As consumers shift to digital and mobile channels, what are the best ways to ensure that customers/ users aren’t the weak link in the security chain?
Customers utilizing digital and mobile methods for connectivity presents large security risks; but o ering unsecured and untested connectivity will always generate risk factors. Payment  rms should not enter into digital transac- tions unless they have previously identi ed the speci c risks and put risk mitigants into place for those risks.
—Andrea Corbine,
senior consultant, SightSpan Inc.
We work directly with our clients to implement sol- utions that are easy to deploy, yet sophisticated enough to ensure end users are protected and not
a point of vulnerability. We secure data at rest and
in transport with secure encryption (such as AES 256-bit), and include separate key storage and one- time-use transaction tokens to create a secure envi- ronment that protects every stage of the transaction. To further protect clients and end users, we also are working aggressively to deploy cutting-edge emerg- ing technologies, such as biometric authentication,
as part of the multifactor-authentication strategy. Finally, we work closely with clients to deliver com- prehensive end-user education programs. We believe consumers who are knowledgeable about the service and the technology consistently use our platforms in more responsible and secure ways, such as safeguard- ing their devices and log-in credentials.
—Hunter Wolfe,
senior vice president, sales and operations, Cachet Financial Solutions
Even though our solutions meet the highest security standards, it’s still necessary that users play their part with regard to their own online security. As part of sensitizing our customers
to this subject, we regularly inform them about current threats and countermeasures, such
as new product features, developed to in- crease their security. We’re currently run-
ning a security campaign with a wide range of educational materials and activities.
—Udo Mueller,
CEO, paysafecard
In other words, how do we protect our most naive customer from the savviest fraudster?
This is an ongoing concern and we’ve faced
it before. For years, some customers were tricked
into disclosing bank account information through email or phone call phishing. Education and mass mailings were not the answer. Store Financial led the industry with a proactive solution; by adding an extra auth- entication value, not shared with the customer,
the bad guys were phishing in a contaminated pond. Even if cardholders were phished out of all known account information, the fraudsters’ transactions would still be declined, proving our e orts stopped fraud.
—Mark Tomasic,
vice president, risk management and fraud prevention, Store Financial Inc.
volume 9 • spring 2016
paybefore.com 9