Credit card data loss gets new protector

Published on the 19/09/2019 | Written by Jonathan Cotton

Visa_COF_token credit card fraud ANZ

New Zealand becomes one of the first countries to move to COF tokenisation for digital payments…

In partnership with Visa, payments gateways Adyen, Bambora, Cybersource, Paystation and Windcave, have announced their commitment to the new ‘credential-on-file’ technology that Visa says will offer significant improvements in security, better CX and just maybe better conversion rates.

Simply put, COF tokenisation replaces card details such as account numbers and expiry dates with unique digital identifiers that are used for payment without exposing a cardholder’s sensitive information.

“Each token is merchant-specific, so can only be used with the merchant where it is stored, removing any incentive for hackers to try to steal the account data and decreasing the risk of data breach attempts,” says Visa.

“With the advent of open data… initiatives such as tokenisation will ensure consumer data is protected and held securely.”

Though it requires explicit authorisation from the consumer, COF brings with it several advantages. From the merchant’s perspective it can increase the likelihood of transaction authorisation and settlement (with no more lost payments due to expired customer credit card details) and fewer instances of shopping cart abandonment. For customers it provides greater transparency, a streamlined checkout experience and lower-effort subscriptions/repeat payments: Payment details won’t need to be updated with the merchant following card refreshes or in the event of a card being lost, stolen or expiring.

“The technology enhances consumers’ experience, enables retailers to retain consumer loyalty and protects all businesses from fraud,” says Riaz Nasrabadi, Visa’s head of product for New Zealand and South Pacific.

“With the advent of open data and the creation of new experiences based on data, initiatives such as tokenisation will ensure consumer data is protected and held securely.”

Visa has already deployed token service technology in New Zealand via its mobile banking wallet applications Apple Pay and Google Pay.

“In 2017, we enabled tokenisation on the Visa Checkout platform – Visa’s credential-on-file checkout solution,” says the payment tech company. “We have made Visa Token Service Application Programming Interfaces (APIs) available in Visa Developer – a platform of APIs that anyone can access [as] part of Visa’s long-term strategy of securing digital payments with the aim of ensuring all account data held outside of financial institutions is tokenised by 2020.”

That goal is part of Visa’s Future of Security Roadmap, a vision document which sees Visa improving New Zealand’s future payments security via four key ‘strategic pillars’:

  • Devaluing data by removing sensitive payment data from the ecosystem and making stolen account details useless
  • Protecting data by implementing safeguards to protect personal data and account details
  • Harnessing data by identifying potential fraud before it occurs and increasing confidence in approving good transactions
  • Empowering both account holders and merchants to play an active role in securing payments

“This commitment to drive tokenisation across the industry represents a win for New Zealand businesses, consumers, financial institutions and payments companies alike,” says Nasrabadi.

“New Zealand businesses, including retailers, are operating in an increasingly competitive and global landscape, in which every dollar not spent on addressing problems could be invested in business growth. The opportunity to enable this growth for Kiwi businesses is the motivation driving this cross-industry collaboration.”

Australian payment companies, including CyberSource, Adyen, Rambus, and Bambora, committed to rolling out COF tokenisation nearly a year ago. The Australian Payments Network’s Fraud Statistics for 2018 showed a decline in the rate of fraud for the first time since reporting of card fraud began in 2006, and noted the role of tokenisation in reducing fraud.

Post a comment or question...

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Follow iStart to keep up to date with the latest news and views...