PayPal Stories Archive

3 Stakeholders to Secure the Payment Chain
E-commerce is a fast-growing segment, with the business-to-consumer market in Southeast Asia expected to have expanded 28.5% to surpass US$6 billion in 4Q 2017[1]. Today, consumers and businesses alike have moved from cash-based transactions to embrace the ease and popularity of digital payments.
 
Building confidence in online payments is essential as we embrace a new way of conducting commerce. As seen from PayPal’s recent research[2], 46% of respondents agreed that the assurance of secure transactions was a push factor towards the adoption of digital payments. To enable the digital economy to thrive, it is important that we ensure transactions are processed in a safe,convenient and timely manner.
 
The rise in both frequency and sophistication of identity thefts and fraud have made it difficult for digital payment innovation alone to keep up. While governments and regulators in the region have demonstrated their commitment to cybersecurity, payment providers, businesses and consumers have the shared responsibility to take steps to secure the payment chain.
 
Here are some ways these three payment ecosystem stakeholders can enhance end-to-end security in online payments:
 
1.Digital payment providers: strengthen safeguards to boost user confidence
While convenience is enabling transactions with a click of the button, what drives mass adoption is reliable and robust security that has been proven to protect users. In the long run, this instills trust among consumers and builds confidence for online commerce to flourish. 
 
To be one step ahead of cybercriminals, digital payment providers must offer rigorous protections and proactively strive to mitigate risk and safeguard business continuity. This means that they must ensure the air-tight protection of sensitive information and factor in risk assessments and future proofing needs in their system. These key components serve as the stable foundation on which financial technologies are built upon.
 
Fraud prevention and effective risk management must be covered right from the onboarding phase, with payment companies designing advanced security technologies where risk-based analytics can be devised to monitor both present and past customer activities for possible risks and to authenticate customer identity. Consequently, providers need to ensure that any adjacent systems, whether proprietary or not, that come in contact with this data trove need to do so with appropriate controls and encryption present.
We have seen that best-in-class solutions are built from the ground up and can reliably detect fraudulent activities with the help of smart algorithms and advanced data analytics. For payment providers, investing in such systems is a worthwhile process as they get smarter with every transaction, allowing for more confident differentiation of fraud behavior from intended good user behavior.
 
2.Merchants: invest in secure infrastructure to mitigate risk
For a burgeoning e-commerce market like the Asia-Pacific region, the fight against cybercrime requires increased attention by merchants on fraud and risk management to protect both themselves and their customers. Businesses must realize that investment into proper risk controls and a robust system infrastructure – whether through the development of internal risk management capabilities or working with an external payments provider that offers risk management services– is crucial to efficiently flag and mitigate risk.
 
It is critical to have multiple security layers, authorization protocols, and tracking and monitoring systems to maintain consumer trust in digital payments and consequently, e-commerce. Unlike the past, the world of commerce is increasingly functioning on-the-go, with transactions happening across borders and time zones at an unprecedented pace. The sheer volume of transactions has made it more attractive for cybercriminals to infiltrate systems, utilizing sophisticated tactics that enable them to do it quickly and anonymously. This requires merchants to procure risk mitigation systems that work round the clock and are responsive in real time. The advantage lies with utilizing payment solutions that transcend geographical boundaries, such as PayPal. Having a global presence demands a robust network with deep capabilities and provides the ability to apply learnings from one country to all geographies, hence minimizing the impact of security breaches.
 
3.Consumers: Understand their role as the front-liner  against fraud
While businesses and payment providers have the responsibility to safeguard end-users, consumers need to acknowledge they play an equally important role to educate themselves on simple and proven steps they can take to lower their risk of fraud and theft. The adage “humans are the weakest link” holds true when it comes to cybersecurity, with six of out 10 consumers simply reusing passwords across accounts[3].
 
Simple protection measures like passwords are things that we don’t put much thought into but goes a long way in lowering susceptibility to threats such as phishing, malware and identity theft. Taking small measures of protection to be safe than sorry doesn’t eliminate the threat entirely, but it will help lessen it considerably. For instance, users can begin with formulating secure, unique passwords for each online account. Users should also ensure safety signposts are in place before entering their personal information, such as website addresses beginning with HTTPS or padlock icons present on the site. Last but not least, users should always use licensed and updated anti-virus software.
 
The transition to the digital economy demands that security measures keep pace with increasing risks and threats. As we work towards a safer and more secure online world, we must accept that for holistic security protection, everyone in the payments ecosystem must do their part.
 
This was originally posted on About-Fraud.com.
 
[1]Frost & Sullivan E-Commerce Q4 2017 update released in February 2018 (link)
[2] The PayPal Asia research report, ‘Digital Payments: Thinking beyond Transactions’ (link)
[3] 2017 Digital Guardian Password Security Habits Survey (link)

Amaresh Mohan, Regional Director, Financial Risk Management, PayPal Asia Pacific