How to manage the risks of contactless payment? A specialist responds

Thursday, November 19, 2020 at 11:43 AM

Casablanca – Contactless payment continues to grow in Morocco and around the world, particularly during this period of health crisis linked to the pandemic of the new coronavirus. With this strong enthusiasm, questions are raised about the risks of this method of payment and the supervision mechanisms.

Nasr-Eddine Belghiti, managing director and founder of IPRC, a company specializing in the remote management of automatic teller machines, provides clarifications on this subject in a statement to the MAP.
How do banking organizations manage the risks of contactless payment?

In addition to the security measures provided for traditional payment cards, banking organizations have put in place specific rules to limit the risks inherent in contactless payments, in particular by capping the amounts of payment per transaction (generally between 200 and 400 dirhams) and a limit on the number of contactless transactions without entering the confidential code, explained Mr. Belghiti.

If these parameters are exceeded, the customer will be able to make his payments by simply entering his confidential code for the exceeding of the number of transactions per period, he indicated.

And to continue that if the maximum amount is exceeded, the customer can use his card on a traditional payment terminal with entry of the code.

The same rules apply to contactless payments with a smartphone equipped with a contactless payment application which thus becomes a dematerialized version of the contactless bank card, noted Mr. Belghiti.
How is this type of payment supervised?

The contactless payment monitoring rules are similar to those adopted for the supervision of traditional bank cards, underlined the CEO of IPRC, specifying that the algorithms for detecting suspicion of fraud and the mechanisms for removing doubt are the same. Banking organizations define the criteria for reporting alerts for each type of card.

In the event of loss or theft of the contactless payment card (or of the smartphone equipped with the contactless payment application), the same mechanisms for deactivation or blocking of the traditional payment card are also valid, either with the bank issuing the card or operated by the cardholder on the bank’s website.

At the same time, Mr. Belghiti noted that the implementation by banks of automated solutions for the behavioral profiling of carriers allows them to instantly detect a large part of fraud attempts.

“However, according to our experience, the continuous intervention of humans and their contribution of expertise are essential for the efficiency of this value chain. Indeed, we note that more than 70% of cases of fraud are perpetrated between 22h and 6h in the morning and during the holidays, thus outside the hours of presence of the staff of the banks ”, he indicated.

As a result, argued Mr. Belghiti, a majority of local banking organizations have opted for a 24/7 electronic payment fraud monitoring service for all types of cards.

And to conclude: “As such, we point out that the Moroccan banking center has suffered from systemic fraud attacks which could have caused considerable financial damage if they had not been detected and contained by the vigilance of this continuous monitoring”.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.