Link to TEDx Billings video access, when available:
SECURITY OVER PROCESSING COST
As I spend time visiting with merchants, consumers and industry experts, I have realized that with recent security issues in the world of electronic payments, security has become more important and relevant than the cost of a transaction. The stakeholders are looking for solutions to continue to make payments easy and fast, but are also not willing to compromise security of the account holder nor the well being of the business in order to accept electronic payments.
Let's look at security first. Security is provided to the cardholder and the merchant in a traditional swipe payment scenario by requiring that the point-of-sale terminal be PCI DSS compliant. In other words, it must be able to secure cardholder data when the card is swiped and encrypt the data in order to create a more secure way to send that data to be processed for payment. In addition, new methods of payment that don't require a swipe, i.e. EMV chip based card technology and mobile payments, are allowing payments to be completed without having to swipe a card, and therefore eliminating certain fraud risks associated with the magstripe data on the back of a card. The payment industry has gone to great lengths to accomplish new ways to secure payments and will continue to implement new solutions.
Now, take pause and talk now about the cost of the security that is being developed, tested, and implemented. This price tag is large and continues to grow as the solutions become more complicated and evolutionary, requiring ongoing development and testing. Who pays for that cost? Well, let's be honest, it is the merchant, and then ultimately the consumer. The merchant has to recover the cost of new software and hardware they are required to utilize to secure the cardholder data. The merchant also has to remain PCI DSS compliant, which holds a price tag. In order to offset this expense, merchants are either raising the prices of their products and services, or passing on a surcharge to the consumers for using a credit card for payment. Is this a hindrance to the electronic payment solutions?
Consider the cost of a security breach, such as those that have recently occurred with some of our largest retailers, and then consider the cost of securing a transaction by incorporating the newest, most advanced security solutions in the payment industry. In a side by side comparison, it is really easy to see that the best, most cost-effective solution is to take the necessary measures to protect the payment data. In an overwhelmingly affirmative response, merchants and consumers agree.
So what is the answer to the question of security vs cost?? Merchants understand that one security breach could cost them their business, so security has definitely won its place as the priority for all parties. Finding ways to do this economically exist. It is a matter of finding a solution and making the change.