Don’t bank on IoT
Trading security for convenience
When we talk about the Internet of Things (IoT), we tend to envisage the vast opportunities available through connected devices. At the touch of a button we’re now able to heat the house for when we arrive home, remotely portion meals for our beloved pets, and even start the coffee machine while we’re in the midst of prying ourselves out of bed. Yes, the IoT revolution looks bright – but at what cost?
There’s no doubt that the IoT market has emerged at a rapid pace. By 2020, more than half of major new businesses will be using IoT in some capacity, and according to Gartner, investment in IoT and connected technology will rise to £429.01m. By the same date, IoT will encompass 26 billion devices worldwide, up from 900 million in 2009. Gartner also predicts IoT technology will be in 95 percent of electronics for new product designs. But, with the market emerging as quickly as it has, many manufacturers have created potentially vulnerable products, because they were not designed with high security in mind.
Barclays Digital Safety Index 2017 reports that 25 percent of UK adults has fallen victim to cyber fraud at least once in the past three years, and now smart homes represent a whole new area of attack. While the vulnerability of data produced by the IoT is a relatively new threat, the problem is expected to grow considerably over the next few years.
Proliferation of connected devices
Think about it – it’s January 2020. A consumer has several questionable transactions on their account. They’re dumbfounded. The fraudsters had all the correct details, so the purchases look legitimate. The consumer has been hit by “clean fraud”. Then the search for answers begins: When did they give out their card details or financial information? Could it be that someone else has passed on the information – a family member or colleague?
Then realisation sets in – the thermostat, the lightbulbs, the coffee machine – they’re all connected devices. The smart devices that have been connected wirelessly to the internet aren’t particularly secure, and it’s possible that the criminals have hacked into the devices and stolen personal information. Worse still, these criminals are making fraudulent purchases that appear legitimate to both issuers and merchants – costing all parties involved in the transaction.
Merchants and issuers must stay vigilant to this particular type of fraud, as cybercriminals increasingly make purchases through e-commerce sites with fraudulent payment information, or perhaps place purchases through someone else’s connected device without their knowledge. With so much room for error, merchants need to arm themselves against chargebacks – ensuring to use the latest technology to authenticate transactions.
In the next few years, the evolution of IoT will be a significant factor for the need to develop new security measures and methods. Emerging technologies like biometrics and blockchain could soon combat IoT fraud, and make authentication more secure, build trust between parties and devices, and reduce risk of collusion and tampering.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
There’s little doubt that the growth of IoT devices will precipitate an increase in fraud and chargeback disputes. The best way to protect against fraud and overcome the challenges of an increasingly connected world is to remain vigilant and use the most effective and up-to-date fraud prevention tools.
Neil Smith, Regional Head, Issuer Sales, EMEA at Verifi
- We've also highlighted six principles to secure the IoT
Neil Smith is Regional Head of Issuer Sales EMEA at Verifi. His role includes the expansion of Forters International business with specific focus on the UK and EMEA region plus the development, on-boarding of Retail banks and Merchants to the Forter ai Fraud and Risk solutions including all things PSD2 related. Neil has additional areas of expertise and product knowledge in Chip & PIN, PCI DSS and Loyalty Solutions . Neil has worked in a number of organisations where technology meets financial services and Merchant Services for over 27 years and has held a variety of Specialist, technical, commercial and leadership roles inclusive of Fraud, Risk and Compliance. Neil has held senior positions in VISA, Verifi and was also an Associate Member of a key business consultancy firm ‘The Business Performance Consultancy Group’ and ‘The International Investor’ Among others industry leaders.