866-997-4948(US-Canada Toll Free)

Insight Report: Security in Consumer Payments and Retail Banks

Published By :


Published Date : May 2015

Category :


No. of Pages : 32 Pages


Timetric’s 'Insight Report: Security in Consumer Payments and Retail Banks' provides insights into security threats to consumer payments, and the approaches taken by retail banks to counter them. It also:

  • Analyzes the methods of major attacks on payment systems.
  • Covers key challenges faced by banks in defending consumer payments.
  • Explores initiatives taken by banks to secure payment infrastructures.
  • Discusses emerging technology and its likely impact on payment security.
  • Explores whether context-aware security can help banks balance consumer convenience and security.
Executive summary

Timetric’s 'Insight Report: Security in Consumer Payments and Retail Banks' analyzes the growing threat faced by payment systems across the world. Following the increase in the number of targeted attacks, the payments industry is grappling with the question of whether banks can counter the sophisticated skills of cybercriminals.

Cybercriminals work in an unconstrained environment, enabling them to combine creativity and the latest technical expertise faster than banks can anticipate their attacks; as a result, banks tend to lag behind, constrained by their size and legacy systems. 

The report gives extensive details of the challenges faced by banks in dealing with cybercriminals. It also analyzes current security tools adopted by banks, along offers in-depth analysis of emerging technology in payments security. The report also explores the relationship of security with consumer convenience. The importance of context-aware and progressive security is discussed, as is the need for a collaborative approach from participants in the payment ecosystem to reduce instances of data breach and fraud.


  • The report covers major instances of cyber-attacks on payment systems between 2012 and February 2015.
  • It analyzes major challenges faced by banks in securing consumer payments.
  • It analyzes various security measures and tools adopted by banks to lower instances of fraud, along with their impact and weakness.
  • It covers security concerns related to outsourcing, and a snapshot of vendor management best practices.
  • It analyzes the role of biometrics and tokenization in securing payments.
  • It explores the future options in payment security such as context-aware/progressive security and unified approach from different market participant of payment ecosystem to limit cyber-threats and fraud.
Reasons to buy

  • Gain an understanding of cyber-threats in the global payments market. Is this something your organization is ready for?
  • Understand how banks across the world are trying to limit instances of cyber-attacks and fraud.
  • Gain insights into the impact of current security tools on various threats and their weaknesses.
  • Understand why banks are lagging behind cybercriminals.
  • Gain insights into why it is difficult to control targeted attacks.
  • Understand why a collaborative approach is required to limit instances of cyber-threats and fraud.
  • Gain insights into how context-aware security can help banks improve security without compromising consumer convenience.
Key highlights

  • Cybercriminals work in an unconstrained environment that enables them to combine their creativity with the latest technical expertise faster than banks can anticipate their attacks; and as a result, banks tend to lag behind because they are constrained by their size and legacy system.
  • Banks put in most of their efforts to stop cyber threats through making investments in security; for example JPMorgan Chase spent US$250 million on online security in 2014, with these expenditures to reach US$500 million by 2019. Yet according to Timetric, more collaboration is required to protect the industry from potential threat.
  • Systematic attacks need to be tackled with a collaborative approach to defeat cybercriminals. Individual banks, no matter how big, are unlikely to amass resources to fight targeted attacks on their own. While there is some collaboration, it is limited by cultural differences, the banks’ individual risk aversion, and the increasing modularity of banking systems. 
  • In addition to external threats, a major threat to data security emanates from insider events. More often, external threats attract the majority of budget consideration while insider threats are understated. “People with privileged information such as employees and contractors should be monitored more carefully. Nevertheless, organizations tend to rely on trust.
  • Issues for banks are also confounded by the need to balance security with usability. As the industry is moving towards an environment where banks compete on customer experience, the mechanics of payments should not be conspicuous to banks' clients; they should be seamless and secure. Market perception of trade off between security and usability can be changed with efficient use of technology.
Table of Contents

1 Executive Summary 

2 Are Banks too Slow to Overcome Threats? 
2.1 Increasing Threat for Payment Systems 
2.2 Why are Banks Lagging Behind? 
2.3 Banks’ Approaches to Tackling Threats 

3 Outsourcing and Security Concerns 

4 The Role of Biometrics and Tokenizaton in Payment Security 
4.1 Biometrics in Banking and Payments 
4.2 Securing Card Payments with Tokens 

5 Balancing Security and Usability 
5.1 Is Context-Aware or Progressive Security the Way Forward for Banks? 

6 Defeating Cybercriminals: A Collaborative Approach 

7 Appendix 
7.1 Methodology 
7.2 Definitions 
7.3 Contact Timetric 
7.4 About Timetric 
7.5 Timetric’s Services 
7.6 Disclaimer

List of Table

Table 1: Instances of Large-Scale Attacks on Payment Systems, 2012–2015 
Table 2: Regional Deployment of EMV, Q4 2013 
Table 3: Notable Cybersecurity Expenditure by the ‘Big Four’ US Banks 
Table 4: How are Banks Protecting Clients? 
Table 5: Potential Applications of Biometrics in Banking and Payments 
Table 6: Tokenization and Card Payment Ecosystems 
Table 7: Security and Usability Rankings of Key Technologies 
Table 8: Perimeter vs Progressive Security 
Table 9: A Collaborative Approach to Limit Payment Fraud and Cyber-Attacks on Banks 
Table 10: Key Definitions 
Table 11: EMVCo Worldwide EMV Deployment: Regional Definitions

List of Chart

Figure 1: Large-Scale Security Incidents in Banking, 2014 
Figure 2: Key Challenges for Banks Related to Cybersecurity and Fraud 
Figure 3: Card Fraud – the US vs Europe, 2010–2014 
Figure 4: Trust Culture in Financial Services and E-Commerce Firms 
Figure 5: Levels of Risk in Various Outsourcing Models 
Figure 6: Vendor Management Best Practice to Limit Security Concerns 
Figure 7: Importance of Biometric Identification – the Consumer Perspective, 2014

Make an enquiry before buying this Report

Please fill the enquiry form below.

  • Full Name *
  • Your Email *
  • Job Title
  • Company
  • Phone No. * (Pls. Affix Country Code)
  • Message
  • Security Code *