TMCnet News
Tokenization, the New Security Standard for Mobile PaymentCARTES SECURE CONNEXIONS 2015, the show dedicated to secure solutions for payment, identification and mobility, is organising three conference sessions on tokenization. E-payment systems are rapidly evolving, which shows that the industry is ready to meet the demands of portable device users. The emergence of new types of service providers, such as Token Service Providers, would suggest that the scope of tokenization goes much further than payment. During three conference sessions on "Navigating the mobile contactless payments landscape" - to take place between 17 and 19 November- we will look at this ever-growing security procedure and the relevant strategic issues; how it is making its way into the scope of payment and its potential future in other sectors. A large number of exhibitors will be presenting their innovations in terms of tokenization during this 3-day event. Tokenization: the natural evolution of secure payment How has tokenization evolved to become a secure solution for electronic payments? For a long time, it has only been possible to "physically" pay for something in a shop, by inserting your card into a card terminal (for card present transactions). However, the emergence of two phenomena has shaken this model:
Given that the number of virtual transactions is increasing considerably, new technologies -for example, NFC, Bluetooth LowEnergy, QR codes and HCE- have had to rise to a number of challenges, particularly in terms of security. Tokenization is a process which is part of this development in payment systems and it consists in replacing sensitive data with substitute data to make electronic transactions more secure. The most representative example is the use of a token instead of a bank card number (or PAN). By using a token rather than a PAN, it is possible to limit the damage caused if the security system is breached and details of payment are revealed. In the future, users may not even be able to differentiate between card present and card not present transactions and user identification used will vary, depending on the type of terminal and network used and their preferences (consumer or retailer). The token: fail-safe protection against hackers Tokens are used to substitute sensitive data. They are not related in any way to the data they replace and hackers cannot read any of the data substituted. Tokenization can reduce the risk of using sensitive data online, for example in the event of data theft or misappropriation. It is in this context that tokenization comes into its own. The developers and users of payment systems seek the following security benefits:
EMV has shown how effective it is in fighting against fraud in card present transactions: apart from "chip and pin" transactions, the PAN may only be used if the card is physically presented. The situation is, however, completely different for card not present transactions and the level of fraud is increasing in this use. Despite an array of measures designed to secure these types of transactions, the best way to fight against fraud is to have a secret PAN. In the case of cross-channel transactions, which may be in a store or online, the card data obtained fraudulently, via a faulty payment terminal, may be used for card not present transactions on the Internet. This is where the token plays a key role, as even if the security system is breached and the payment details are unveiled, the damage is limited since the token value is revealed rather than the PAN that it replaces. For card not present transactions in particular, tokenization offers the best features in terms of security. However, other security measures such as readers or terminals must also be implemented since tokenization alone cannot totally guarantee security. From payment to a new scope: the omnipresent token The launch of Apple (News - Alert) Pay in September 2014 has strongly affected the mobile payment ecosystem. This offer has three main characteristics:
Apple's announcement came at the same time as the announcement made by Visa and Mastercard who gave their approval of tokenization as a security solution for transactions, particularly card not present transactions. A few months earlier (March 2014), EMVCo issued a document entitled "EMV Payment Tokenization Specification - Technical Framework" which inspired the Apple Pay solution. The rapid innovation of payment systems is unprecedented. It shows that the industry is rapidly evolving to meet the demands of portable device users - primarily the Smartphone - who believe that this device is fully adapted for transactions carried out online or at home. New types of service providers are emerging, such as Token Service Providers, which complement the already wide range of suppliers of components and applications. This is particularly important since the scope of tokenization goes beyond payment. The health sector, like the payment industry, relies on security access devices to identify a lot of individuals. It therefore represents a strong candidate for new generation tokens. Tokenization at the heart of CARTES SECURE CONNEXIONS 2015 Payment is a complex and rapidly evolving area. The ever-growing mobile ecosystem is crossing and integrating into more industry segments than ever before. Tokenization is an alternative to hardware solutions used to date for secure transaction payments. From 17 to 19 November, CARTES SECURE CONNEXIONS places mobile contactless payment under the spotlight at three day-long sessions on: "Navigating the mobile contactless payments landscape".
This is an opportunity for participants to look into the latest technologies on the payments market (for example, NFC, HCE, SE and tokenization), to discuss how the mobile is creating new ways to pay and to assess the new players and trends. Several companies* which specialise in tokenization will be presented at CARTES SECURE CONNEXIONS:
* Non-exhaustive list of exhibitors working on this topic.
MOBILE CONTACTLESS PAYMENTS CARTES SECURE CONNEXIONS Book your dates: 17-19 November 2015 Register to visit the show: http://www.cartes.com/Show/Attend-the-show
Request press passes: http://www.cartes.com/Press/Ask-for-your-accreditation2 For more information, please visit: www.cartes.com
SEE YOU AT THE NEXT EDITION About CARTES SECURE CONNEXIONS CARTES SECURE CONNEXIONS, the world's most comprehensive event for Secure Payment, Connection and Identification changes its name this year to TRUSTECH. The global TRUSTECH Network also organises leading exhibitions and conferences in Asia and North America. With an ambitious programme of exhibitor stands, conferences and awards and a focus on innovation, CARTES SECURE CONNEXIONS 2015 confirms its position as the leading global event in the sector. In November, 460 exhibitors and 20,000 visitors from the Finance, Retail, Telecommunications, Government, Healthcare, Transport and many other sectors, from 160 countries, will converge on Paris to explore the way our digital world will evolve. For further information or to register, go to: www.cartes.com. For further information: www.cartes.com
CARTES SECURE CONNEXIONS is organised by COMEXPOSIUM. *Source (News - Alert): GLOBEX 2012
View source version on businesswire.com: http://www.businesswire.com/news/home/20150617005845/en/ |