Secure innovative payment solutions that enable SCA compliance, interview with Jukka Yliuntinen, G+D

Most of the time, people consider contactless payments the use of contactless cards and mobile payments

Jennie Johansson Carnhamre from G+D talks to Jukka on secure and innovative contactless payments in different form factors, and how to securely authenticate the consumer when it comes to pay.

Is this idea of on-the-fly payments at any time from whichever device or solution the customer prefers achievable? If so, how?

Contactless payments need to be safe and secure. That comes without saying. But they also need to be transparent, inclusive, and foremost available. And here different form factors come into play.

Within contactless payments, mobile wallets have already become very important. Still, wearables such as wristbands, watches, rings and even clothing are on the upheaval. Contactless payment availability across these different form factors mean that its appeal is very broad.

Regardless form factor though, the key to securing these payments is tokenisation. With safe provisioning of payment credentials – tokens – contactless payments are secured at all touchpoints: be paying with your mobile at your favourite coffee house, using your digital wallet at the ecommerce checkout, or tapping your smartwatch at the POS terminal at Argos.

At G+D we offer the Convego® CloudPay Suite, enabling multiple use cases for secure tokenised payments. And in combination with our authentication solutions, we serve millions of customers globally, offering added value and brand loyalty throughout the whole payment value chain.

More specifically, our wearable payment enablement solution, Convego® CloudPay eSE – Juniper Award Platinum Winner two consecutive years, with 2021’s second place being Apple Pay for Apple Watch - enables secure tokenised contactless payments for among others icon watchmaker Swatch and their SwatchPAY.

Ultimately, contactless payments are all about choice. Consumers want the flexibility to pay with their preferred device. Therefore, having the ability to enable payments is an essential requirement. Supporting this while retaining strong security credentials, is critical.

Strong Customer Authentication (SCA) has presented several major challenges for the whole payments’ ecosystem; what solutions can merchants leverage to balance SCA compliance, costs, and UX?

It’s a crucial moment for the payments industry – from banks to merchants and all the layers in between – because to accept payments and meet SCA requirements, merchants will need to build additional authentication into their checkout flows.

G+D offers several solutions for this. For instance, our Convego® Mobile Authentication builds on FIDO specifications, providing SCA via mobile devices and their frictionless UX, using biometric options for user verification (face, voice, or fingerprint), providing a balanced combination of usability, security and reduced operating costs.

Another cost-efficient solution in our authentication portfolio is Convego® tap. With this solution consumers can use their existing, familiar, and well-trusted banking card as a secure and convenient authentication factor. Just by tapping their card on their NFC enabled mobile phone, SCA is utilised via already existing hardware i.e. the mobile device (banking app) and banking card, saving costs for inconvenient TAN/ OTP generators or apps.

How can merchants best leverage card-on-file tokenisation for an improved customer experience? And can this method eliminate the need for SCA?

With a card-on-file solution (CoF) supporting network tokenisation, merchants can offer secure payments without having to store sensitive customer data, avoiding or reducing the need for costly risk management tools, and removing the risk of data security breaches and cyber threats. Instead, a merchant can stay ahead of the competition by focussing on the core business and at the same time offer a state-of-the-art and convenient customer experience when it comes to fulfilling the payments at the checkout.

This is done thanks to optimised Card Lifecycle Management where the network token is decoupled from the funding card for automatic renewals, and as a result there is no need for the customer nor the merchant to update any card data if as/when cards expire as this is done automatically. Network tokenisation offers significant benefits over proprietary solutions:

1. Network Tokenisation covers a variety of use cases such as in-car payments, in-app, and mobile ecommerce payments;

2. Automatic token refresh at card renewal, no interruption to scheduled payments and no discontinuation of service;

3. G+D has partnered up with Netcetera in order to offer optimised security at the checkout. With our joint approach eCOM Tokenizer, we are enabling multiple payment brands and network tokenisation with a single integration – scalability and convenience!

Combine CoF network tokenisation with embedded SCA, the customer experience will be even more satisfying at the checkout. If SCA is already done when the consumer is logging in to the merchant’s app or online shop, the issuer can rely on that authentication and won't ask for another one for processing the transaction, increasing authorisation rates, fastening up the payment process, and making SCA seamless. We call this delegated authentication.

At G+D we are working proactively with the industry to set standards and secure transparency in the entire payment value chain, so that payments not only are secure, but they are also securing the customer too: we are offering options and enabling new ways to pay.

About Jukka Yliuntinen

Jukka Yliuntinen, Head of Digital Payment Solutions at Giesecke + Devrient, is well versed in identifying and delivering high performing, innovative, and business generating payment solutions for the industry, leveraging on his over 20 years’ experience in payment and identity technologies.

Jukka is also driving industry initiatives within the Mobey Forum, where he is co-chairing their Digital Identity. expert group. And as an expert in his field, he is continuously contributing to papers as well as giving keynotes on numerous conferences world-wide on digital payment and identification topics.

To find more about Yukka, check his LinkedIn profile page here: https://www.linkedin.com/in/jukka-yliuntinen-1576393/

About Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D) technology is unconsciously used by billions of people every day! With more than 700 global Banks putting their trust in G+D and our offerings, we enable secure and convenient transactions for everyday usage. Founded in 1852 in Leipzig as a printer of bank notes, now with HQ in Munich, G+D is a global powerhouse in payments - be via cash, card, or digital services.