The introduction of real-time payments increases risk for financial institutions, as they now have seconds instead of days to identify fraudulent transactions.
Earlier this week, Rambus announced the launch of its Payment Account Tokenization solution to secure account-based transactions, such as automated clearing house (ACH) and real-time payments. The solution will enable central banks and clearing houses to replace sensitive account numbers with unique tokens and reduce the impact of fraud for transactions including direct credit, direct debit and person-to-person (P2P) payments.
“Real-time” payments come at the price of not being able to do slower legacy risk and fraud management checks, particularly any manual checks often triggered by large batch processes which many ACH systems heavily relied on when there was a business day or more to investigate before the transaction cycle completed”, a spokesperson from Rambus told PaymentEye.
“Instead these systems need fast and secure automated checks, such as token domain controls, to provide an alternative level of assurance.”
Payment Account Tokenization secures card payments by replacing the valuable account credentials with a cryptographic token. This process significantly reduces the risk and impact of account-based fraud as the foundation of a safe and secure instant payments framework. When implemented by a centralized body, like a central bank, Payment Account Tokenization reduces fraud and enables key use cases like P2P, direct credit, and push payments in real-time.
By removing account numbers from the transaction process completely, tokenization can significantly reduce the risk and impact of account-based fraud and create secure real-time payments frameworks.
“In card payments, tokenization has already proven its effectiveness for securing (card) account data at rest, such as eCommerce card on file, and context specific (token domain controls), as used in Mobile Payments, including insuring the integrity of the underlying credential if a data breach exposes any token – only that one specific payment relationship is impacted, and only that one token needs to be replaced.”
“For (bank) account payments, with account numbers to protect on both sides, and the opportunity for both push (direct credit) and pull (direct debit) transactions, the same security properties from tokenization can be used to provide protection of the underlying account credential, and automated (token validity and domain) checks to protect both parties accounts during any transaction.”
Whitepapers
Related reading
Payments industry must adjust to heightened VAT reporting
New VAT reporting procedures will place an unnecessary burden on the payments sector, says Elie Beyrouthy, board member of the European Payments ... read more
New fraud reporting fields a burden for PSPs
Collecting data necessary for two new fraud reporting fields under the second Payment Services Directive (PSD2) could prove difficult for some Payment ... read more
Travel payments predictions 2020
By Jeremy Dyball, head of commercial, payments, Amadeus Just a few years ago it was customary to pay for travel with cards, ... read more
Open Banking raises fraud liability concerns
Banks and third-party providers may suffer from ambiguity in fraud accountability, according to members of the Open Banking scheme. Rachel Gentry, information ... read more
