Blog: Security vs. Convenience: The Online Payments Conundrum
By Sam Murrant, Datamonitor Financial
Payments providers have had it good for a long time in online commerce. High growth was guaranteed, and all that was really needed was the ability to accept card payments. Recently, though, online commerce has begun to approach saturation in Western markets, while fraud, competition and a more demanding consumer base are squeezing online payments providers.
To attract new consumers to online commerce—or to get existing online consumers engaging more fully with the medium—the industry needs to deal with certain challenges. Datamonitor has identified three major barriers to growth in online commerce: consumer preferences, access to online commerce and consumer fears over online security. Preferences are the largest barrier in most countries, with a total of 47.9 percent of Datamonitor’s survey sample saying that reasons of personal preference were the most significant factors in not shopping online. Generally, security concerns are the second-most significant barrier, followed by access.
The industry can expect the problem of access to be resolved as technology improves and more consumers gain access to online shopping. The main barriers for the industry to tackle are preferences and security—and as there is a balance to be struck between the two, they should be looked at together.
Striking a Balance
Improving the online shopping “experience” is mostly up to merchants, but the industry definitely has a role in making payments online as smooth as possible. The challenge is doing this while ensuring transactions are secure and competing with other payment tools for consumers, like digital wallets and electronic cash vouchers , for example. The consumer wants a convenient, smooth online experience, while the industry (which is, after all, generally liable for fraud) wants security. 3-D Secure, a protocol designed to be an additional security layer for online payment card transactions, is a good example of this trade-off: The system is theoretically fraud-proof, but it is not in practice and also is considered clunky to use, adding an extra stage to the checkout process and thus harming merchant conversion rates.
The trade-off is tricky to balance because the industry simply can’t ignore security, as online fraud remains a huge problem for issuers beyond the financial cost of reimbursing consumers. Datamonitor has found that 53 percent of online card fraud victims change their behavior in a negative fashion—using their cards less, canceling their cards or no longer shopping at the merchant where they believe their cards were compromised. Without strong security to address online fraud, issuers stand to lose customers or have their customers become less profitable because of fraud.
The sting in the tail is that consumers expect the industry to bear the responsibility of fighting fraud and to do it without disrupting the convenience of online shopping. Concern over security is a barrier for a significant minority, and these consumers will need to be reassured. But, while the majority of people are concerned about online fraud, this doesn’t stop them from engaging in online commerce. It may prevent some from shopping online as much as they might with no worries over fraud, but unless a consumer becomes defrauded they will tend to continue shopping online.
Fast and Effective Security
Innovative systems using biometrics, dynamic passwords or tokens can improve the security of online transactions, but if these systems add stages (or time) to the online checkout process, they will not be popular with consumers. Innovation for its own sake will not win the day. Consumers will not use a payment method just because it utilizes interesting or unique technology. Security at checkout needs to take no longer than entering a card number or password, be easy to complete and be more secure than simply entering a card number into an online form.
Identifying a consumer needs to be based on as little information that person needs to provide and as much as possible on who they are. Tools, such as GPS tracking of registered mobile devices, recognition of IP addresses and consumer profiles, built on data pertaining to their online habits should be used when possible to recognize users. Sensitive information, such as card numbers, should be encrypted or substituted for tokens to defeat hackers.
All this is just a baseline. These guidelines define what is needed to be viable in the current online market. Competition with other payment providers online will be fought along familiar lines—price, rewards, customer service—but the competitors will be those who can balance convenience and security effectively enough to remain in the arena in the first place.
Sam Murrant has been part of Datamonitor Financial, a research company focusing on financial services since 2012 and works as an analyst in the consumer payments team. His areas of expertise include online payments and the U.S. payments market. Sam’s most recently published report series is the Online Consumer Payments series, which is available to Datamonitor Financial subscribers at http://www.datamonitor.com/kc/fs/. He is also a regular contributor to Datamonitor Financial’s blog. Sam can be reached at [email protected].
If you’d like to comment on this blog post, please join the conversation on our Paybefore LinkedIn Group.
View our other posts here.