• Home

  • Documents

  • Mobile Payment Security By Tia D. Ilori MOBILE EVOLUTION · 2020-07-17 · Mobile Payment...
2
140 Hospitality Upgrade | Summer 2013 www.hospitalityupgrade.com MOBILE EVOLUTION Securing the Next Wave of Payment Innovation Mobile Payment Security By Tia D. Ilori Not only did mobile payments exceed forecasts tenfold, reaching $100 billion in 2010, but the total for digital and physical goods is expected to reach $630 billion by 2014. Over the years, cash yielded to travelers checks. Then it was payment cards that were passed across the check-in counter. Then came the proliferation of the computer, allowing bookings through hotel websites and third-party travel sites to take off. And right now, in your lobby, the payments evolution continues as guests arrive, busily typing away on their tablets or mobile devices. Instead of using a plastic card, many guests soon will be using their mobile devices to make payments too. Understandably, many hotel operators want to keep in step with their guests and are evaluating how best to implement these emerging payment forms by making online apps available, installing contactless readers or even by accepting payments via tablets, through a device like Square Reader. The potential value of mobile payments is remarkable, as evidenced in other areas of the globe. In 2005, the British marketing research firm Juniper Research predicted that total transactions via mobile devices would be $155 million that year and top $10 billion by the end of the decade. Not only did mobile payments exceed that forecast tenfold, reaching $100 billion in 2010, but the total for digital and physical goods is expected to reach $630 billion by 2014. As the proliferation of mobile, and specifically mobile payment technologies continues, security will need to be a top consideration for long-term success. Before we jump into the security guidelines, it’s important to first define what we mean when we talk about mobile payments. There are two primary types of mobile payments; those made at the physical point of sale (POS), and in the e-commerce environment, defined by the industry as proximity payments and remote payments, respectively. Some hotels are leveraging NFC technology to allow their guests to make proximity payments in which a short-range radio signal is transmitted between the mobile device and terminal, initiating the payment and allowing it to be processed through the traditional card processing networks and systems. Some hotels may use the technology to serve multiple purposes such as allowing a customer to pay for a stay while also enabling his or her mobile device to serve as a room entry device. Unlike proximity payments, remote payments do not require the consumer to be in the store or even in the same country as the merchant. Instead, remote payments bring the convenience of online shopping to a person’s mobile device. Remote payments include browser-based payments, similar to a computer-based e-commerce experience, and app-based pay- ments, when the consumer uses a vendor-sponsored application or wallet to find and purchase goods or services. A number of companies offer mobile wallets, including Visa’s product V.me. On the merchant side of the equation, mobile is also changing the way hotel operators can accept payments. Mobile phones are beginning to be used as portable POS devices. In the world of smartphone applications, software is emerging to allow small merchants or individuals to subscribe to payment services where they accept card payments via key-entered card data on their mobile phones. Mobile phone accessories are also emerging that add a magnetic stripe or chip reader to a mobile phone, so that card data can be entered electronically as with a traditional POS device. The future of mobile payments offers unrivalled oppor- tunity for the hospitality industry, but ensuring the security of these new forms of mobile payments will be critical if they are to take root. As hoteliers harness the power of mobile technol- ogy to accept payments and grow their businesses, secure mer- chant acceptance practices are critical to maintain guests’ trust. image © audioundwerbung

Mobile Payment Security By Tia D. Ilori MOBILE EVOLUTION · 2020-07-17 · Mobile Payment Acceptance Solution. Ensure that only authorized users (i.e., designated employees) have

  • Upload
    others

  • View
    6

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Mobile Payment Security By Tia D. Ilori MOBILE EVOLUTION · 2020-07-17 · Mobile Payment Acceptance Solution. Ensure that only authorized users (i.e., designated employees) have

140 Hospitality Upgrade | Summer 2013 www.hospitalityupgrade.com

MOBILE EVOLUTIONSecuring the Next Wave of Payment Innovation

Mobile Payment Security By Tia D. Ilori

Not only did mobile payments exceed forecasts tenfold, reaching $100 billion in 2010, but the total for digital and physical goods is expected to reach $630 billion by 2014.

Over the years, cash yielded to travelers checks. Then it was payment cards that were passed across the check-in counter. Then came the proliferation of the computer, allowing bookings through hotel websites and third-party travel sites to take off. And right now, in your lobby, the payments evolution continues as guests arrive, busily typing away on their tablets or mobile devices.

Instead of using a plastic card, many guests soon will be using their mobile devices to make payments too. Understandably, many hotel operators want to keep in step with their guests and are evaluating how best to implement these emerging payment forms by making online apps available, installing contactless readers or even by accepting payments via tablets, through a device like Square Reader.

The potential value of mobile payments is remarkable, as evidenced in other areas of the globe. In 2005, the British marketing research fi rm Juniper Research predicted that total transactions via mobile devices would be $155 million that year and top $10 billion by the end of the decade. Not only did mobile payments exceed that forecast tenfold, reaching $100 billion in 2010, but the total for digital and physical goods is expected to reach $630 billion by 2014. As the proliferation of mobile, and specifi cally mobile payment technologies continues, security will need to be a top consideration for long-term success.

Before we jump into the security guidelines, it’s important to fi rst defi ne what we mean when we talk about mobile payments. There are two primary types of mobile payments; those made at the physical point of sale (POS), and in the e-commerce environment, defi ned by the industry as proximity payments and remote payments, respectively.

Some hotels are leveraging NFC technology to allow their guests to make proximity payments in which a short-range radio signal is transmitted between the mobile device and terminal, initiating the payment and allowing it to be processed through the traditional card processing networks and systems. Some hotels may use the technology to serve multiple purposes such as allowing a customer to pay for a stay while also enabling his or her mobile device to serve as a room entry device.

Unlike proximity payments, remote payments do not require the consumer to be in the store or even in the same country as the merchant. Instead, remote payments bring the convenience of online shopping to a person’s mobile device.

Remote payments include browser-based payments, similar to a computer-based e-commerce experience, and app-based pay-ments, when the consumer uses a vendor-sponsored application or wallet to fi nd and purchase goods or services. A number of companies offer mobile wallets, including Visa’s product V.me.

On the merchant side of the equation, mobile is also changing the way hotel operators can accept payments. Mobile phones are beginning to be used as portable POS devices. In the world of smartphone applications, software is emerging to allow small merchants or individuals to subscribe to payment services where they accept card payments via key-entered card data on their mobile phones. Mobile phone accessories are also

emerging that add a magnetic stripe or chip reader to a mobile phone, so that card data can be entered electronically as with a traditional POS device.

The future of mobile payments offers unrivalled oppor-tunity for the hospitality industry, but ensuring the security of these new forms of mobile payments will be critical if they are to take root. As hoteliers harness the power of mobile technol-ogy to accept payments and grow their businesses, secure mer-chant acceptance practices are critical to maintain guests’ trust.

image © audioundwerbung

Page 2: Mobile Payment Security By Tia D. Ilori MOBILE EVOLUTION · 2020-07-17 · Mobile Payment Acceptance Solution. Ensure that only authorized users (i.e., designated employees) have

142 Hospitality Upgrade | Summer 2013 www.hospitalityupgrade.com

Mobile Payment Security

The first and most important security consideration is making sure that hotels consider the security of these new payment channels and that they meet the applicable Payment Card Industry Data Security Standards (PCI DSS). Furthermore, the Payment Application Data Security Standards (PA-DSS) applies to software applications used to accept payment data.

Only use Mobile Payment Acceptance Solutions as originally intended. To prevent unintended consequences from the misuse of a mobile acceptance solution, ensure that the solution is used in a manner consistent with guidance provided by an acquiring bank and solution provider. This includes ensuring that any software downloaded onto the consumer mobile device comes from a trusted source.

Are you enjoying every dropof your enterprise software system?

®

So, is System Adoption important to you?

Call 770.685.6500 www.venzagroup.com

Are you enjoying every dropof your enterprise software system?Are you enjoying every drop

of your enterprise software system?Are you enjoying every drop

HITECBooth #319

33% Consumed

66% Wasted

FACT:On average, hotel staff adopt only 1/3rd of their property’s PMS/POS into their daily workflow.

Limit access to the Mobile Payment Acceptance Solution. Ensure that only authorized users (i.e., designated employees) have physical/logical access to the payment functionality of the solution. Merchants are encouraged to use a passcode, password or security pattern to lock their consumer mobile devices when not in use. The consumer mobile device should be configured to auto-lock after a number of minutes of inactivity.

Immediately report the loss or theft of a consumer mobile device and/or hardware accessory. Contact the acquiring bank immediately to help report the loss or theft of a consumer mobile device and/or hardware accessory to ensure the prompt implementation of any necessary actions. Consult Visa’s guide on What To Do If Compromised at www.visa.com/cisp for step-by-step instructions on how to respond to a security incident.

Install software only from trusted sources. Merchants should not circumvent any security measures on the consumer mobile device. To avoid introducing a new attack vector onto a consumer mobile device, install only trusted software that is necessary to support business operations and to facilitate payment.

Protect the consumer mobile device from malware. Establish sufficient security controls to protect a consumer mobile device from malware and other software threats. For example, install and regularly update the latest anti-malware software (if available). Merchants should regularly update the firmware of their devices and install any application updates whenever a new update becomes available.

Merchants who choose to deliberately subvert the native security controls of a consumer mobile device by jailbreaking or rooting the device increases the risk of malware infections.

Adhering to the best practices outlined above can help limit the exposure of account data that may be used to commit fraud and prevent software attacks on consumer mobile devices.

Visa is helping support secure mobile payment innovation through its newly launched Visa Ready Partner Program. The program is designed to provide innovators a path to ensure that devices, software and solutions used to initiate or accept Visa payments are compatible with Visa’s requirements.

Keeping security top of mind when upgrading to new payment acceptance solutions will provide new opportunities to you and your guests while closing the doors to criminals.

Tia D. ilori is a business leader with the Americas Payment System Security division of Visa Inc.

The fundamental principles behind these standards would be equally applicable to the mobile space. Additionally, the PCI Council also released some recommended mobile guidelines.

(https://www.pcisecuritystandards.org/documents/Mobile_Payment_Security_Guidelines_Merchants_v1.pdf )

Visa recommends the following mobile payment acceptance best practices

Scan thE ImagE On pagE 140 with the Layar app to launch the pcI council's recommended mobile guidelines.


Mobile Banking & Mobile Payment Services - TRPCtrpc.biz/wp-content/uploads/...PhilippeGerardAlcatel_Presentation.pdf · Mobile Banking & Mobile Payment Services January, 2008 Presenter

Mobile Banking & Mobile Payment Services - TRPCtrpc.biz/wp-content/uploads/...PhilippeGerardAlcatel_Presentation.pdf · Mobile Banking & Mobile Payment Services January, 2008 Presenter

Documents
Mobile payment presentation

Mobile payment presentation

Economy & Finance
Mobile Payment Systems: Legal and Regulatory Challengesmedia.straffordpub.com/products/mobile-payment-systems-legal-and... · Mobile Payment Systems: Legal and Regulatory Challenges

Mobile Payment Systems: Legal and Regulatory Challengesmedia.straffordpub.com/products/mobile-payment-systems-legal-and... · Mobile Payment Systems: Legal and Regulatory Challenges

Documents
Issi-link Mobile Payment (mobile wallet) deck

Issi-link Mobile Payment (mobile wallet) deck

Technology
Mobile Commerce & Mobile Payment

Mobile Commerce & Mobile Payment

Technology
Analyse von Mobile Payment und Modell von Mobile Payment in …graebe/Texte/Kou-18.pdf · 2020-05-20 · 2. Art von Mobile Payment Art von Mobile Payment können in zwei Teile unterteilt

Analyse von Mobile Payment und Modell von Mobile Payment in …graebe/Texte/Kou-18.pdf · 2020-05-20 · 2. Art von Mobile Payment Art von Mobile Payment können in zwei Teile unterteilt

Documents
Mobile Payment Analysis

Mobile Payment Analysis

Business
Mobile Payment System

Mobile Payment System

Documents
What motivates mobile payment? Payment in the... · widespread mobile payment is Denmark Use mobile payments apps at least once a week 47% 11% Do not use mobile payment apps 7% of

What motivates mobile payment? Payment in the... · widespread mobile payment is Denmark Use mobile payments apps at least once a week 47% 11% Do not use mobile payment apps 7% of

Documents
IBP_Whitepaper NFC Mobile Payment - NFC Mobile Payment – Ein Blick nach Südkorea & Japan

IBP_Whitepaper NFC Mobile Payment - NFC Mobile Payment – Ein Blick nach Südkorea & Japan

Technology
Gbenga-Ilori Ph.D. thesis

Gbenga-Ilori Ph.D. thesis

Documents
Digitale Transformation im Payment: Was macht die Payment ...€¦ · SwissWallet / MasterPass E-/M-Wallet NFC Mobile Payment Device SE NFC Mobile Payment SIM-basiert NFC Mobile Payment

Digitale Transformation im Payment: Was macht die Payment ...€¦ · SwissWallet / MasterPass E-/M-Wallet NFC Mobile Payment Device SE NFC Mobile Payment SIM-basiert NFC Mobile Payment

Documents
Mobile Payment Market and Research - Past, Present and … · Mobile Payment Market and Research - Past, Present and Future Tomi Dahlberg, ... Mobile payment systems, mobile payment

Mobile Payment Market and Research - Past, Present and … · Mobile Payment Market and Research - Past, Present and Future Tomi Dahlberg, ... Mobile payment systems, mobile payment

Documents
What motivates mobile payment? Payment... · 2019. 9. 23. · Mobile payment Initially, the Nordic countries were introduced to mobile peer-to-peer payment. The more broad use of

What motivates mobile payment? Payment... · 2019. 9. 23. · Mobile payment Initially, the Nordic countries were introduced to mobile peer-to-peer payment. The more broad use of

Documents
Convergencia mobile payment

Convergencia mobile payment

Career
Mobile Payments Overview - Merchant Advisory Group • What is a Mobile Payment? • Mobile Commerce & Payment Trends • Mobile Shopping Ecosystem • Proximity Payment Technologies

Mobile Payments Overview - Merchant Advisory Group • What is a Mobile Payment? • Mobile Commerce & Payment Trends • Mobile Shopping Ecosystem • Proximity Payment Technologies

Documents
Mobile Payment - India

Mobile Payment - India

Documents
Mobile as a Payment Method. Contents Introduction Mobile as a payment method at physical retailers - Value Chain & Economics Mobile as a payment method

Mobile as a Payment Method. Contents Introduction Mobile as a payment method at physical retailers - Value Chain & Economics Mobile as a payment method

Documents
Payment 3.0 / Mobile Payment - Strudthoff

Payment 3.0 / Mobile Payment - Strudthoff

Mobile
Rfid Mobile Payment

Rfid Mobile Payment

Documents
Mobile Payment Systems

Mobile Payment Systems

Documents
Interbank Mobile Payment Service. Interbank Mobile Payment Services Instant!!!! ^

Interbank Mobile Payment Service. Interbank Mobile Payment Services Instant!!!! ^

Documents
Mobile Payment

Mobile Payment

Documents
Mobile Payment Standard

Mobile Payment Standard

Documents
Mobile Payment Procedures: Scope and Characteristics · 2 MOBILE PAYMENT PROCEDURES: SCOPE AND CHARACTERISTICS Abstract. The existence of standardized and widely accepted mobile payment

Mobile Payment Procedures: Scope and Characteristics · 2 MOBILE PAYMENT PROCEDURES: SCOPE AND CHARACTERISTICS Abstract. The existence of standardized and widely accepted mobile payment

Documents
Mobile payment v3

Mobile payment v3

Technology
Revista ILORI WORLD Tomo 2

Revista ILORI WORLD Tomo 2

Documents
Siru Mobile Nordics Presentation Mobile Payment Solution

Siru Mobile Nordics Presentation Mobile Payment Solution

Technology
Payment Security By Tia D. Ilori SECURITY OPTIONS€¦ · security solutions, hospitality industry operators can help protect their guests’ personal information across payment channels

Payment Security By Tia D. Ilori SECURITY OPTIONS€¦ · security solutions, hospitality industry operators can help protect their guests’ personal information across payment channels

Documents
Mobile payment (m payment) 2013 2023

Mobile payment (m payment) 2013 2023

Economy & Finance