The Future of Payment Security

Share this post

An oversimplified payments timeline looks a little something like this:

  • The ‘ancient’ times: Payments were made using bills and coins with the occasional cheque. 
  • The early digital era: Payment networks appeared, with ATMs and POS terminals. On the user-facing side, the first banking websites started to appear.
  • Apps make their debut: Around the time of the first smartphones, we also were presented with the first banking and payments apps, typically for making account-to-account payments. Then came the first wallet apps, which were often linked to telecom providers.
  • Advanced apps and ID wallet integration: This is where we are today: SCA is integrated with the banking app. We have open banking (in Europe). Your official identity might also be linked to an app, depending on where you live. And there are likely hundreds of applications for doing payments and different eWallet implementations.

But what are the trends that have driven these changes over time?

The move from physical to digital: Perhaps the most significant and straightforward trend is the move away from a physical wallet to digital alternatives. We replaced cash with cards and then moved to smartphones or smartwatches with digital wallets. Similarly, we’ve started to say goodbye to physical receipts and hello to receipts tracked in apps or sent by email. Loyalty cards (or similar) also are rarely physical these days.

Frictionless payments: From a usability level, payments have become more manageable by moving them from physical cash to payment cards with PINs and ultimately to touch-to-pay schemes. Payments are also simpler, with single-click buying on websites, subscription services, and integrated buy-now-pay-later schemes.

More regulation: From a regulatory perspective, things have gotten more strict yet more open, with both the EU and the big card companies requiring higher security standards for payments. In addition, we’ve gotten open banking which has had a real impact on what kind of business models are possible.

Where Okay Meets the Future of Payment Security

The more we digitise and move towards a world of “digital everything”, the more vulnerabilities we’re going to see. This means there will be a lot more focus on building resilience in our infrastructure and in the services we provide for both the payment and the security around the payment.

Overtime, this will lead to a big focus on fraud management. Particularly because as digital payments grow exponentially, fraudsters are matching it with increased creativity. That leaves us with one question: How do we link better authentication models to better digital identity structures to reduce fraud, correctly identify people, and not compromise the payment experience or customers’ expectations of privacy?

Strong Customer Authentication is a key part of the answer. And by 2025, we might see some significant changes in the SCA world. These changes might not come from the big banks but from Fintechs, smaller banks, and PSPs, who must all innovate to survive. Meanwhile, existing banks will provide the infrastructure and enable their customers to innovate and facilitate smoother payments.

Essentially, this is the space Okay has been targeting. We’ve designed our solutions to be flexible, making it possible to integrate them into any kind of authentication flow while still enabling PSD2 compliance. Remember, authentication has become a central piece to the modern payment puzzle. It has to be safe, fluid, and transparent enough to its users in order to match the new innovative ways of paying. This is a fast-growing market, accelerated well beyond the world of payments into a fully digitised society where everything must be strongly protected.


Do you want an update on the 2022 fraud situation? Check out our follow-up post that reviews the current state of fraud in Europe, alongside a few predictions on what to expect in the coming years. (Hint: fraud isn’t going anywhere.)

Article by Okay AS

More To Explore


Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?