The volume of online payments has skyrocketed in recent years and shows no signs of slowing down. Analysis from Statista predicts that the total value of digital payments globally will reach $11.55 trillion by the end of 2024.
A key factor in this surge has been digital transformation of the financial services industry. In recent years, institutions have pursued a campaign of rapid digitization of services in a bid to meet growing consumer demands.
The speed, efficiency, and ease of online transactions makes it an appealing option for everyday consumers and businesses alike, ensuring seamless payment capabilities.
While this sharpened focus has delivered benefits for both providers and clients, there are still significant risks associated with online payments and financial services companies.
Cybersecurity-related threats have risen significantly for providers in recent years. According to cybersecurity firm Sentinel One, financial institutions reported the second largest number of data breaches in 2023 by sector.
Similar research into security risks from the International Monetary Fund found financial services companies lost $2.5 billion due to cyber attacks between 2020 and 2024 alone.
The use of distributed denial of service (DDoS) attacks against payment services has been a key threat for many organizations. This type of attack has been a long-running challenge for operators, with the US National Credit Union Association (NCUA) having raised the alarm on DDoS attacks five years ago, in 2019.
Payment services are beholden to strict regulatory requirements
Security incidents of any kind can be highly damaging for financial services institutions, leading to a drop in consumer trust and significant financial losses due to remediation and recovery costs.
In addition to these potential effects, financial services institutions can also fall foul of stringent regulations aimed at improving the safety of online payments.
The UK’s Payments Services Regulations, for example, requires operators to employ robust customer authentication practices for electronic payments.
Additionally, payment initiation service providers (PISPs) must also harness techniques to protect the confidentiality and security of a users’ credentials and personally identifiable information.
In the European Union, a piece of legislation known as the Payment Services Directive 2 (PSD2) requires PSPs to maintain strict cybersecurity practices. These rules apply not only to businesses operating within the union, but also those actively engaging with customers based in the region.
In mid-2023, the European Commission published draft legislation for the third iteration of the Payment Services Directive, PSD3, alongside drafts for a new Payment Service Regulation (PSR) specifically aimed at strengthening security practices for payment services providers.
In particular, the PSR legislation looks to reduce the volume of payment-related fraud, bolster broader security practices, and improve the reliability of payments.
Analysis of both PSD3 and PSR from EY shows that by building on PSD2, the new legislation will help create a safer operating environment for financial services institutions and consumers alike.
“Compared to PSD2, PSD3 and PSR increase the regulatory scope, demanding more providers to combat payment fraud, reduce reliance on cumbersome technical data interfaces, and overall removing obstacles for payment providers and consumers for safely using payment services,” the consultancy said.
Choosing the right payment provider is critical
With these considerations in mind, it’s critical that businesses implement techniques that mitigate risks for consumers. One approach is to remove the volume of sensitive customer information held to limit potential exposure.
A host of providers, including NatWest, have implemented such measures to reduce customer exposure while maintaining efficient services. NatWest’s Payit™ platform is a secure service that’s specifically aimed at protecting user privacy and curtailing the risk of fraudulent transactions.
You can find more information on the Payit™ platform and how it could benefit your business by visiting NatWest online.
Disclaimer
You will need to sign up to Payit™ terms and conditions and you may need to hold an account with us. Your business must be based and trading in the UK with a turnover above £2M. You must be 18 years or older. Fees are based on the volume and average value of transactions.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
What are AISPs and how can they enable better online electronic transactions?AIS technology offers instant access to bank-verified data, simplifying transactions and enhancing data security
-
How open banking is driving efficiency for finance teamsOpen banking APIs make near-instant payments and real-time insights possible without sacrificing security
-
Ease your data compliance headache with a modern payment systemRemoving the need to store bank account information for regular payments or refunds, firms can lean into open banking solutions like Payit™ by NatWest to greatly ease their compliance burden
-
What is open banking?Open banking empowers consumers to move money more flexibly, while giving fintech organizations the data needed to innovate in a crowded marketplace
-
Why payment technology is crucial to digital transformationOpen Banking solutions like Payit™ by NatWest can play a crucial role in modernizing businesses’ financial operations and customer experience
-
How APIs are transforming payment systems across the enterpriseAPIs are becoming essential to the future of financial services, with efficiency gains and other benefits available to any company that makes the leap
-
The customer knows best: How to ensure you’re delivering an effective digital payments experienceSponsored Tap into shifting customer trends with account information services that will give your business a competitive edge
-
Why Open Banking from a bank?Special Edition Harnessing the best of open banking allows enterprises to track spending in near real-time
