Last year was an eventful year for business security and the payment industry. There were a number of high-profile data breaches, millions of user data comprised and huge fines imposed. To counter this, guidelines and regulations are being developed to make it easier (and clearer) for organization’s to protect their customers, as consumer expectations shift quite significantly.
Here are five top trends you should look out for in 2020:
The “Digital-First” Generation Will Hit Its Prime Spending Years
The views and shopping expectations of Gen Z and Millennials are crucial, as recent studies show Gen Z alone will account for 40% of global consumers alone in 2020. As the spending power of younger and “digital reliant” generations increase, merchants are faced with enormous digital expectations.
These could include something as simple as having a user-friendly and functional e-commerce stores, through to straightforward payment security and open communication channels with customer representatives, such as web chat and social media. It’s critical if businesses want to thrive in this current state and stay competitive, they fully embrace digital transformation within their shopping experience and adapt to changes in customer demands.
Organizations Issued Huge Fines Following Data Breaches
2019 was a record year for the number of data breaches and records exposed, according to a report from Norton Security. With GDPR in full effect, compromised organizations that were operating within the EU are now facing huge fines following long investigations from regulation bodies.
For example, the British Airway’s breach which included 500,000 customers landed them with a fine of $230 million, or the cost of two jumbo jets. Additionally, large corporations such as Macy’s are facing class action lawsuits from customers holding them accountable for stolen data. Evaluating where sensitive data sits within your corporate network should be a top priority for 2020, not just to protect your reputation but the financial impact of fines and lawsuits.
More Sophisticated Data Attacks
The different tactics involved when attempting to comprise network security are endless and growing in sophistication. In 2019, large amounts of personal and payment information have been available to buy on the Dark Web, highlighting there is a clear market for valuable and sensitive information and data.
Hackers and groups with malicious intent will be trying new ways to break through corporate security, analyzing any flaws available. Assessing your existing systems and processes should be an important step for your organization, especially for any old or legacy applications.
Fragmented and Delayed Rollout of Fraud Crackdown Legislation
As part of the latest Payment Security Directive (PSD2), the requirement for additional authentication methods on electronic card payments (also known as Strong Authentication or SCA), came into force in September 14th 2019. Several EEA countries, however, have approved delays on full implementation until 2020 and beyond.
Your customers may already be seeing new authentication methods across their debit and credit cards, as additional steps are being introduced to their shopping and payment experience. Although it’s a big step forward in protecting consumers from credit card fraud, a fragmented rollout across Banks and Gateways may be causing confusion. This is definitely one to keep a close eye on throughout 2020 and start the conversation with your payment services providers to understand the potential impact to your organization this year. Not sure what this is? We’ve got a handy guide explaining everything:
New Version of PCI-DSS Compliance
Version 4 of PCI-DSS compliance is not expected to land until late 2020. Although there are no fundamental changes planned to the 12 core requirements, the language used in some guidelines will change. The good news is it will focus more towards an “outcome based” set of security objectives, that will accommodate methods of achieving compliance which may be much broader.
According to Emma Sutcliffe, Global Head of Standards at the PCI Security Standards Council, this is to provide “more flexibility in ‘how’ the organization achieves the desired security outcome”. Not sure what PCI-DSS is? Take a look at our guide:
What are your business objectives for 2020 and how can Key IVR assist? We can help you navigate the minefield of payment security, upcoming trends and provide a smooth shopping experience that meets the expectations of even the most demanding customers. Talk to my team on +1 929 207 0116 or email us at firstname.lastname@example.org
Written by: Mark Kelly, Chief Commercial Officer at Key IVR