Tokenization will help instil confidence in the battle against fraud, according to a new report by the Federal Reserve Bank of Boston and the Mobile Payments Industry Workgroup (MPIW).
Payment tokenization, as described by the MPIW, is the process of randomly generating a substitute value to replace sensitive information. This system has been used in financial transactions to mask credit and debit card numbers, improving security.
“The security of mobile payments has always been a top concern and one of the main barriers to widespread adoption of certain mobile and digital payment technologies,” said Marianne Crowe, vice president of payment strategies at the Federal Reserve Bank of Boston and chair of the MPIW. “With the recent introductions of new platforms that use tokenization technologies including ApplePay, we are even more convinced of the need to evaluate the optimal approach to tokenization and determine how the payments industry can better coordinate efforts to protect consumers and businesses alike.”
It is thought that tokenization could also solve a number of issues related to mobile and electronic payment adoption. Susan Pandy, co-author of the meeting summary and director of payment strategies at the Federal Reserve Bank of Boston, said: ”What is new about tokenization is the need for interoperable, open standards, and the increasing desire to replace payment card or bank account numbers with tokens for point-of-sale, online, or mobile payments.”
However, the Federal Reserve also said that more effort is needed to help iron out some of the issues, with many industry players struggling with hurdles that prevent them adopting tokenization. A number of conflicting models are currently in development, including EMVCo, The Clearing House, the Payment Card Industry Security Standards Council and the Accredited Standards Committee X9, and terminology surrounding the field is inconsistent, leading to confusion.
To help battle these issues, the MPIW has said that it will form a new tokenization subgroup. This subgroup will investigate existing models, investigating the relative benefits of static and dynamic tokens, risk assurance levels and preventing the creation of fraudulent tokens, as well as issues relating to infrastructure, interoperability, and consumer usability.