Security Trends You (And Your Merchants) Need To Know About

Published on October 13 of 2019

Security Trends You (And Your Merchants) Need To Know About

As the payment landscape continues to evolve, so do the issues surrounding data security. By offering your merchants the latest in security and fraud detection/fraud prevention tools, you can help them keep one step ahead of the hackers. Here are five of the top payment security trends you should be aware of now and going into the next year.


Identity verification is a vital defense against fraud, but having to remember PINs and passwords at the checkout counter can be a frustrating and time-consuming exercise for customers. A study by AYTM Market Research for Visa found that “86% of consumers are interested in using biometrics to verify identity or to make payments.” In addition, 70% of consumers surveyed believe that biometric screening is easier than other identity verification methods, and that 46% of consumers think biometric methods are more secure than PINs or passwords.

Some of the biggest reasons for moving toward biometric authentication are speed, convenience, and security. Merchants who are able to securely verify a customer’s identity are far less likely to experience costly chargebacks due to fraud. As the technology continues to improve, expect to see more innovative and user-friendly solutions in the future, such as credit cards with embedded fingerprint scanners and POS devices with built-in voice and facial recognition systems.

Machine Learning and Artificial Intelligence

Millions of pieces of cardholder data and payment card information pass between merchant payment terminals and banks every day all around the world, giving cybercriminals round-the-clock opportunities to intercept that information and commit fraud. Safeguarding cardholder information requires technology that can scan transaction information and detect possible fraudulent activity in a matter of seconds.

Using artificial intelligence (AI) technology, banks use machine learning to “train” their software systems to recognize legitimate transactions—as compared to potentially fraudulent ones—enabling the software to learn the differences between them. As the software processes more and more transactions, it gets better at detecting fraudulent activity in real-time and helps prevent fraud before it occurs. 3D Secure 2.0 is an example of technology that reduces potential fraud by authenticating a customer’s identity before a transaction takes place. Cardknox’s support for 3D Secure 2.0 will give your merchants a powerful tool to fight fraud. Our mobile SDKs make it easy to integrate 3D Secure 2.0 technology with your merchants’ mobile- or browser-based system to create a shopping platform that’s also compatible with biometric authentication methods.

Tokenization and the Internet of Things

We live in an increasingly interconnected world. Millions of American homes are equipped with multiple electronic gadgets and devices designed to make life easier and more efficient. Digital assistants (smart speakers); video doorbells and security cameras; automated lighting and heating/air conditioning systems; “smart” TVs; laptops and tablets; gaming systems; smartphones; and even some refrigerators—all connected by the Internet of Things (IoT). And along with all that connectivity comes an ever-increasing need for security.

More and more consumers are comfortable making digital purchases using smartphones and other mobile and IoT devices. While EMV chip-card technology has significantly reduced the incidence of fraud for in-store purchases, digital transactions can still be at risk without the right security software. That’s where tokenization can make a difference.

Tokenization technology substitutes a single-use “token” for a customer’s payment card number during the transaction so the actual card number is not transmitted. If a smartphone, merchant POS system, network connection, or other IoT-connected device is hacked, the customer’s payment card data is not exposed. Cardknox developed a true tokenization system that not only encrypts sensitive data, but also assigns a unique transaction identifier. Each time a transaction is received, all card information is stored in our vault and the system sends a single-use token to the merchant’s payment website. For merchants who accept card-not-present payments, tokenization technology adds another layer of security to protect their customers and their businesses from fraud.

Account Takeovers On the Rise

An account takeover (ATO) is a type of identity theft that happens when a hacker gains unauthorized access to an account belonging to someone else and uses that information to commit further crimes. In the past, ATOs typically occurred at banks and other financial institutions. But now, because more and more consumers store their payment card information (such as card number, expiration date, CVC number, and billing and shipping addresses) on multiple e-commerce websites, personal accounts have become a favorite target of cybercriminals.

Fraudsters know that consumers tend to reuse the same username and password across different business websites, so when they obtain the login credentials for one website, they have the option to use that information to hack into the consumer’s account; try the login credentials on another one of the consumer’s accounts; or sell the login information on the dark web.

Although the best line of defense is for consumers to use unique usernames and passwords for all their e-commerce websites, merchants can help protect against account takeovers by implementing strong, multi-factor identity authentication steps for all their customers’ accounts.

PCI Scan Compliance

Payment Card Industry Data Security Standard (PCI DSS) guidelines continue to figure prominently in payment card security trends. System vulnerability scans help identify vulnerabilities and misconfigurations on a merchant’s website, and provide valuable information that improves protection against Internet hacking. Scans help pinpoint vulnerabilities within a merchant’s POS terminals and/or devices and network systems so that the merchant can address any potential problems. As technology advances and hackers continue to find new ways to compromise payment processing systems, PCI scan compliance will be even more important for merchants in all industries. You can help your merchants avoid the time and costs associated with network vulnerability scans by integrating PCI-ready POS terminals and iFields technology into your system. 

Future-Proof Your Business With the Right Security Technology

No one can see into the future, of course, but implementing robust security tools and measures will help merchants stay one step ahead of the fraudsters. Integrating with Cardknox ensures that you can offer your merchants the latest in cutting-edge security, fraud detection and prevention tools.


If you’d like to learn more about Cardknox, visit our website. Or click here if you’d like to know more about our suite of security tools and services.


Want to know more about this topic? Share your email address with us and we’ll send you the latest news and updates on our products and services.

There's always a lot happening at Cardknox.

Join our email list and you'll be the first to know.