Securing Contactless Card Payment TransactionsQuatrro's COO on Balancing Security vs. Customer Convenience
When taking steps to guard against fraudulent transactions through contactless payments, organizations must carefully balance the level of security versus customer convenience, says Sriram Natarajan, COO at Quatrro, a business process firm that consults in the financial sector.
The credit and debit card and contactless payment transactions based on the EMV and PCI DSS standards follow the ISOIEC1443 protocol, which is quite secure, he points out.
However, there are new authentication standards emerging which generate "a unique cryptogram one-time code and dynamic code which are an advanced level of security," Natarajan says in an interview with Information Security Media Group.
Payment organizations are leveraging new technologies, such as artificial intelligence and machine learning as well as location-based technologies, which use analytics and advanced fraud monitoring systems along with dynamic tokens and scorecards to secure transactions, he points out.
"The gray area is some of these private label mobile wallets and contactless payments - each of them may follow their own standards," he says.
In the interview (see audio link below photo), Natarajan discusses:
- How new technologies such as AI and machine learning are bridging security gaps;
- Proliferation of QR codes as a new security protocol;
- Risks arising out of low-volume transactions.
Natarajan, president and chief operating officer at Quatrro, is a cards/payments risk management and fintech specialist with over 28 years of experience spanning various global markets. He has managed portfolios across retail banking and cards in varying economic and business cycles. Natarajan has had previous roles at American Express, HSBC, and GE Money.