ETA Processor Council Whitepaper on Mobile NOW AVAILABLE

May 30, 2014 –The ETA Processor Council’s latest white paper is available NOW to ETA members: https://www.etamembers.org/

“Better Security Through Mobile – ‘The One-Two Punch’ – Industry Best Practices”, marks the standard for advancing the deployment of mobile wallets through industry best practices that can make mobile payment transactions a robustly secure and reliable means of making payments.

ETA’s Processor Council is an active ETA committee, and the paper published today provides background and discussion points regarding card payment transactions, mobile payment transactions and a comparison of the two.

Key findings and takeaways from the whitepaper include:

Research on industry best practices related to authentication of mobile transactions. Examples include a fingerprint scan or confirming the consumer’s identity visually (the wallet software can communicate with the merchant via geolocation or Bluetooth and provide a picture of the actual cardholder for visual authentication).

A summary of mobile security industry best practices. The paper reveals industry practice that a mobile transaction require the user to provide at least three of the options of authentication – for example at least two ‘What-You-Have’ layers (e.g. phone or email verification) and at least one ‘What –You-Know’ layer (e.g. password for the mobile wallet or phone).

A comparison of various mobile use cases related to authentication, transmission (communication of cardholder information to the merchant point of sale) and credential storage (location of cardholder payment information). Examples include Near Field Communications, a mobile wallet model that keeps the payment credentials encrypted – thus making skimming and data theft more difficult and Cloud Flow at point-of-sale with physical interaction, which requires that the consumer present information to the merchant from a cloud-based wallet, which provide encrypted account information to the merchant via barcode.
Mobile transactions can deploy more sophisticated security than plastic card transactions, because:
§Mobile wallets provide security features that can mitigate fraud risks using technology not available in  plastic cards.

§  Mobile providers combine technologies that can lead to a powerful security solution.

§  Mobile wallets utilize the cloud and technology uniquely inherent to smartphones to communicate with merchants in more advanced and sophisticated ways than traditional plastic card or e-commerce transactions.

The ETA whitepaper concludes that in order to capitalize on the sophisticated technological capabilities of mobile devices and ensure security for consumers and other parties, requiring multiple authentication measures is a current industry best practice.

Read the whitepaper here: https://www.etamembers.org/

If you are an ETA member and need your login credentials, or you are interested in joining ETA, please email [email protected].