With news that the retail industry could stand to miss out on £60 billion of sales from new PSD2 rules coming out in September, Mitek’s EMEA MD Rene Hendrikse comments on the need for retailers to invest in anti-fraud technologies to combat this issue and secure online transactions – sooner rather than later.
The new rules on ‘strong customer authentication’ will require retailers, banks and FS firms to authenticate their customers through something they “have”, “are” and “know”. Rene warns that while banks are in the know, many retailers and online marketplaces simply aren’t prepared for – or even aware of – the need to comply with the latest PSD2 regulations, and will soon find themselves in very hot water.
Rene Hendrikse, EMEA MD at Mitek:
“With open banking, consumers can now benefit from better deals, access to new products and services, and better control over their money. But there is also a dark side – open banking means the potential for fraud will grow exponentially. To tackle this, the regulator has introduced ramped up identity checks, with the addition of rules around ‘strong customer authentication’ (SCA) which come into force in September. But recent warnings from the retail industry suggest online retailers may not be able to process online transactions – and could miss out on billions of pounds as a result.
“Sooner rather than later, retailers must recognise the need to invest in anti-fraud technologies. With the new anti-fraud rules, every customer will have to be authenticated by at least two of the following criteria: something they have, something they are, and something only they know. Come September, this will be necessary for every online transaction. This could include an ID document, a biometric identifier, and a security question, going beyond simply your card details as is the current standard. This introduces an additional layer of security to defend against the threat of fraud from online transactions – but it also presents a challenge for organisations to implement with less than five months to go.
“Online retailers must focus on putting the technology in place to be able to verify customer identities in line with PSD2. Regtech, technology that helps achieve regulatory compliance, will play a more important role than ever before. For example, identity verification technology handles the “are” and “have” of SCA, by verifying an ID document against a selfie. AI-driven anti-fraud technologies will also be crucial to monitoring for and stopping fraud when it occurs.
“Within the next few months, investing in the right technologies and implementing them quickly and efficiently should be top of every retailer and online marketplace’s agenda. If not, the retail sector will find itself in serious trouble.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.