and prevents mismatches and potential fraudulent activity.

Its implementation has been crucial in safeguarding payment transactions and protecting customers from fraudulent transactions. To bolster the security framework, Answer Pay’s Request to Pay proposition introduces the Payment Firewall as a vital complement to CoP.

While CoP serves as an essential anti-virus measure, the Payment Firewall acts as the firewall itself.

It validates payee identities prior to payment request authorisation, fortifying the first line of defence against unauthorised access and fraudulent activities.

By ensuring that only verified and trusted payee information enters the payment systems, Request to Pay significantly reduces the risk of fraudulent transactions.

The combined implementation of Request to Pay and CoP within your banking infrastructure ensures a multilayered security approach.

This integration empowers banks to take full ownership of the payment request validation process and deliver a robust security infrastructure. By implementing both CoP and Request to Pay, banks demonstrate their commitment to providing a secure payment environment.

Customers can trust that their payment requests undergo rigorous validation, protecting them from potentially fraudulent activities.

The enhanced security measures not only shield customers from financial losses but also foster trust, building stronger relationships and promoting customer loyalty.

In response to evolving regulatory requirements and the need for heightened payment security, retail banks and PSPs must adopt robust measures.

While CoP serves as an crucial antivirus measure, the Payment Firewall within Answer Pay’s Request t o Pay proposition ensures comprehensive protection.

Together, these components fortify the security infrastructure, empowering banks to validate payment requests and mitigate fraud effectively.

By embracing this combined approach, banks foster trust, instil customer confidence, and contribute to a secure future for digital payments.

This article was originally on Payments:Unpacked from Mike Chambers – subscribe at

More To Explore


Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?