Between skimming, phishing and exploitation of cloud data, fraudsters are doubling their ingenuity to circumvent security systems. Strengthening payment security measures and updating the PCI DSS standard are becoming essential… Here are some ideas to consider.
From Jean-Philippe decline, CCO du groupe and CEO EMEA/WIDE of Castles Technology
With the evolution of technologies, the payment sector has been transformed in recent years. Today, consumers are more willing and open to new, faster and easier forms of payment. However, hackers are leveraging emerging technologies, such as blockchain and artificial intelligence, to break through security barriers and make it more difficult to detect and stop.
Certification PCI DSS (Payment Card Industry Data Security Standard) is an important standard for securing credit card transactions, but it is no longer sufficient to effectively curb fraud.
Cybercriminals are innovating day by day, and are developing new, very sophisticated hacking techniques, such as skimming and phishing. These new threats make it necessary to implement complementary measures, such as the use of tokenization, multi-factor authentication, and enhanced security solutions, such as artificial intelligence and behavioral analysis.
Credit card payment fraud and its future
In 2023, fraud linked to credit card payments represented a total amount of 1.2 billion euros in France, with a notable increase in scams emanating from consumer manipulation. Shopping centers and physical stores are particularly targeted, as fraudsters seek to exploit busy times to clone cards or access sensitive information.
In fact, the future of payment terminals relies on the integration of advanced security technologies, including multi-factor authentication (MFA), artificial intelligence (AI), and behavioral analysis. Multi-factor authentication adds an additional layer of protection, requiring confirmation of the person's identity through a code or biometric functionality (fingerprint, facial recognition). AI and behavioral analytics can detect anomalies in real-time, analyzing user habits to identify suspicious transactions and block fraud before it happens.
These developments will transform the payments experience, making transactions more secure while remaining seamless for users.
Recommendations on how PCI DSS certification should be updated
Payment fraud has significant consequences. For customers, this means loss of money and consequent administrative procedures. For banks, fraud-related complaints increase the financial burden and harm customer relationships. In addition, the reimbursement of the defrauded amounts directly impacts their financial results and their reputation.
In this context, PCI DSS certification must be updated to include more advanced security mechanisms adapted to modern threats. Here are some ideas:
1 – Strengthened multi-factor authentication :
Systems should require additional authentication methods, such as biometrics or sending temporary codes.
2 – Real-time monitoring via AI :
Adding artificial intelligence and behavioral analytics solutions would help detect and block suspicious transactions immediately.
3 – Better protection of data at rest :
Today, scammers are exploiting data storage vulnerabilities. PCI DSS should impose strict rules on the encryption and secure storage of all customer information.
4 – Prevention of attacks on cloud infrastructures :
As more businesses migrate to the cloud, PCI DSS could focus on specific standards to secure cloud payments.
5 – More frequent updates :
The current standard is updated periodically, but with cyber threats rapidly evolving, it is crucial to adopt a more frequent update cycle to adapt to new fraud tactics.
Faced with the increase in fraud, the vigilance of merchants, consumers and manufacturers is essential. Using secure payment terminals and good practices can significantly reduce risks. The entire payment ecosystem (schemes, banks, certification bodies, manufacturers, etc.) must continue to innovate to protect customers against this growing threat.
ALSO READ:
Cloud
Brake on the cloud
ALSO READ:
Newtech
Fraud based on AI is increasing: 5 developments to be aware of
