The Future of Payment Security

An oversimplified payments timeline looks a little something like this:

• The ‘ancient’ times: Payments were made using bills and coins with the occasional cheque. 
• The early digital era: Payment networks appeared, with ATMs and POS terminals. On the user-facing side, the first banking websites started to appear.
• Apps make their debut: Around the time of the first smartphones, we also were presented with the first banking and payments apps, typically for making account-to-account payments. Then came the first wallet apps, which were often linked to telecom providers.
• Advanced apps and ID wallet integration: This is where we are today: SCA is integrated with the banking app. We have open banking (in Europe). Your official identity might also be linked to an app, depending on where you live. And there are likely hundreds of applications for doing payments and different eWallet implementations.

But what are the trends that have driven these changes over time?

The move from physical to digital: Perhaps the most significant and straightforward trend is the move away from a physical wallet to digital alternatives. We replaced cash with cards and then moved to smartphones or smartwatches with digital wallets. Similarly, we’ve started to say goodbye to physical receipts and hello to receipts tracked in apps or sent by email. Loyalty cards (or similar) also are rarely physical these days.

Frictionless payments: From a usability level, payments have become more manageable by moving them from physical cash to payment cards with PINs and ultimately to touch-to-pay schemes. Payments are also simpler, with single-click buying on websites, subscription services, and integrated buy-now-pay-later schemes.

More regulation: From a regulatory perspective, things have gotten more strict yet more open, with both the EU and the big card companies requiring higher security standards for payments. In addition, we’ve gotten open banking which has had a real impact on what kind of business models are possible.

Where Okay Meets the Future of Payment Security

The more we digitise and move towards a world of “digital everything”, the more vulnerabilities we’re going to see. This means there will be a lot more focus on building resilience in our infrastructure and in the services we provide for both the payment and the security around the payment.

Overtime, this will lead to a big focus on fraud management. Particularly because as digital payments grow exponentially, fraudsters are matching it with increased creativity. That leaves us with one question: How do we link better authentication models to better digital identity structures to reduce fraud, correctly identify people, and not compromise the payment experience or customers’ expectations of privacy?

Strong Customer Authentication is a key part of the answer. And by 2025, we might see some significant changes in the SCA world. These changes might not come from the big banks but from Fintechs, smaller banks, and PSPs, who must all innovate to survive. Meanwhile, existing banks will provide the infrastructure and enable their customers to innovate and facilitate smoother payments.

Essentially, this is the space Okay has been targeting. We’ve designed our solutions to be flexible, making it possible to integrate them into any kind of authentication flow while still enabling PSD2 compliance. Remember, authentication has become a central piece to the modern payment puzzle. It has to be safe, fluid, and transparent enough to its users in order to match the new innovative ways of paying. This is a fast-growing market, accelerated well beyond the world of payments into a fully digitised society where everything must be strongly protected.

——

Do you want an update on the 2022 fraud situation? Check out our follow-up post that reviews the current state of fraud in Europe, alongside a few predictions on what to expect in the coming years. (Hint: fraud isn’t going anywhere.)