Episode 100 - Strong Customer Authentication - Russ Jones, Glenbrook Partners episode artwork

EPISODE · Aug 20, 2019 · 26 MIN

Episode 100 - Strong Customer Authentication - Russ Jones, Glenbrook Partners

from Payments on Fire™

For a nanosecond, about seven years ago, I thought the payments industry was entering a steady state where change, while sure to be accelerated by technology, was going to settle down to the familiar sedate pace the payments industry had taken for decades. Hah! Payment industry evolution has leapt forward since then based on, yes, technology, but also new rules, regulations, business models, and changes in attitude toward how money moves, security, and privacy. One major trend I didn't anticipate then was the global phenomenon of faster payments, now in active implementation or operation in some 40 countries around the world. Another, of course, is cryptocurrencies but I'll leave that one alone for now. The emergence of faster payments is a function of new technology with new transaction switching infrastructure and (mostly) a common messaging standard in the form of ISO 20022. But it's also a function of rules and market response. Even in the United States, a nation whose payment strategy is largely set by competitive forces, the central bank has had significant influence in launching new settlement capability. (And now, the Fed is planning to build its own version). Europe and India are standouts when it comes to government guidance and strategy setting for banking and payment systems. The European Union's active role in evolving payments policy is recently expressed in the second Payment Services Directive (PSD2). PSD2 has chosen to address one of the most vexing digital security challenges: strong customer authentication or SCA. Article 4(30) of the directive defines SCA as: "an authentication based on the use of two or more elements categorised as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data" For anyone familiar with authentication requirements, this is hardly a novel approach. That said, as far as the payments ecosystem goes, however, this is a sea change. This is also a necessary change. Faster payment systems, where the sender pushes the payment to the recipient, make the sender's bank responsible for authenticating its accountholders. The accountholder has to prove to her bank that she has the right to access her own account and to initiate a payment. Unfortunately, phishing and malware are attacks that make account takeover easier than ever. There's been an uptick in authorized push payment fraud in the UK due to ATO. Therefore, enforcement of multi-factor authentication is seen as a necessary response. Point of sale transactions already meet the SCA requirement. The card is something you have; The PIN is something you know. That's enough to meet the SCA requirement. Oh, right, in the US, we don't put PINs on credit cards. They do in Europe. We're going to need biometrics in the US (something you are). PDS2's SCA mandate requires that multi-factor authentication be used whenever a user logs into her bank account or makes an e-commerce payment. Whenever payment risk is a possibility, SCA has to be used (there are plenty of exemptions but that doesn't change the point). Every stakeholder—every bank, every e-commerce site—must comply by doing something they have not done before. That means a lot of work. In this Payments on Fire® episode (Episode 100!), I speak with Russ Jones, Glenbrook's partner in charge of our Education work and a preeminently insightful payments consultant. Russ takes us through SCA, its relationship to other standards, and the impact of its now somewhat delayed implementation. Russ concludes the conversation with the rather chilling observation that history is about to repeat itself. The US will experience in the digital arena what the US experienced at the physical point of sale. When EMV chip cards were mandated in Europe, card fraud at the POS and the ATM migrated to the US. Reliant on the static data of the mag stripe, the US became a global magnet for magstripe card fraud. Once SCA becomes broadly implemented in the EU, in 2021 and beyond, online fraudsters will redouble their already considerable attacks on US financial institutions, tech providers, and merchants. While security tools are more common than ever—FIDO capable smartphones are one example—the US lacks a single entity to mandate and enforce multi-factor authentication in payments. Scared yet?

NOW PLAYING

Episode 100 - Strong Customer Authentication - Russ Jones, Glenbrook Partners

0:00 26:32

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

The Small Business Startup School – Business Notes | Financial Literacy | Retail Psychology – For Professionals & Entrepreneurs The Small Business Startup School Inc. Starting or buying a small business? While personal circumstances may vary, business patterns remain timeless. On The Small Business Startup School, we explore strategies, insights, and practical solutions to help entrepreneurs confidently navigate their journey.Hosted by Ola Williams—a retail entrepreneur, fintech founder, and financial coach with over two decades of experience—this podcast marries financial awareness and retail psychology with optimism to deliver actionable takeaways.Join us to learn, grow, and connect as we uncover the keys to business success.Let’s continue to learn together and be encouraged to keep on connecting! PodQuesting Dwight J Randolph- WolfShield Media PodQuesting: -By WolfShield Media and Dwight J RandolphJoin us on an exciting journey to master the world of fiction podcasting! At PodQuesting, we document our quest to improve and innovate, sharing valuable insights, strategies, and behind-the-scenes tips along the way. Whether you're an experienced podcaster or just starting your first show, our podcast is your go-to resource for everything podcasting.Discover practical advice, creative techniques, and lessons from our own experiences as we explore the ever-evolving podcasting landscape. Ready to level up your skills and embark on this adventure with us? Tune in and join the quest!Have questions or feedback? Reach out to us at [email protected] and visit our website:WolfShield.Media LIGHTS, CAMERA, SMILE! Creatives Club Media Lights, Camera, Smile, is a podcast for anyone with a dream to share something with the world, out of the overflow of themselves - be it their mind, their heart, their personalities, and much more. Each of us are alive in this moment in time, with an innate ability to have ideas and create various things to benefit both ourselves and the people around us for a reason, and here, you will find the encouragement, the inspiration, and the motivation to do just that. Hosted by Cicily, founder of Creatives Club, she dives into various topics surrounding creativity and business. Exploring entrepreneurship for creatives in a corporate reality, sharing tips and tricks in a media centered company, answering questions regarding what a creative actually is are just a few of the things discussed on this podcast. Be encouraged to create for yourself as Cicily gets vulnerable by pivoting the camera to herself for the first time.To submit questions for Cicily to answer, or have her address certain t Kaizen Blueprint Aldo Chandra "Kaizen" is a Japanese term for continuous improvement. This podcast provides a blueprint to learn about health, wealth, relationships and everything else in between. Through our podcast, we strive to inspire, educate, and motivate our audience to cultivate a mindset of lifelong learning, productivity, and personal development. By sharing insights, strategies, and practical tips, we aim to guide listeners on their journey towards realizing their fullest potential, fostering success, and creating lasting positive change.

Frequently Asked Questions

How long is this episode of Payments on Fire™?

This episode is 26 minutes long.

When was this Payments on Fire™ episode published?

This episode was published on August 20, 2019.

What is this episode about?

For a nanosecond, about seven years ago, I thought the payments industry was entering a steady state where change, while sure to be accelerated by technology, was going to settle down to the familiar sedate pace the payments industry had taken for...

Can I download this Payments on Fire™ episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!