Technological innovations and sophisticated digital solutions have transformed the way we make transactions today. The emergence of digital wallets, auto-renewing subscriptions, and contactless card payments allows users to complete transactions instantly.
However, similar to every other innovation, frictionless payments carry their own risks. We can see an increase in malicious threat actors carrying out advanced phishing attacks on users to gain financial benefits. So it’s essential that security would stand at the forefront of all types of digital payment options.
For this reason, Cybernews talked with Tom Pilling, the Chief Risk Officer at Trust Payments – a company that ensures seamless commerce experiences, about the latest cyberthreats surrounding online banking and the best practices to secure frictionless payment methods.
How did the idea of Trust Payments come about in 2019? What has the journey been like?
The idea came about in 2019 when we rebranded to align with the current trends at that moment. We used the 24 years of experience behind the brand to build a product where trust is at the cornerstone of every transaction and in the DNA of our people and company.
It’s been a journey of success, growth, and determination, all underpinned by our unique ability to process billions of transactions each year safely and securely for our merchants.
Can you introduce us to what you do? What methods do you use to make payments secure and easy?
Our cutting-edge platform brings storefront, payments, loyalty, and data management together in one flexible and secure solution. With the recent launch of our eCommerce platform, Stor has added an innovative solution that offers merchants end-to-end online shopping tools.
We use artificial intelligence and blockchain for frictionless transactions, new application development, and risk management for our customers. We have a hugely dedicated and highly experienced fraud and risk monitoring team who can provide expert advice. We also have an efficient chargeback team that can guide customers through the latest card scheme rules, and help defend and avoid chargebacks in the future.
Our smart tools use artificial intelligence and authentication technology to detect fraud without compromising on conversion and profitability. Our platform delivers real-time insights across all payment channels with the use of dashboards and a 360-degree view is available for clients to help improve their offerings. Another state-of-the-art tool involves analyzing behavioral biometrics to help understand visitors’ behavior, improve scores, and detect social engineering attacks.
What cyber threats surrounding online banking do you find the most concerning at the moment?
Since the start of the pandemic, we have seen a huge shift back to what can be described as traditional fraud. People were in frequent contact with financial institutions and large online retailers to discuss alternative arrangements in light of business closures which lead to consumers being confused and targeted by many phishing attacks. This resulted in large-scale online banking fraud.
We're seeing an increase in destructive malware, data wiping, and the disruption of files, systems, and accounts. Criminals are targeting online banks because of the large amounts of money and sensitive data available. Although security measures are in place, it continues to be a concern as attacks become more sophisticated.
How do you think the recent global events altered your field of work?
The pandemic was a major trigger for change. More recently, everyone at Trust Payments is saddened by the events in Eastern Europe. We have several colleagues who have been personally affected by the current plight and our thoughts are with everyone involved.
During this time, we have adapted our fraud and sanction strategy to rapidly meet new mandatory requirements. It is really important to communicate with our customer base as to what these sanction requirements mean in practice. We have had to block Russian-issued credit and debit cards and while this has put a strain on businesses that have financial dealings within Russia, we must continue to comply with sanctions and requirements laid down by the government.
Would you like to share some of the best practices eCommerce companies should adopt to prevent fraud and other cyberthreats?
eCommerce companies must speak to their acquirer and PSP about fraud prevention given they are managing vast amounts of business, client, and customer data. This will give merchants a holistic view to determine competitive advantages and pain points within their industry.
All good acquirers will have built-in or third-party fraud solutions that can provide more information about prevention and rules. Another sound practice is to always request to speak to the acquirer/PSP chargeback team in the event of a chargeback. They can offer advice on the necessary defense mechanisms to help combat these problems and prevent them from happening.
Talking about individual users, what security measures do you think everyone should implement to protect themselves online?
Security is imperative as frictionless payments grow in popularity. As fraudsters have increased their means of breaking through security protocols, businesses must ensure their payment gateway providers are compliant with the highest levels of security regulation. PCI DSS standards are a minimum, with two-factor authentication and other security measures helping customers feel safe when purchasing goods online.
Individual cardholders see a lot of changes to the way they make payments. For example, the ability to approve a transaction using biometrics and in-app approval solutions has been a really positive change. With this in mind, it is important for merchants to partner with payment service providers who use the most up-to-date technology to support these transactions.
Why do you think new business owners are often unaware of the risks they are exposed to?
For most new companies, payments and related decisions are crucial in navigating the digital nature of today’s business world. Business owners often lack the time, resources, and expertise in payment integration and technical setup.
From my more than 20 years of experience in payments, I advise merchants to understand and reflect before making this decision. They should have a sound understanding of the rules in place within the industry, fraud, and preventive practices as well as have their business needs clearly laid out.
How do you think the financial sector is going to evolve in the near future?
There have been different reactions to the regulatory and compliance needs of payment providers. What is crucial is that they would comply with those regulations while the granular details are discussed, debated, and updated.
The current shift towards a cashless society, as well as the focus on data and insights, clearly point to the fact that payment service providers will need to understand their role. A traditional payment provider will hold no value unless it can evolve into a fintech company and technology provider with innovation as its focus.
And finally, what does the future hold for Trust Payments?
The future is extremely promising. Trust Payments has recently obtained its FCA license and in turn, the card scheme licenses in the UK to back up its well-established European license.
While providing new services, it is also vital that we continue to support merchants in traditional payment services, including account-to-account, buy-now-pay-later, and crypto payments.
Providing banking services is also an integral part of our plan. We also aim to provide merchants with different banking solutions, including settlements via IBAN. Trust Payments’ recent acquisition of Stor further provides a wide range of solutions for our customers and further product offerings to our already wide and varying product suite.