In The Connected Economy’s Power Source – CEO Edition, Simon Law, co-founder and CEO of LoginID, discusses the importance of authentication and identity in the age of digital and faster payments. “Strong authentication and strong identity, the foundation of authenticated payments, is being mandated by more jurisdictions everywhere, and should be an integral part of any payment system,” he says. Here’s why.
The ease with which payments are made across different payment rails is evolving to meet today’s needs. The more common, traditional forms of “pull” payments and flows are changing into both “push” and “pull” payments and flows. This could apply to credit, debit, ACH, crypto or faster payments. An integral part of payment flows is to ensure that money is being sent by the right person and received by the right party. This is where authentication and identity are essential. By combining both strong authentication and strong identity, you create a non-repudiable digital signature. The question becomes: How do we achieve this?
The current state of affairs is that evolving payment methods and systems are demanding more flexibility, better security and a frictionless experience; however, there is still cumbersome friction in transaction execution. More often than not, users are asked to authenticate by providing OTPs, or are asked to download separate apps to generate codes or tokens. Apart from being vulnerable (to SIM swap attacks, phishing, etc.), these methods add additional and unnecessary friction to the payment experience, which could lead to a drop in conversion rates.
For “explosive” levels of digital payments to occur, the holy grail around authenticated payments needs to become mainstream. Authenticated payments are the result of combining both strong authentication and identity — the verification of a customer’s identity through strong authentication factors (something the user has, something the user is and something the user knows) and strong identity ( government identity documents validated against customer liveness). The process around an authenticated payment also provides a digital “receipt” or signature when a payment is completed.
Authenticated payments not only protect merchants, processors and users, but are also aligned with international regulations like the PSD2 directive. Strong authentication and strong identity, the foundation of authenticated payments, is being mandated by more jurisdictions everywhere, and should be an integral part of any payment system.
As a first step, enterprises should integrate strong authentication based on the FIDO standard. This will not only enhance the security of payment flows, but will also vastly improve the user experience, leading to a boost in overall buying volumes and improved conversion rates. Payment processors, merchants and all other organizations in the payments ecosystem should begin looking into upgrading their legacy systems to incorporate the new norm — strong authentication – and begin the process of adding strong identity to help achieve the holy grail.