MFA Considered for Integral Role in the Battle Against Retail Fraud
30th June 2016|
The National Cybersecurity Center of Excellence (NCCoE) is currently undertaking the mammoth task of reducing the risk of online retail fraud in the US, seeking comment from the public and industry insiders. The NCCoE is exploring the potential of multi-factor authentication used in tandem with web analytics tools and contextual risk calculation to reduce fraudulent behaviour during e-commerce transactions.
Having identified multi-factor authentication as a safeguard against retail fraud, the NCCoE has opened a discussion with key industry players and stakeholders in order to develop a process which will protect online retailers and shoppers without inhibiting the retail process. It is believed that employing the assistance of the entire breadth of the incredibly varied e-commerce industry; the NCCoE can develop an effective strategy.
The NCCoE outlined their plans in their Multifactor Authentication for e-Commerce report:
“In collaboration with stakeholders in the retail and e-commerce ecosystem, the National Cybersecurity Center of Excellence (NCCoE) has identified that implementing multifactor authentication for e-commerce transactions, tied to existing web analytics and contextual risk calculation, can help reduce the risk of false online identification and authentication fraud.
“Consumers and retailers will adopt multifactor authentication mechanisms as long as they do not unnecessarily encumber the purchasing process or if they are applied evenly across the entire sector. Building on this collaboration with the business community and vendors of cybersecurity solutions, the NCCoE will explore methods to effectively identify and authenticate purchasers during e-commerce transactions and develop an example solution composed of open-source and commercially available components.”
Reaffirming the importance of creating a process which accommodates a simple customer journey, the NCCoE understands that retailers will be reluctant to employ any anti-fraud measures which may potentially deter customers from using their online services. The increased security and improved identity management process must not compromise the e-commerce experience, with all online retailers unwilling to jeopardise their stake in the $400bn industry.
The end goal of the project is to produce an NIST (National Institute of Standards and Technology) Cybersecurity Practice Guide for all e-commerce retailers, detailing the steps to securely and accurately identify and authenticate online purchasers. It will then be the decision of stakeholders how to implement the steps and suggestions, aligning them within the structure of the e-commerce site’s existing customer journey and retail portal.
A secondary purpose of the practice guide is to demonstrate the existence of current multi-factor authentication technologies and products which effectively manage identity authentication.
At ProofID, we provide a selection of fully managed identity management solutions for a wide range of different industries and sectors. By identifying next generation technologies, we can provide bespoke fully managed identity management solutions which perfectly complement your online services.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.