The mobile ‘security gate’ making agent card not present payments safer
Innovative use of mobile technology can reduce fraud and enhance consumer trust in agent payments when taking card not present payments
As a leader in the adoption of mobile money and other digital payment solutions, in many ways Africa is pioneering the cashless society, which in theory should mean lower risk of theft and fraud. Unfortunately, fraudsters continue to find new and innovative ways to get their hands on consumers’ money. Our recent research into fraud in Kenya, for example, found that a growing number of consumers are falling victim to fraud via digital channels, while criminals continue to defraud consumers via traditional methods such as cheque fraud and ATM card skimming.
Call centre agent payments
A key risk area is when payments are made via call centre agents where card is not present: when consumers transact through agents working remotely in the field, they typically hand over a debit or credit card to facilitate payment. At this point, they are exposed to the risk of having their card details used fraudulently by the agent or sold onto other fraudsters.
This added level of risk means that while digital channels and remote payments promise greater convenience and cost savings for consumers, concerns about fraud may hamper adoption and prevent them from enjoying all the benefits of the digital age.
Take, for example, a debt collection agent calling a customer to chase a payment. The agent will call the customer requesting that a payment be made. If the customer is in a position to make payment, they will provide their card details over the phone for the agent to take a payment. The customer has effectively been forced to hand over all of this sensitive information with no way of securing their details from fraudulent use.
Securing new financial service channels
For banks, insurance companies, retailers and other organisations seeking to offer next generation financial service products and services, trust in these new channels will be a deal breaker or a deal maker. In the race to innovate and differentiate, organisations cannot afford to overlook security and the need to build trust into all transaction platforms and applications where card not present (CNP) payments are made, from the ground up.
Fortunately, the ideal security platform is already in the hands of end users and consumers. The mobile phone, used innovatively, can authenticate, validate, authorise and protect consumers and transactions in myriad ways. Moving beyond the well-known methods for authentication, such as one-time PINs and passwords, mobile devices can also be used to secure consumers and their information across every stage of a transaction. Importantly, by leveraging existing Unstructured Supplementary Service Data (USSD) technology in innovative new ways, organisations can deliver next-generation digital security to even the most basic feature phones for CNP payments.
Secure channel for collecting sensitive card information
The ability to secure transactions is particularly relevant in sectors and regions that are heavily reliant on agent networks, where consumers have to hand over valuable and sensitive information to agents in order to subscribe or pay for a service.
Through Myriad Connect’s solution, consumers can be empowered to control what information is passed to these agents.
For example, if a debt collection agent phones a customer to collect payments that are due, the customer can provide their card details over a secure USSD session that is pushed to their device to make the payment – without the agent needing access to the consumer’s actual card details. The customer can securely enter some of the card details, like card number and PIN on their phone and then provide details like expiry date to the agent. In this way, no single channel holds all card details for that customer and the agent only knows the expiry date. This method can be used for safe collection of CNP payment details for any product or service – so no agent or employee can ever access a customer’s card or payment details and steal them.
Not only is the transaction faster and more secure than via traditional methods, it also helps build consumer trust in, and loyalty to, the organisation they are transacting with. Protecting customers’ sensitive information in this way builds a foundation for expanded engagement and confidence in different channels for financial services in the future.