Mobile payments in general are a very tricky business, due to the vast range of payment options and channels available to customers (think Google wallet, Apple pay etc.). And out of all the technologies implemented by these payment applications, NFC (near field communication) gets a notable mention. Apart from creating a fast and convenient payment experience, NFC also lets mobile devices provide a range of services from unlocking car doors to sharing photos with others in close proximity.
Demonstrated by the number of high profile data breaches that have plagued the nation within the last year, payment data security needs to be the key priority to boost consumer adoption. NFC unfortunately serves only as a functional technology, and needs the aid of an additional security layer to deem foolproof. To counteract this issue tokenization has emerged as a new defense against mobile payment fraud. Listed below are a few features offered by tokenization:
- Flexible Security: Tokens are created for a simple fact that they cannot be used beyond its pre-defined purpose, thus are rendered useless to hackers trying to commit fraud by cloning the magstripe cards. Tokenization has also led to the rise of HCE (host card emulation), HCE is now being used alongside tokenization by banks to create their own payment apps without necessitating access to complex mobile storage and chips.
- Instant Use: Digitizing the payment cards for mobile wallets is a time consuming process and often involves review and approval process by the bank, which could take anywhere from minutes to days. Usually e-commerce checkouts involve additional steps as compared to a simple user signup process in mobile payments. Having to do both in transactions that are paid using mobile wallets takes a toll on the consumers and eventually affects the adoption of this technology. Tokenization has made it easy so that customers can sign up and be ready to pay within seconds – making it convenient for users.
- Minimal Pushback: Tokenization typically has no impact on physical NFC payment terminals as well as the processing side of payments. Retailers do not need to invest in new hardware or software and likewise issuers that implement tokenization have zero impact on their existing back-end technology.
In conclusion, it is important to keep in mind that although tokenization solves many security challenges, with the evolution of new fraud techniques securing payments is always going to be a moving target.
Reference: https://thenextweb.com/insider/2015/05/15/why-tokenization-is-the-key-to-mobile-payment-security/