Trust and security in electronic payments.
Trust and security in electronic payments.
The importance of trust and the need for control Paying credit fees, buying through the websites of companies or a financial institution is something that has been available for a long time; However, the number of users who buy through electronic payments has not grown as expected in the same period of time, why is this? Mainly the lack of trust and suspicion about the security of payment systems.
The advancement of technology has been accompanied by new information security schemes to protect payment by electronic means; However, the sophistication of the techniques of deception employed by computer criminals have also been developed, forcing the maintenance of information security tools and protocols.
At present, the greatest risk is not in the electronic payment information systems, in reality it is in the lack of prudence and caution of the users because they still do not know this environment well enough to not be victims of deception and scams.
Online payment has two actors: information technology, which is the means to make electronic payment; and the person, who is the one who has the funds and who uses this means to make the payment. In general, what is related to information technology implies the effective use of the technological components that make up the environment through which the transaction is made, which includes equipment and programs to create a secure environment.
This environment has its own rules and procedures to navigate in it without problems. On the other hand, there are people who are clients of the financial institution and who have access to carry out transactions with their money in this technological environment. Sometimes, the customer is the weak link in the information security chain because they do not have a good understanding of the risks inherent in this environment, or because the functionality that has been made available to them is not fully known.
Cybersecurity and digital attacks.
The transition to the digital economy obliges companies to develop customer-centered strategies, without forgetting the security requirements necessary for the relationship with him in this new context. Electronic transactions are made without interpersonal contact, which necessitates the use of mechanisms to authenticate with whom contact has been made and exchange information in a secure manner.
Information security in payment methods can be categorized into three areas:
1) The security of information systems, which includes technical infrastructure and security control and monitoring components;
2) The security of the transaction, which includes the secure payment process according to the specification of rules and functional and technical characteristics of the transaction; Y
3) The legal framework for the operation of electronic payment in financial and commercial entities.
Among the security mechanisms used is the access control based on the identification and authentication of the person, which implies that not only does the user have the access password, but also has a unique additional element that can be a numerical token or a biometric element, such as the fingerprint.
The prevention of unauthorized capture or modification is part of the confidentiality and integrity of the data, respectively, which considers information encryption schemes.
The attacks to which the electronic payment may be subject are linked to deceit schemes to obtain access information to your account and thus violate access to your money.
Among the most used schemes is the “mask” that shows a simulated page and the financial institution that deceives the user and motivates them to enter their user code and the corresponding password, and access to accounts based on this control scheme may be violated.
It is important that users of payment methods are aware of the risks that exist in this context and the ways in which these risks can be mitigated; In this sense, financial institutions have an opportunity to contribute to the education and alertness of their clients. Electronic payments are the ultimate proof of confidence in the electronic transaction environment on the internet.
The adoption of these payment mechanisms depends on the confidence in the security contemplated in its design, on the client's understanding of its operation, and on the reliability of the system and its controls implemented for the transactions it has.
