Filed Under: Crime & Fraud, Identification and Authentication, Payment Cards

Cyber Monday is here – and SRC is on its way

Leave a Comment

With estimates of the sales over the Black Friday weekend in excess of £7bn in the UK and $90bn in the USA, retailers are currently focused on getting shoppers into their stores and through their checkouts as seamlessly as possible. As was apparent at last week’s US Payments Forum, the last part of that process, payment, is probably the one area that the retailer believes it has the least control over. Online the problem is even greater; consumers have a variety of ways to authenticate themselves to their bank and to their retailer, many of which leave something to be desired.

75% of sales on Black Friday are online and Cyber Monday is set to be the biggest yet. Many of these online sales depend on consumers having to manually enter card details, or log-in using dimly remembered passwords. Those who are not blessed with the memory of an elephant may have to undergo password reset processes that can involve checking rarely used email addresses or having to remember the incorrect spelling of their answers to a wide variety of questions about their past history. Having apparently completed the process, the percentage of remote transactions that are then declined by the Issuer is around 10 times greater than those completed in the store. Not all these declines will be valid, with legitimate customers being turned away in the name of fraud prevention. Even so  millions of pounds of the approved transactions in the UK alone will still turn out to be fraudulent, further undermining the trust of the merchant and consumer alike.

Isn’t it strange that we live in a world where there is significant growth in online sales, but the mechanisms used to pay for those purchases are more cumbersome, less secure and less reliable than those used to buy on the high street? The good news is that the Payment Brands think that this is strange too and have a plan to fix it!

Earlier this month they published a draft version of their Secure Remote Commerce specification, which outlines an approach to promote security and interoperability within the card payment experience in a remote payment environment. The specification is currently out for public consultation. The Payment Brands are looking for feedback from those organizations which will deliver, interact with or use such solutions. (I know a few people who have read them and can help you to shape your reply if you are interested.) We may not see commercial solutions deployed in time for next year’s Black Friday event – these things take time. However they do offer the potential for interoperable payment solutions, with common authentication processes and levels of data security similar to those currently experienced on the high street.

In the short term, I really need to update the TV. So, in preparation for a flurry of holiday season internet shopping, I have cleared funds on my payment cards, cleaned the fingerprint readers on my tablets, found my long paper list of passwords and a similar list of answers to security questions. However, I can’t remember; was my first dog called Fido or Fenton?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.