Another article published by PYMNTS.COM causes me to reflect on a discussion I had last we at the Payment Summit organized by the Secure Technology Alliance. When the US Faster Payments work groups where stood up on e of the working groups focuses on security, yet no particular drive exists to protect the consumer of the corporate treasure from their account being hacked into by some phishing, vishing or other criminal act. Account takeover will become a much more interesting attack vector. Moneys will irrevocably flow out of the hacked account and to whatever account the criminal so directs them.
Key word real time gross settlement and faster payments depend on the irrefutability of the funds. once executed they instantaneously transfer to the receiving party. What is required is a concerted effort to implement strong multi-factor authentication, at least at the time the transaction is authorized by the sending party. Some will say the risk is no greater than what exists today when a consumer or treasurer executes a Wire Transfer or any form of transfer between two financial institutions. This maybe true. the availability and assumed convenience will as the article described lead to heightened risk.
As I have written in other blogs we need to embrace strong Multi-Factor Authentication. The standards exist, the security of the device in many case is present. Relaying parties need to decide security is worth the investment. They need to recognize the value of satisfying the consumers’ need to have access to their funds properly protected.