Q&A WITH RANDY VANDERHOOF OF THE SMART CARD ALLIANCE
Payment card fraud remains a top concern for banks and credit unions. And Randy Vanderhoof, executive director of the Smart Card Alliance, says mobility can help address fraud incidents and losses.
One positive step: The movement toward more near-field communications. Mobile is the channel most banking institutions and retailers are riding as they coast along the NFC rails. In fact, Vanderhoof says support from Visa, MasterCard and Discover for card issuers and acquirers to rely on and accept more NFC and less magnetic-stripe will be a catalyst for mobile, which is increasingly being viewed as a more secure payments method.
- Selecting a Cybercrime Prevention Solution – Key Considerations and Best Practices: A Buyer’s Guide
- Best Practices for Securing Administrative Privileges & Preferences
- FFIEC Online Banking Security Readiness Study
- Protection Against Modern Cybersecurity Threats
- The Three Types of Lies: Lies, Damned Lies, and Caller ID
“We still have to live with the legacy security challenges that exist in the U.S. payments market for another few years, while we move the market forward with more security-enabled chip technology,” Vanderhoof says. “It’s not going to happen overnight, but the use of mobile is going to speed the process.”
During an exclusive interview with BankInfoSecurity, Vanderhoof says NFC provides more dynamic data than the stagnant information currently provided by mag-stripe transactions. That dynamic data will improve security, and supports compliance with the Europay, MasterCard, Visa standard, which is increasingly being pushed within the U.S.
The movement to NFC will be swift, and issuers and acquirers that don’t take steps now to get NFC plans in place will soon face financial consequences for shifting fraud liability and fines when penalties for non-conformance take effect.
“Get educated as quickly as possible, I think is the best advice that I can give,” Vanderhoof says.
Vanderhoof is the executive director of the Smart Card Alliance, a not-for-profit, multi-industry association of more than 180 member firms working to accelerate the widespread acceptance of smart card technology in North America and Latin America. Before joining the Smart Card Alliance, he was employed with IBM Global Smart Card Solutions; an international product group supporting IBM’s smart card services to its global banking, healthcare, and government industry vertical teams. Previously, he served on the Executive Board for the Alliance as a corporate member from 1998 to 2001.
Following is an edited transcript of Tracy Kitten’s conversation with Vanderhoof.
THE CHANGING PAYMENTS LANDSCAPE
TRACY KITTEN: How are financial institutions addressing their greatest payments security concerns?
RANDY VANDERHOOF: That question covers a couple of different areas. I would begin by saying first that we still have to live with the legacy security challenges that exist in the U.S. payments market for another few years while we move the market forward with more security enabled chip cards in the form of contact and contactless chip cards. But it’s not going to happen overnight. The other area that I think is still a concern is e-commerce and card-not-present fraud.
Because until we can really address those areas of weakness in terms of security, we have to fix the card present problem first. That’s going to take some time to do. But I think the technology shift and the opportunity for merchants, issuers and processors to all start to look at their overall infrastructure and implement changes will enable a faster transition than it would be if we were taking those on one at a time.
KITTEN: When we last spoke in July, we touched on the connection between anti-fraud investments and lost revenue in debit interchange. Eight months later, what’s changed?
VANDERHOOF: I think over time people have settled into the ideas of what impact the Durbin amendment was going to have on their revenue models and their investment planning for the future. Where eight months ago there was a lot of uncertainty, there was a lot of concern about how this was going to impact the bottom-line of issuers. I think a lot of that has played out since then, and I think today the brands and the issuers have absorbed that change into their business strategies and they’re now looking forward to some of the other things that are on their plates, like increasing options for consumers to expand the payments marketplace, as well as incorporating some of the new technologies like EMV and mobile payments into their product offerings.
For more information on computer security and computer security training visit Security University: