Capgemini, Verizon identify COVID-related risks

Capgemini's World Payments Report 2020 and Verizon's 2020 Payment Security Report, both released Oct. 6, 2020, link mobile, digital and virtual payments adoption to a range of emerging security threats.

Anirban Bose, CEO of Capgemini's Financial Services and member of the company's group executive board, pointed out that global usage of digital and mobile payments had been steadily increasing and driving payments industry competition before the onset of the global coronavirus pandemic.

"Now more than ever, payments providers need to deliver differentiated offerings that emphasize speed, convenience and a superb end-to-end customer experience," Bose said. "Currently, we are seeing visionary banks and payments firms diligently prioritizing technology transformation and actively adopting a 'curate and collaborate' approach by teaming with agile new players to create more nimble organizations."

Sampath Sowmyanarayan, president, global enterprise at Verizon Business, warned that numerous businesses lack the resources to support long-term data security and compliance.

"The recent coronavirus pandemic has driven consumers away from the traditional use of cash to contactless methods of payment with payment cards as well as mobile devices," Sowmyanarayan said. "This has generated more electronic payment data and consumers trust businesses to safeguard their information. Payment security has to be seen as an on-going business priority by all companies that handle any payment data, they have a fundamental responsibility to their customers, suppliers and consumers."

Digital rules

Bose attributed rising transaction levels to increased smartphone, ecommerce, digital wallet and QR code payments usage; the highest recorded volumes were found in Asia-Pacific which reached 243.6 billion in 2019. Increased competition is forcing traditional payments providers to evolve quickly to meet consumer demand for tech-driven financial services, he stated.

Capgemini researchers expect to see more growth in alternative payments that meet consumer demand for speed, convenience and superior service. Following are additional report highlights:

• Digital wallet growth: 50 percent of the world's consumers will use some form of digital wallet by 2024 as digital wallet adoption and noncash transactions continue to grow 12 percent annually.

• Ecommerce growth: 1.1 trillion transactions will be processed by 2021, as alternative payment methods drive noncash transaction momentum.

• Fintech and bank collaboration: Fintechs will help banks weather economic uncertainties due to COVID-19; 60 percent of bank executives expressed willingness to work with third parties to augment financial services infrastructures.

Emerging risks

Capgemini researchers noted that 87 percent of survey respondents expect to face new cyber threats as criminals exploit systemic vulnerabilities during the COVID-19 business shutdown. They also proposed that collaborations among fintechs and financial institutions will help address these emerging threats as digital payments continue to scale, exposing payments industry stakeholders to risks in cybersecurity, regulatory, operational and business arenas.

"Collaboration as part of this transformation can help with pandemic-driven uncertainty as regulators focus on addressing risks, especially with non-cash payments," researchers wrote. "Banks are actively pursuing two different ways to achieve a leaner and more agile backend that can keep pace with a digital front-end, by either developing in-house capabilities or by working with digitally agile new players. In addition to developing in-house capabilities, 60% of bank executives believe that working with third parties throughout the value chain will help them augment ecosystem-based propositions."

Verizon researchers concurred that payment data is the impetus for nine out of 10 data breaches. Within the retail sector, 99 percent of security incidents analyzed by the 2020 DBIR concerned acquiring payment data for criminal use, they added.

Necessary precautions

Noting that only 27.9 percent of companies fully comply with the Payment Card Industry Data Security Standard (PCI DSS), Verizon researchers recommended that organizations immediately institute the following guidelines:

• Change default settings: Less than half of organizations in the Americas (47.9 percent) change default vendor passwords or have a process in place for monitoring them

• Maintain essential perimeter protection: Just seven out of 10 financial institutions (70.6 percent) reported maintaining essential perimeter security controls.

• Monitor, detect and react: Only about two-thirds (66.2 percent) of businesses track and monitor system access adequately.

"This report is a welcome wake-up call to organizations that strong leadership is required to address failures to adequately manage payment security," said Maxine Holt, senior research director at Omdia. "The Verizon Business report aligns well with Omdia's view that the alignment of security strategy with organizational strategy is essential for organizations to maintain compliance, in this case with PCI DSS 3.2.1 to provide appropriate levels of payment security."

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.