News & Trends

Payment Security Evolves with Advances in Encryption

When cybercrime and data hacks grab headlines, we naturally become more attuned to the safety and security of all our personal data, and the technology we trust to protect it. Fundamental to the effort is data encryption, which we rely on to safeguard everything from website passwords and online-shipping addresses to credit card numbers used in on- and offline payments.

Data encryption uses complex mathematical operations to encode private information, rendering it meaningless to anyone without the means to decode it. The decoding process, known as decryption, requires a key—typically a long string of seemingly random characters, which served as a template for the encryption process, and which is necessary to reverse it. Once information is encrypted, it can be decrypted only by someone with the necessary key.

Of course, wherever there are codes, there are also code-breakers, so secure-payments technology and the encryption behind it continue to evolve in an effort to stay ahead of the criminals. Here are some recent developments in that arena:

In-Store but Insecure?

A recent survey from Transaction Network Services, a vendor of telecommunications- and payments-security services, found a decrease in the numbers of consumers worldwide who consider in-store credit card payments more secure than payments made online or by phone. In 2015, 57% of respondents felt their credit card data was more secure in-store, but the 2017 survey found that portion of the population has fallen slightly to 55%.

The survey further found a significant discrepancy in trust of in-store security among different age groups. Among the Americans surveyed, a minority (44%) of respondents over age 35 said they consider in-store purchases more secure than phone and web transactions, while a majority (61%) of respondents aged 18-24 consider brick-and-mortar purchases more secure.

Change in Your Digital Wallet

Security anxiety may be partially to blame for the relatively slow adoption of digital wallet technology, but ingrained habits and the fact that traditional card payments aren't especially difficult, may be equally responsible.

Digital wallets, embodied in smartphone apps from tech giants (Apple, Google, Samsung), credit card issuers (MasterCard and Visa) and merchants (Walmart Pay), use encrypted credit card info to allow "swipeless" payments at retail checkout with a wave of your smartphone.

Digital-wallet payments accounted for just 1% of purchases in 2016, and consumer adoption of the technology appears to have plateaued, despite significant investment in upgraded card readers that accept the technology. Apple, who leads the small field, hopes to boost usage of its Apple Pay wallet with an upgrade that will enable users to exchange instant payments via text message, in addition to making payments at checkout. Apple includes that functionality in its list of iOS 11 features, but it evidently wasn't ready for prime time when the upgrade was released on Sept. 19. Apple says it will be included in an iOS 11 update coming later this fall.

Locked-Down Phone

Scheduled to ship in November, the BitVault® phone (pre-order priced at 949 Euros, or roughly $1,140) takes mobile security to another level. It incorporates Blockchain, one of the most robust encryption technologies in use today. Developed to secure transactions involving Bitcoin, the virtual currency that's seen record valuations in recent weeks, Blockchain has been extended to a wide variety of data-security applications.

Blockchain generates unique encryption keys for every transaction, and records them in a distributed database—essentially placing multiple copies of each encrypted record across a computer network, in a way that lets them be viewed freely by anyone, but not copied or altered. If anyone could manage to decrypt and change one of the records, the Blockchain system would detect and correct it via comparison to other copies on the network.

Embedded Downloads, the company behind the BitVault, is marketing it to people who conduct business using Bitcoin and other virtual currencies, but the phone also uses Blockchain technology to encrypt all the information it transmits. You probably wouldn't want to use it for web surfing though, because its browser only connects to websites that adhere to Blockchain's ironclad security standards.

For now, at least, most of us are not Bitcoin tycoons, so a Blockchain phone is more than we need. But as mobile processor chips get more powerful (and better at battery management), it's not far-fetched to imagine a future in which such heavy-duty encryption is standard issue on all phones.

Data encryption standards will continue to evolve as long as there are criminals trying to hijack personal information.

Editorial Disclaimer: Opinions expressed here are author's alone, not those of any bank, credit card issuer, or other company, and have not been reviewed, approved or otherwise endorsed by any of these entities. All information, including rates and fees, are accurate as of the date of publication.
Sign up for helpful tips, special offers and more!
You're signed up!
Our system is undergoing maintenance and will be available again soon.