With a cyberattack occurring approximately every 39 seconds, organizations and individuals are understandably concerned about operating in the digital world. That’s why businesses must provide safe options that simultaneously improve customer satisfaction, secure transactions, and minimize fraud. To accomplish this, banks and network providers continue to invest in adopting new and emerging technologies such as artificial intelligence (AI) technologies and biometrics authentication. Merchants that take advantage of these offerings are better equipped to protect consumers.
From Cash to Digital Transactions
The digital world has exploded over the last decade as more transactions are conducted online. According to DataReportal’s Digital 2024: Global Overview Report, as of January, more than 66 percent of individuals worldwide use the internet, with the latest data indicating the global user total is 5.35 billion. Internet users have grown by 1.8 percent over the past 12 months, with 97 million new users recorded since the start of 2023.
AI has increased dramatically, and the market is projected to reach $305.9 billion this year. The COVID-19 pandemic also accelerated the shift from cash to digital transactions and contactless payments. These payments have surpassed simple online transactions, expanding to QR codes, digital wallets, Venmo, Apple Pay, peer-to-peer payments, ACH transfers, and other options. Yet, more opportunities for fraud come with more options and greater ease of transactions.
Technologies That Minimize Fraud
AI is designed to gather and analyze vast amounts of data. The more data it collects, the more it can track certain patterns by leveraging its machine learning algorithms (MLA) to detect suspicious transactions and activity accurately and quickly. That activity can include anything from a single transaction to fraud spread across multiple accounts and online devices.
These abilities are bolstered with multifactor authentication (MFA) technologies, including dynamic authentication. Credit card companies use a variety of options online, including requiring customers to type in the card verification value (CVV) number, which can then be validated with the Luhn algorithm. Requesting that number is a way to thwart thieves who may have accessed the card number but do not have the card in their possession. Without providing the CVV, the transaction will not be processed.
The future fraud detection and prevention is in biometric authentication. The FIDO program (Fast Identity Online) bypasses the need for passwords that hackers can easily access. In the second quarter of 2023, 47 percent of online shoppers did not complete their online purchases, and 60 percent abandoned using an app because they forgot their password. Instead, biometric authentication can validate users’ identities by requiring a personal identification number (PIN), security passkeys, a fingerprint, palm print, or iris or facial scan on people’s registered devices, reducing the risk of cyber-criminal activity.
Many companies are testing the use of biometrics in their products and services. In March 2023, JPMorgan Chase launched a pilot program with several U.S. retailers to evaluate biometric-based payments. In January, Chase reported a successful proof of concept with Aramark in Plano, Texas, with more than 1,000 people enrolling in the pilot program. In September 2023, Mastercard launched an in-car payment partnership with Mercedes in Germany that allows drivers to make digital payments at more than 3,600 gas stations throughout the country by using a fingerprint sensor built into the car. In announcing the partnership, Franz Reiner, board chairman for Mercedes-Benz Mobility AG, said that the “intuitive payment process and a best-in-class customer experience lay the foundation for the success of digital offerings.”
Avoid the Pitfalls
Many companies want to invest in authentication technologies to protect their business and customers from cyber threats. To make the transition, businesses need to consider the size and range of their goals and their budget. Implementation is a large and expensive investment, especially for small-scale merchants.
In addition to the financial considerations, it’s crucial not to alienate customers by having complex security solutions. For example, 3D Secure transactions are simple and protect customers and merchants as the issuing bank is liable for any potential fraud. In fact, Europe mandates 3D Secure authentication for all card payments. The drawback is that customers must go to a separate web page and provide a PIN or password while their bank simultaneously sends a verification PIN. While this process is secure, recent data revealed that 22 percent of U.S. online shoppers abandoned an order solely due to a “too long/complicated checkout process.” Customers want security, but they want it coupled with simplicity.
Navigating the Regulatory Market
Businesses are also required to comply with data privacy and protection laws and regulations for security. That includes following state and national regulations in the United States, but American companies are also bound by Europe’s General Data Protection Regulation (GDPR). The GDPR’s requirements also include information audits that assess the categories of personal data a company processes, including sensitive categories of data, and the establishment of a legal basis for processing each category. In addition, companies are also obliged to review data storage, cloud services, and their location.
Agreements with third parties that companies share data with must be updated, often requiring organizations to appoint a data protection officer (DPO) representative for the company. When collecting consumer data, companies must obtain prior consent before collecting personal data on the company’s website and for the use of cookies and other tracking technologies. Privacy policies also need to be updated to ensure transparency and communicate detailed information about data processing. Regulations continue to evolve and using extra security measures for payment authentication will become mandatory. For these reasons, businesses need to begin thinking about this next step.
Embracing the Future
With the rapid growth of AI and digitization and the shift to more online transactions, there will be an uptick in bad actors using these tools to hack and steal personal information. As techniques and technologies evolve, so must the fight against fraud. Solutions that worked in the past may no longer be adequate. Now is the time for companies to implement robust fraud detection programs to protect their customers’ data and ensure compliance with regulations. By focusing on the latest technologies—particularly biometrics—for transaction authentications, companies can stay ahead of cyber threats without compromising the customer experience.
