Major card companies propose global standard to enhance security
Digital payment token to replace account number for online, mobile transactions
- |
- Written by John Ginovsky
Visa, MasterCard, and American Express proposed a framework for a new global standard to enhance the security of digital payments and simplify the purchasing experience when shopping on a mobile phone, tablet, personal computer, or other smart device.
According to an August 2013 report from the U.S. Census Bureau, roughly 6% of all retail sales today are conducted digitally, up nearly 200% since the first quarter of 2004. As the number of digital transactions has increased, so has consumer demand for increased protection of their payment information. A host of industry activities, led by issuing and acquiring financial institutions, have already been introduced to help streamline and further secure payments in digital channels.
Aligned with these initiatives, the proposed standard would meet this consumer demand and allow the traditional account number to be replaced with a digital payment token for online and mobile transactions. With a token, consumers will no longer be required to enter an actual account number when shopping online or on a smart device. Tokens provide an additional layer of security and eliminate the need for merchants, digital wallet operators, or others to store account numbers.
To ensure consistency across the globe, the proposed standard used to generate tokens would be based on existing industry standards and would be available to all payment networks and other payment participants. Key elements of the proposed standard include:
- New data fields to provide richer information about the transaction, which can help improve fraud detection and expedite the approval process.
- Consistent methods to identify and verify a consumer before replacing the traditional card account number with a token.
- A common standard designed to simplify the process for merchants for contactless, online or other transactions.
How a token standard could work: Once a standard is agreed to and implemented, issuers, merchants, or digital wallet providers would be able to request a token so that when an account holder initiates an online or mobile transaction, the token—and not the traditional card account number—would be used to process, authorize, clear, and settle the transaction in the same way traditional card payments are processed today. Tokens can be restricted in how they are used with a specific merchant, device, transaction, or category of transactions.
The development of a global standard will enable a new generation of payment products, while maintaining compatibility with the existing payments infrastructure. Key principles driving the development of a token standard for digital payments include:
- Ensuring broad-based acceptance of a token as replacement for the traditional card account.
- Enabling all participants in the existing ecosystem to route and pass through the payment token.
- Enabling digital wallet operators, mobile application developers, and others to easily and securely develop innovative payment products.
- Improving cardholder security with tokens that are limited for use in specific environments.
The proposed framework has incorporated the input of many stakeholders, particularly card issuers and merchants. Over the coming weeks, the framework will also be presented to other partners and independent industry bodies, such as The Clearing House, PCI Security Standards Council, and EMVCo, to align and further advance the standard.
“For more than five decades, the payments industry has relied on standards to safely and consistently process payments,” says Jim McCarthy, global head of Innovation and Strategic Partnerships, Visa Inc. “As more consumers make purchases with mobile phones, tablets, and PCs, we are committed to showing industry leadership in the development of new standards that offer the same interoperability, reliability and security as traditional card payments.”
The payments industry has a long history of collaborating to develop the necessary standards that allow merchants and financial institutions to offer a consistent and secure payment experience, while providing consumers the confidence to shop anywhere, anytime.
“This continued transition from plastic cards to digital is all about providing consumers with the ability to easily and safely make a purchase. They would no longer need to store their actual card account number when shopping online or with a smart device; the token would serve as that stand-in,” says Ed McLaughlin, chief emerging payments officer, MasterCard. “This proposed global standard builds on our track record of working across the industry to deliver safe and secure payment products. What we’re introducing today is comparable to how the industry came together to develop and use the magnetic stripe, EMV, and NFC on a global scale.”
“By working together to form a common global standard for online and mobile shopping, we will be able to provide enhanced security, interoperability and consistency for all participants within the digital payments ecosystem,” says Mike Matan, head of Global Network Business, American Express. “In addition, we will be able to drive the rapid adoption and expansion of digital payments, delivering innovative new products and services that will allow consumers to realize the full potential of digital commerce in today’s world.”
Tagged under Payments, Risk Management, Cards, Security, Cyberfraud/ID Theft,
Related items
- Incorporating Macroeconomic Scenarios in Credit Loss Forecasting
- TD Bank Survey: Holiday Shoppers Plan to Trim Spending & Avoid Overspending This Year
- Top Australian Banks Join Fraud-Tackling Network
- CFPB Finalizes Rule on Popular Digital Payment Apps to Protect Personal Data, Reduce Fraud, and Stop Illegal “Debanking”
- Scott Bessent as Treasury Secretary Keeps Markets Moving in the Right Direction