The ways in which we use credit cards are evolving more quickly than ever before, from new and improved rewards structures to payments through mobile apps and connected devices.
And the trend shows no signs of stopping as we enter a new decade. As these new ways to pay evolve, measures to protect the security of our personal payment information must evolve with them.
“As you get more innovative ways to pay, you want to make sure you’re not creating more innovative ways to boost fraud into the system,” says Jodie Kelley, CEO at Electronic Transactions Association.
Credit card issuers and merchants are not only searching for the fastest and most convenient solutions for customers, but also those that will make us feel more secure in making a purchase in-store or clicking to buy online.
Here are some ways today’s payments technologies will continue to evolve in 2020, and how you can do your part to keep your personal data secure.
Contactless and mobile payments
Credit card issuers continued pushing contactless cards in 2019, and the momentum won’t stop in 2020. Not only are new cards from many issuers now contactless, but some have even initiated the reissuing of contactless cards to current cardholders.
“Contactless helps solve a major pain point, because it not only addresses the need for convenience, but also for security, since contactless cards contain the same security features as chip payments – where payment information is encrypted and the purchase details are routed for added security,” says Tina Eide, SVP of global fraud and credit bust out risk management at American Express.
By the end of 2019, Visa predicts more than 100 million Visa contactless cards will be issued in the U.S.
This expansion doesn’t only extend to physical cards, either. According to Visa, more than 60 percent of in-store transactions take place at contactless-enabled terminals. Merchants can use these same points-of-sale systems that already accept contactless credit cards to also allow payments through mobile wallets like Apple Pay and Google Pay.
According to Mercator Advisory Group, the use of mobile wallets in the U.S. grew from 48 percent in 2018 to 60 percent in 2019, after a previous two-year decline since 2016.
“Mobile payments are tokenized, so when you make a mobile payment your credit card data itself is not actually being transferred or stored,” Kelley says. “The tokenized data is what’s transferred, and they’re encrypted and a lot of them are biometrically enabled, so it’s your finger or your face. Mobile is actually a highly secure way to make payments.”
As the world moves more and more online, Kelley says, “that transition online is only going to continue to be successful if you have confidence in it.”
More integrated experiences
Along with contactless and mobile wallets, a growing piece of the puzzle is integrated payment experiences, which you are likely already using when you call an Uber or Lyft or even place your coffee order through the Starbucks or Dunkin’ mobile apps.
“Payments are now becoming embedded and becoming part and parcel of a broader transaction,” Kelley says. When you call a car using a rideshare app, payment is embedded in the experience the same way finding a driver or choosing your destination is, she says.
“The thing that I’m trying to do [like calling a car or ordering coffee] gets easier and the payment component is embedded and simple.”
While these integrated experiences may not be new, expect them to become much more widespread and capable of simplifying your shopping experiences in the near future. And they won’t be limited to your mobile phone; integrated payments, secured through tokenization, are becoming increasingly available via wearables, cars, refrigerators, speakers and other devices across the Internet of Things.
Improving online security
Plenty of people still shop online via web browser or mobile and issuers and merchants are continuing to search for solutions to keep your information safe on the web.
According to the 2019 Digital Payments Survey from American Express, U.S. merchants estimated that over a quarter (27 percent) of their online transactions, on average, are fraudulent. That’s up from 18 percent of online transactions estimated in 2018.
Additionally, 79 percent of merchants say they feel vulnerable to fraud via web payments.
Through 2020, online shoppers will see more widespread use of the global industry-wide standard called Secure Remote Commerce, a new secure and consistent method of keeping information protected online. Using SRC, digital checkouts across the web, mobile sites and apps will be tokenized and uniform.
“The rollout of Secure Remote Commerce is a major step forward in creating a better, industry-wide digital checkout experience that puts cardmember experience and security first,” Eide says. “The SRC capability is starting to roll out with select U.S. merchants, with wider expansion planned for 2020.”
But you should take your own measures to protect your information’s safety, as well.
Always ensure the site you’re purchasing from is secure. Make your purchases using a credit card, rather than a debit card, so you have time to dispute any fraudulent charges before the money is removed from your account. If you store your credit card information on a site you frequent, be even more vigilant about setting strong passwords and updating them regularly.
Final push away from swiping
Much of the slow-moving adoption of contactless payments can be attributed to the often complicated and expensive process that merchants must undergo to implement the new systems that can process them.
In 2015, liability for instances of in-store fraud shifted from (in most cases) the credit card issuer to the party that had not yet adopted EMV technology, whether it was the merchant or the issuer. This helped give merchants the push many needed to take on the cost of switching to dual-interface point-of-sale terminals that can process EMV and contactless payments.
As of March 2019, 75 percent of merchants in the U.S. accept chip payments, according to Visa.
Because of their more complicated technology, fuel pumps were excluded from the original liability shift. But the October 2020 deadline for fuel merchants to make the switch or assume liability is quickly approaching.
That means that skimming at the pump, in which fraudsters obtain information from your card’s magnetic strip, will become more difficult to pull off. There are still ways that bad actors can get your information at the gas pump using a chip card, like shimming, but embracing new and more secure technology is one of the best ways to protect your data.
Already, national gas station chains like ExxonMobil and Shell allow customers to pay for fuel via payment-enabled mobile apps, forgoing any need for swiping or dipping at the pump.
“While merchants work to implement these new technologies, consumers should be taking the time to familiarize themselves with the new capabilities available to them, and the benefits to using these new offerings,” Eide says. Though they may be daunting, staying aware of the marketplace and the payment options available to you can be the best way to stay protected long-term.
“It’s a common goal,” Kelley says. “Security is positive for every participant in the ecosystem. This is one of those times where everyone is arm-in-arm marching towards the same goal.”