Insight Report: Security in Consumer Payments and Retail Banks

Pages: 32 Published: May 19, 2015 Report Code: VR1152MR

Threats to the payment ecosystem have evolved due to the increased digitization of banking. Fraud mechanisms have moved from forging checks to stealing consumers’ digital identities or penetrating retail banks’ networks. Cyber criminals are organized and innovative, and carry out targeted attacks to exploit the vulnerabilities of digital networks. While banks’ inter-connectivity improves service delivery, it can also leave them exposed to cyber criminals. Instead of attacking banks directly, however, cyber criminals tend to exploit banks’ relationships with merchants, third-party vendors and customers, whose platforms tend to have lower levels of security than banks. During 2010–2015, the number of indirect and systematic attacks has accelerated, raising questions as to whether banks can keep security systems one step ahead of perpetrators.

Banks and cyber criminals operate differently. Cyber criminals use creativity to cheaply and effectively penetrate and breach banking networks. Banks, however, tend to use reactive approaches, limited by their size and operating costs. In addition to external threats, security breaches can result from insider events. Employees are considered trusted entities with access to privileged information, and while some banks spend millions on securing their networks from external threats, very few include insider events in their threat assessments. The tendency to keep failings in-house makes banks vulnerable. In order to counter cyber criminals, retail banks need to shun the perimeter-defense approach and devise strategies for the smarter implementation of risk-management tools.


Analyzes of the methods cyber criminals employ in major attacks on retail bank payment systems

The key challenges faced by retail banks globally in defending consumer payments

Analysis of the initiatives taken by retail banks to secure their payment infrastructures

An exploration of whether context-aware security can help banks balance the demands of consumer convenience and security

Detail of major instances of cyber-attacks on payment systems between 2012 and February 2015

An analysis of the various security measures and tools adopted by retail banks to lower instances of fraud, along with a consideration of their impact and any weaknesses exposed

The key security concerns relating to outsourcing processes

A snapshot of vendor management best practice

An examination of the increasing role of biometrics and tokenisation in securing payments in the global retail banking industry

Analysis of the future options in payment security

Key Highlights

What combined factors enable cyber criminals to mount their attacks more rapidly than retail banks can anticipate them? Why do banks tend to lag behind in their response?

Where do banks focus most of their efforts to stop cyber threats? What does the report consider a more effective method of protection?

What should retail banks implement to attempt to defeat systematic attacks? What are the three key factors currently hindering the successful adoption of this approach? Which current tactic is unlikely to be sufficient in this ongoing confrontation and why is this so?

What else is identified as a major threat to data security? Why is this threat consistently underestimated in the retail banking industry? Which traditional characteristic of industry dealings reinforces this situation? Why is the response to this threat significantly under-resourced?

What is the internal operational balance that confounds retail bank responses to cyber threats? How can this be changed in the context of competition in customer experience and ultimately alter market perceptions of bank processes?

Reasons to Buy

Assess your organization’s ability to combat cyber crime through an understanding of current cyber-threats in the global payments market

Investigate how banks across the world are trying to limit instances of cyber-attacks and fraud

Identify how successfully these tactics have been adopted to evaluate whether your system of defense is as equally robust as those of your competitors

Analyze insights into the impact of current security tools on various cyber threats whilst assessing their innate strengths and weaknesses

Identify the key factors contributing to the current perception of retail banks lagging behind cyber criminals. Utilize this information to initiate a comprehensive review of your systems and processes

Gain insights into the difficulties of controlling targeted cyber attacks and position your levels of risk in a global industry context

Analyze new approaches intended to limit instances of cyber-threats and fraud

Evaluate how context-aware security can help you improve security without compromising your customer relationships through any associated negative impact on consumer convenience

Key Players

JPMorgan Chase
Bank of America
Wells Fargo
Target Corporation
Signature Systems
Home Depot
KB Kookmin Card
Lotte Card
NH Nonghyup Card
Kaspersky Lab
Intelligent Environments
Royal Bank of Scotland
Caixa Econômica Federal
Standard Bank
US Bank
American Express

Table of Contents

1 Executive Summary

2 Are Banks too Slow to Overcome Threats?

2.1 Increasing Threat for Payment Systems

2.2 Why are Banks Lagging Behind?

2.3 Banks’ Approaches to Tackling Threats

3 Outsourcing and Security Concerns

4 The Role of Biometrics and Tokenizaton in Payment Security

4.1 Biometrics in Banking and Payments

4.2 Securing Card Payments with Tokens

5 Balancing Security and Usability

5.1 Is Context-Aware or Progressive Security the Way Forward for Banks?

6 Defeating Cybercriminals: A Collaborative Approach

7 Appendix

7.1 Methodology

7.2 Definitions

7.3 Contact GlobalData

7.4 About GlobalData

7.5 GlobalData’s Services

7.6 Disclaimer

List of Tables

Table 1: Instances of Large-Scale Attacks on Payment Systems, 2012–2015

Table 2: Regional Deployment of EMV, Q4 2013

Table 3: Notable Cybersecurity Expenditure by the ‘Big Four’ US Banks

Table 4: How are Banks Protecting Clients?

Table 5: Potential Applications of Biometrics in Banking and Payments

Table 6: Tokenization and Card Payment Ecosystems

Table 7: Security and Usability Rankings of Key Technologies

Table 8: Perimeter vs Progressive Security

Table 9: A Collaborative Approach to Limit Payment Fraud and Cyber-Attacks on Banks

Table 10: Key Definitions

Table 11: EMVCo Worldwide EMV Deployment: Regional Definitions

List of Figures

Figure 1: Large-Scale Security Incidents in Banking, 2014

Figure 2: Key Challenges for Banks Related to Cybersecurity and Fraud

Figure 3: Card Fraud – the US vs Europe, 2010–2014

Figure 4: Trust Culture in Financial Services and E-Commerce Firms

Figure 5: Levels of Risk in Various Outsourcing Models

Figure 6: Vendor Management Best Practice to Limit Security Concerns

Figure 7: Importance of Biometric Identification – the Consumer Perspective, 2014


Can be used by individual purchaser only


Can be shared globally by unlimited users within the purchasing corporation e.g. all employees of a single company

Get in touch to find out about our multi-purchase discounts
Tel +44 (0) 20 7947 2960

Every customer’s requirement is unique. We understand that and can customize the report basis your exact research requirements pertaining to market insights, innovation insights, strategy and planning, and competitive intelligence. You can also avail the option of purchasing stand-alone sections of the report or request for a country specific report.

Still undecided about purchasing this report?

Request a Free Sample


“The GlobalData platform is our go-to tool for intelligence services. GlobalData provides an easy way to access comprehensive intelligence data around multiple sectors, which essentially makes it a one-for-all intelligence platform, for tendering and approaching customers.

GlobalData is very customer orientated, with a high degree of personalised services, which benefits everyday use. The highly detailed project intelligence and forecast reports can be utilised across multiple departments and workflow scopes, from operational to strategic level, and often support strategic decisions. GlobalData Analytics and visualisation solutions has contributed positively when preparing management presentations and strategic papers.”

Business Intelligence & Marketing Manager, SAL Heavy Lift

“COVID-19 has caused significant interference to our business and the COVID-19 intelligence from GlobalData has helped us reach better decisions around strategy. These two highlights have helped enormously to understand the projections into the future concerning our business units, we also utilise the project database to source new projects for Liebherr-Werk to use as an additional source to pitch for new business.”

Market Analyst & Management, Liebherr-Werk

Your daily news has saved me a lot of time and keeps me up-to-date with what is happening in the market, I like that you almost always have a link to the source origin. We also use your market data in our Strategic Business Process to support our business decisions. By having everything in one place on the Intelligence Center it has saved me a lot of time versus looking on different sources, the alert function also helps with this.

Head of Key Accounts, Saab AB

Having used several other market research companies, I find that GlobalData manages to provide that ‘difficult-to-get’ market data that others can’t, as well as very diverse and complete consumer surveys.

Marketing Intelligence Manager, Portugal Foods
Financial Services
Cloud Computing in Banking - Thematic Intelligence
$1,950 | March 2023
Financial Services
JI Accident & Fire Insurance Company Limited in Japan
$0 | March 2023
Financial Services
Gig Economy in Insurance - Thematic Intelligence
$1,950 | March 2023