Answer Pay is sponsoring a mobile bill payments security roundtable to be held at 1.00 pm on the 23rd November. Its intention is to provide a platform for financial services technology and information security professionals to debate the consequential impacts of pay by link adoption across the industry.
The company’s decision to run the event comes against a backdrop of growing concerns within the information security community overuse of pay by link approaches to power bill payments from mobile phone apps.
Mike Chambers, Chairman of Answer Pay thinks it’s time the industry takes a closer look at the risks of pay by link to consumers before the ‘cat really does get out of the bag.’ He says, “With the best of intentions, banks and other financial services companies are enhancing their mobile apps to serve a growing demand for bill payments on the move. Pay by link is an obvious technical construct to explore to achieve that, but no matter how secure any given solution might be, the use of Pay by Link creates confusion for consumers who’ve been advised for more than a decade not to click on links. This industry direction places demands on the maturity and digital know-how of consumers to distinguish fake solutions from legitimate vendor tools and links.”
The timing of the ‘To click or not to click’ roundtable event is interesting: Just last month, Ofcom report on its own research into mobile security has found that, over the last three months, scam calls and texts have increased massively, with nearly 45 million people plagued by scams over the summer months.
According to this new research, around 82% – more than eight in 10 – said they had received a “suspicious message” either in a text, recorded message, or phone call to a landline or mobile. In a follow-up article, Katia Gonzalez, head of fraud prevention and security at BICS, said: “It is clear from this data that a fundamental rethink in approach is required.”
The roundtable will be hosted by Phil Cracknell, former Cabinet Office Cyber Security Lead, and notable CISO advisor.
Cracknell believes that the industry should be thinking hard about any decisions to adopt pay by link, regardless of the safeguards framed around it. “CTOs are under great pressure to bring bill payments to mobile platforms, but this ‘goldrush agenda’ by individual companies risks creating an industry behaviour that places consumers in an impossible situation.”
He adds, “Owing to the rampant growth in phishing attacks, security practitioners like me have been working tirelessly to discourage users to click on links that might not be safe. Now it seems we’re saying—‘You know how I’ve been advising you for years not to trust links, well some of them are now okay.’ I think it’s confusing and, my suspicion is, others would agree.”
The roundtable is open to financial services and payments professionals to gain an understanding of the debate. Additionally, it will take the opportunity to consider pay by link with alternatives such as Request to Pay.