We are fast moving into a world of commerce in which payment for goods and services is conducted through a plethora of channels, none of them involving the traditional handing from one person to another of paper and coin. We can pay through our phones, from our wristwatches, by instant electronic transfer from one bank to another or by activating the bar code on a piece of paper that we’ve printed on an inkjet.
This of course is on top of checks and credit or debit cards, which already appear almost obsolete by comparison. Whilst in convenience terms this diversity of choice is wonderful, it does inevitably raise a whole lot of new questions about authenticity, when forgers now have the option of making bogus transactions not through one means but through a choice of several.
Big companies whose specialty it is work against time to manufacture the latest anti-fraud devices before they become redundant in the face of new challenges from the criminal world. For every code devised to protect against malign transactions there will be another being engineered to crack it. The authentication industry is forever locked in a struggle to remain ahead of the game.
Network Level Authentication
Also called NLA, this is a technology designed to ensure that a person initiating a transaction is the same person as in whose name it is being made. Wikipedia describes it as delegating “the user’s credentials from the client through a client-side Security Support Provider (which) prompts the user to authenticate before establishing a session on the server”. Specialist companies such as PAAY at https://www.paay.co/emv-3ds work year-round to keep it at the cutting edge and not in a position to be compromised by scammers. Authentication and attempts to circumvent it are issues of concern with businesses big and small, as well as with private individuals.
The Implications of Authentication Fraud for Small Business
In many ways the effect of dishonest behavior on the livelihoods of small business owners can be more devastating than for larger concerns, because income sources tend to be fewer and more concentrated. Thus they have every need of new technologies, which would certainly include such sophisticated capabilities as authentication not bound to a browser (known as out of band authentication) and biometric capability. As these become more widely used it is expected that, in time, they will fall within the price range of all small business people and private individuals.
The goal must be for transactions conducted through all channels to passively demand so much information from the customer that the potential for them to be fraudulent to all intents and purposes disappears. It can be adapted to most situations, whether first-person retail or telephone or online interactions. It is envisaged that the cost to small business will fast cease to be prohibitive and that its benefits will soon outweigh any such considerations. When this point is reached authentication tools could well guarantee the security from fraud that SMEs so desperately need.