DOCSLIB.ORG

Mobile Payments Security 101

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mobile Payments Security 101 GUIDE Mobile Payments Security 101 How merchants and mobile payment service providers can protect their users against mobile payments fraud. DEVELOPED AND PUBLISHED BY: CONTENTS Page 3 Executive Summary Page 27 Chapter 6 | Overview of Solutions Providers Page 4 Chapter 1 | Introduction Alaric Mobile payment methods Bell ID Mobile wallets Carta Worldwide Cybera Page 8 Chapter 2 | Mobile Payments DeviceAuthority Transaction Volume FIS Apple Pay InAuth Rival services Ingenico Mobile Solutions Jumio Page 13 Chapter 3 | Threats Kaspersky Lab Mobile malware MagTek Jailbreaking and rooting Omlis Native apps OneVisage Mobile payments fraud Payfone The Association for Authentify acquisition Financial Professionals ThreatMetrix Apple Pay fraud ValidSoft Veridu Page 19 Chapter 4 | PCI Compliance Verifone mPOS devices WiseSec Page 22 Chapter 5 | Security Technologies Page 39 References Point-to-point encryption (P2PE) Wi-Fi Tokenization EMV EMV and NFC Authentication technologies Published by Networld Media Group © 2015 Networld Media Group Written by Robin Arnfield, contributing writer, MobilePaymentsToday.com. Tom Harper, president and CEO Kathy Doyle, executive vice president and publisher Will Hernandez, editor Christopher Hall, managing editor, payments and technology group Tiffany Smith, custom content editor Mobile Payments Security 101 | © 2015 Networld Media Group 2 EXECUTIVE SUMMARY The popularity of banking and m-commerce on smartphones and tablets, merchant adoption of mPOS devices, the growth of in-app payments, and the emergence of mobile wallets and NFC-based point-of-sale payment services mean that ensuring the security of mobile transactions and the privacy of customers’ data is critical. Robin Arnfield This report provides guidance on how merchants and mobile payment MobilePaymentsToday.com service providers can protect their users against mobile payments fraud. Robin Arnfield has been a technology It reviews best practices for mobile payments security, such as: journalist since 1983. His work has • not jailbreaking or rooting smartphones; been published in ATM Marketplace, Mobile Payments Today, ATM & Debit • deploying technology to verify the identity of mobile devices used News, ISO & Agent, CardLine, Bank for m-payment transactions; Technology News, Cards International • replacing consumers’ card information with one-time tokens; and Electronic Payments International. He has covered the United Kingdom, • ensuring cardholder data is encrypted from the point of interaction European, North American and Latin with an mPOS device’s card reader all the way to the acquirer; and American payments markets. • installing controls on mPOS devices so only approved and secure apps can be downloaded by employees. Mobile Payments Security 101 | © 2015 Networld Media Group 3 CHAPTER 1 Introduction The popularity of banking and m-commerce on smartphones and tablets, merchant adoption of mPOS devices such as Square, the growth of in-app payments, and the emergence of mobile wallets and NFC-based point-of- sale payment services such as Apple Pay mean ensuring the security of mobile transactions and the privacy of customers’ data is critical. “Mobile and other connected devices are fast becoming the leading way for users to access commerce and banking services,” said Vanita Pandey, senior director of strategy and product marketing at San Jose, California- based ThreatMetrix. “Mobile is the biggest emerging opportunity and risk for businesses and financial institutions trying to deliver frictionless experiences to their customers. Continued growth of mobile payments and banking will lead to stricter rules and regulations to secure these transactions.” Mobile payment methods There are five main ways to carry out mobile payment transactions at the point of sale. MPOS MPOS transactions involve customers swiping or inserting their card into a card reader attached to a smartphone or tablet that connects to a payment network through a wireless link. NFC In an NFC transaction, an NFC-enabled smartphone communicates via an RFID link with a contactless transmitter attached to a POS device. The cardholder pays using a card held in digital form in a mobile wallet, which is stored either in a secure element on their smartphone’s SIM card or in the cloud using a technology called Host Card Emulation (HCE). At checkout, the consumer tells the clerk that he or she wishes to pay using a smartphone. The consumer opens the mobile wallet, selects the desired card and then taps the smartphone on the merchant’s contactless POS Mobile Payments Security 101 | © 2015 Networld Media Group 4 CHAPTER 1 Introduction terminal. The consumer’s payment credentials are retrieved automatically from the smartphone’s secure element — or from the cloud using HCE — and transmitted via NFC to the payment terminal. The advantage of HCE over secure element-based NFC is that, since HCE is supported by Google’s Android KitKat 4.4 operating system, it can run on any Android-based smartphone, not just on NFC-enabled smartphones. “Visa believes that (HCE) cloud-based mobile payments represent a significant opportunity to accelerate mobile payments globally,” said Rodrigo Meirelles, Visa’s senior director of digital payments solutions for Latin America and the Caribbean. Bluetooth Bluetooth low energy (BLE) is a protocol that enables Bluetooth-based smartphones and other mobile devices to communicate with BLE- based wireless transmitters known as Beacons. On entering a store, the consumer’s m-payment app senses a BLE Beacon and “checks in” to alert the retailer’s POS of the consumer’s presence. At checkout, the consumer tells the clerk to post the sale to his or her m-payment account, which is visible on the clerk’s POS terminal. The clerk verifies the consumer’s identity and completes the transaction. According to the Mobile Payments Today white paper “The iBeacon/BLE vs NFC Debate: Now the Truth,” which is sponsored by Pyrim Technologies, BLE transmitters are designed to continually broadcast a discovery signal. “Any app residing within a BLE-enabled (Bluetooth 4.0) smartphone can be configured to listen for these signals,” the white paper says. QR codes As an alternative to NFC, some m-payment service providers such as Starbucks and LevelUp offer QR code-based systems that store payment information in the cloud instead of the handset and can be executed on any smartphone. The LevelUp mobile app for iPhone and Android allows registered users to link their payment card to a unique QR code displayed within the app. To pay with LevelUp, users scan the QR code on their phone at LevelUp terminals located at LevelUp-accepting merchants. In addition, LevelUp also supports NFC and Apple’s BLE-based iBeacons. Cloud-based apps Several mobile payment providers such as PayPal offer apps that Mobile Payments Security 101 | © 2015 Networld Media Group 5 CHAPTER 1 Introduction communicate in the cloud with retailers at the point of sale without users scanning QR codes or tapping their smartphones on a POS terminal. PayPal’s app shows users a list of retailers who accept PayPal in a particular area. Customers use the app to check in with the merchant when in the store, tell the clerk they are using PayPal and then pay for purchases through their PayPal accounts. Mobile wallets Mobile wallets serve an array of functions. According to Mobile Payments Today’s Mobile Wallet Comparison Guide 2015, they provide a place where consumers store and organize coupons, loyalty programs, payment cards, tickets and any other kind of paper items that can be digitized. Other mobile wallets offer bill payment, comparison shopping, location- aware services, P2P payments functionality and social-media connectivity. Both Visa and MasterCard offer digital wallets for their issuing banks’ cardholders. In July 2014, Visa introduced Visa Checkout, an online payment service that replaced its previous digital wallet V.me in Canada, Australia and the U.S. By the end of 2015, Visa Checkout will be available in 13 additional countries, including Brazil, China, Malaysia, Mexico, South Africa and the United Arab Emirates. Visa Checkout enables consumers to enter their payment details once when they enroll and pay online with just a username and password. Consumers can enroll through their issuing bank, through participating retailer websites or at the Visa Checkout website, and they can link non- Visa payment cards to their Visa Checkout accounts. More than 110 merchants — including Gap, Neiman Marcus, Orbitz, Pizza Hut and Staples — have deployed Visa Checkout. MasterCard launched its MasterPass digital wallet in February 2013. For online purchases, MasterPass provides shoppers with a simple checkout process by eliminating the need to enter detailed shipping and card information for every purchase. At the point of sale, MasterPass offers cloud-based, NFC and QR code-based payments. In August 2014, MasterCard added support for in-app payments to MasterPass. Retailers can use an API to embed MasterPass as a checkout option within a mobile app, mobile website or desktop app, according to MasterCard. Mobile Payments Security 101 | © 2015 Networld Media Group 6 CHAPTER 1 Introduction Vodafone digital wallet U.K.-based telco Vodafone said in March 2015 that its customers soon will be able to add bank cards to their Vodafone Wallets and use smartphones to pay for goods and services at contactless terminals (http://www. mobilepaymentstoday.com/news/vodafone-partners-with-visa-carta- worldwide-for-contactless-m-payments/). Following agreements with Visa and payments processor Carta Worldwide (see Chapter 6, Carta Worldwide, page 27), bank card payments via Vodafone Wallet will be enabled in European markets from the second quarter of 2015 onward. The service, which requires a Vodafone NFC-enabled SIM card, will be supported on a wide range of Android smartphones. To use the service, customers will: input their bank cards to the Vodafone Wallet app, where an alias of each card is stored securely in the Vodafone NFC-enabled SIM card; confirm ownership of the card using Verified by Visa authentication; pay by tapping their phones against a contactless POS terminal; and check their mobile payment transaction history using their phones.
Load more

Recommended publications
  • MOBILE Payments Market Guide 2013
    MOBILE PAYMENTS MARKET GUIDE 2013 INSIGHTS IN THE WORLDWIDE MOBILE TRANSACTION SERVICES ECOSYSTEM OVER 350 COMPANIES WORLDWIDE INSIDE Extensive global distribution via worldwide industry events As the mobile payments ecosystem is becoming increasingly more crowded and competitive, the roles of established and new players in the mobile market is shifting, with new opportunities and challenges facing each category of service providers. Efma, the global organization that brings together more than 3,300 retail financial services companies from over 130 countries, welcomes the publication of the Mobile Payments Market Guide 2013 by The Paypers as a valuable source of information and guidance for all actors in the mobile transaction services space. Patrick Desmarès - CEO, Efma MOBILE PAYMENTS MARKET GUIDE 2013 INSIGHTS IN THE WORLDWIDE MOBILE TRANSACTION SERVICES ECOSYSTEM Authors Ionela Barbuta Sabina Dobrean Monica Gaza Mihaela Mihaila Adriana Screpnic RELEASE | VERSION 1.0 | APRIL 2013 | COPYRIGHT © THE Paypers BV | ALL RIGHTS reserved 2 MOBILE PAYMENTS MARKET GUIDE 2013 INTRODUCTION Introduction You are reading the Mobile Payments Market Guide 2013, a state- se and the way commerce is done. From a quick and accessible of-the-art overview of the global mobile transaction services channel for banking on the move to a sophisticated tool for shop- ecosystem and the most complete and up-to-date reference ping, price comparison and buying, the saga of the mobile device source for mobile payments, mobile commerce and mobile is an on-going story that unfolds in leaps and bounds within a banking-related information at global level. This guide is published progressively crowded (and potentially fragmented) ecosystem.
    [Show full text]
  • The Fintech Book Paint a Visual Picture of the Possibilities and Make It Real for Every Reader
    Financial Era Advisory Group @finera “Many are familiar with early stage investing. Many are familiar with technology. Many are “FinTech is about all of us – it’s the future intersection of people, technology and money, familiar with disruption and innovation. Yet, few truly understandFinancial how different Era an animal Advisory and it’s happeningGroup now there is an explosion of possibilities on our doorstep. Susanne and is the financial services industry. Such vectors as regulation, compliance, risk, handling The FinTech Book paint a visual picture of the possibilities and make it real for every reader. other people’s money, the psychological behaviours around money and capital ensure A must-read for every disruptor, innovator, creator, banker.” that our financial services industry is full of quirks and complexities. As such The FinTech Derek White, Global Head of Customer Solutions, BBVA Book offers a refreshing take and knowledge expertise, which neophytes as well as experts will be well advised to read.” “FinTech is reshaping the financial experience of millions of people and businesses around Pascal Bouvier, Venture Partner, Santander InnoVentures the world today, and has the potential to dramatically alter our understanding of financial services tomorrow. We’re in the thick of the development of an Internet of Value that will “This first ever crowd-sourced book on the broad FinTech ecosystem is an extremely deliver sweeping, positive change around the world just as the internet itself did a few worthwhile read for anyone trying to understand why and how technology will impact short decades ago. The FinTech Book captures the unique ecosystem that has coalesced most, if not all, of the financial services industry.
    [Show full text]
  • Fintech in Canada – British Columbia Edition, 2016
    FinTech in Canada British Columbia Edition 2016 British Columbia Edition Table of Contents Participating Stakeholders ......................................................... ii Foreword ................................................................................... iii Canada’s FinTech Opportunity .................................................. iv Executive Summary .................................................................. vi Types of FinTech ....................................................................... 1 FinTech Law ............................................................................ 15 FinTech in Other Countries ...................................................... 18 Stakeholder Views ................................................................... 32 Canada as a FinTech Leader ................................................... 39 Roadmap to Leadership ........................................................... 47 Authors & Contributors ............................................................. 48 Sources.................................................................................... 49 FinTech in Canada – Towards Leading the Global Financial Technology Transition Page | i © 2016, Digital Finance Institute; McCarthy Tétrault LLP British Columbia Edition Participating Stakeholders Approximately 30% of the stakeholders who participated in the FinTech Report elected to do so without attribution. FinTech in Canada – Towards Leading the Global Financial Technology Transition Page | ii © 2016,
    [Show full text]
  • In This Issue
    Welcome to the June edition of ACT News. This complimentary service is provided by ACT Canada; "building an informed marketplace". Please feel free to forward this to your colleagues. In This Issue 1. Editorial - the best and the rest 2. Wendy Maisey named as the recipient of ACT Canada’s 2015 Hero’s Award 3. Canadian parliament report recommends a ‘light touch’ in virtual-currency regulation 4. Rogers brings its Suretap wallet service to TELUS and Bell devices 5. CIBC First Canadian Bank to participate in Suretap(tm) open mobile wallet 6. Increasing security of mobile payments for Canadians with RBC wallet 7. VISA Inc. and VeriFone join forces to accelerate Omni Commerce globally 8. With new digital program, VISA drops token fees, offers issuers single connection to all services 9. Ingenico, Google partner on cross-border e-commerce pilot 10. FBI: ransomware nets criminals $18 million in bitcoin 11. GlobalPlatform enhances mobile device security 12. MasterCard to offer tokenization to CNP merchants 13. TTC to fully switch to PRESTO cards; will stop accepting tickets, tokens in 2017 14. Major HCE developments by Meawallet and Carta Worldwide 15. PayPal brings ‘one touch’ payments to Canada for faster checkouts 16. Giesecke & Devrient and Baimos technologies to jointly demonstrate the secure personalization of contactless smart cards via smartphone 17. Starbucks’ mobile order & pay poised to expand to UK, Canada and 21 more US states 18. UnionPay hits 5 billion issued mark 19. What is Android Pay and a comprehensive analysis of all its facets 20. AnywhereCommerce receives two more patents for EMV payment technology 21.
    [Show full text]
  • A Monthly Update on the State of Cross-Border
    DECEMBER 2015 POWERED BY A PYMNTS.COM REPORT ©2015 COVER STORY 2015: Digital Identity Takes Center Stage 2015 was a year in which the case for generating, securing and protecting the digital identity of a consumer was made abundantly clear. And, according to Martin Ferenczi, President/North America for global technology company Oberthur Technologies, a year where a lot of key “foundational” work was put in motion. Yet, he acknowledged, one in which the sophistication of the hackers only underscored the need for everyone in the financial services, mobile and security ecosystems and who are entrusted with authenticating the identity of a person, must step up and do more. Why The Anthem Hack Was More Dangerous Than Target’s Breach The year was barely a month old when the world was starkly reminded of how vulnerable all data is when hackers put their minds and their talents toward compromising it. The hack of health insurer, Anthem, put at risk a variety of personal information for some 80 million people. Names, birthdays, medical IDs/Social Security numbers, street addresses, email addresses and income data were all exposed, making the Anthem breach every bit as big as the Target breach of 2013. But potentially much more damaging. Credit card numbers, like those confiscated in the Target breach, allow fraudsters to commit fraud online until the issuers and processors get tipped off, mostly by consumers who call their issuers when they see fraudulent charges on their statements. Personally identifiable information like SSNs, along with names and address and birthday information, allow a fraudster to manufacture a brand new identity and do much more harm, unnoticed, for potentially much longer periods of time.
    [Show full text]
  • Retail Payments Innovation Global Industry Radar (GIR)
    Retail Payments Innovation Global Industry Radar (GIR) Competitively advantaged access to innovations and critical developments in Retail Payments Innovation from ICG’s unique global scanning capability GIR 004 / Edition 03 August 2016 Retail Payments Innovation GIR – In this edition Introduction An introduction to this edition and the featured contents 3 Top retail payments innovation themes A snapshot of the top current payments industry themes 6 Regulatory Update A summary of key regulatory developments impacting 60 the payments sector Key developments by region Organised by region, a review of payments innovation 65 and other notable news North America 66 South & Central America 78 Europe 82 Africa & Middle East 98 Asia 101 Australia & New Zealand 111 How we rate Innovation Quotient & Industry Impact An explanation of how we rate the Innovation Quotient 118 and Industry Impact across this GIR From the Insights Review Some topical payments article from ICG’s periodic 119 Insights Review More information from ICG More information about ICG and the 121 ICG Payments Practice Report contributors and subscribers Information about report contributors and the subscriber 126 organisations for this GIR Retail Payments Innovation Global Industry Radar – edition 3 © Internal Consulting Group 2016 2 Retail Payments Innovation GIR - Introduction Welcome Welcome to the third edition of ICG’s Retail Payments Innovation Global Industry Radar. Published three times each year this title is one of the growing number of Global Industry Radars (GIRs) produced by ICG to provide advantaged access to insights, innovations, developments and key sectoral activities across the globe. Available exclusively to one subscriber in each geography this GIR provides comprehensive worldwide coverage of what you and your team need to know about developments in the Retail Payments space.
    [Show full text]
  • The Competitive Landscape for Payments: a European Perspective
    The competitive landscape for payments: a European perspective March 2020 www.oxera.com The competitive landscape for payments: a European perspective Oxera Contents Acronyms 1 Definitions 2 1 Introduction 3 1.1 Scope and objectives of this report 3 1.2 Key findings 3 1.3 Structure of report 5 2 Economics of payment systems 6 2.1 Introduction and key messages 6 2.2 What is a payment system? 6 2.3 Economic characteristics of payment systems 7 2.4 How do networks compete? 12 2.5 Implications for competition between payment methods 18 2.6 This report: assessing competition 19 3 Trends reshaping payments 20 3.1 Introduction and key messages 20 3.2 What role do payment systems play in the modern economy? 20 3.3 Traditional payments value chain 21 3.4 Developments in technology, regulation and consumer preferences 22 3.5 Current value chain 29 4 Retail payment methods—market structure and different types of player 31 4.1 Introduction and key messages 31 4.2 Cash 33 4.3 Cheque 35 4.4 Credit transfer and direct debit and payment methods using interbank infrastructures 35 4.5 Cards 36 4.6 Entry by new providers of retail payment methods 38 4.7 Entry by providers of payment services using interbank processing infrastructures 39 4.8 Payment initiators 41 Oxera Consulting LLP is a limited liability partnership registered in England no. OC392464, registered office: Park Central, 40/41 Park End Street, Oxford OX1 1JD, UK; in Belgium, no. 0651 990 151, registered office: Avenue Louise 81, 1050 Brussels, Belgium; and in Italy, REA no.
    [Show full text]
  • Payments Cards & Mobile
    PAYMENTS INDUSTRY INTELLIGENCE March / April 2017 PaymCARDeS &n MOtBsILE IN THIS ISSUE Islamic Finance TIME TO GO MAINSTREAM? MARKET OVERVIEW PAYMENTS IN RUSSIA OMNI-CHANNEL WHAT DO RETAILERS REALLY, REALLY WANT? ·----· 1ngen1co • GROUP • 0 lngenico seamless payment module, for the next generation vending machines! Be smart, be self service! PAYMENTS INDUSTRY INTELLIGENCE Payments ·----· CARDS & MOBILE March / April 2017 1ngen1co • Volume 9, Issue 2 GROUP Production Team Alexander Rolfe Is the future of finance Islamic? Editor-in-chief and publisher • Tel (+44) 1263 711 800 [email protected] The narrative has changed. Did we consciously decide not to talk about it? Has the FinTech bubble finally burst or did market forces just begin to let some air out? Joyrene Thomas Staff Writer Tel (+44) 1263 711 800 0 I am, of course, taking about the financial technology market. I believe this is the first issue [email protected] in years that we have not mentioned it, whether that be in terms of market sizing or the Wendy Sanders impact it is having on financial services. Head of Business Development Tel (+44) 1263 711 801 lngenico seamless payment module, Nonetheless, we are talking about finance. In this case, Islamic Finance. I am sure that you [email protected] are all aware of the term, but how many of you have actually delved deeper into this rapidly- Gemma Rolfe growing phenomenon, displacing more traditional types of finance? Islamic Finance is far General Manager more than just the prohibition on interest. Tel (+44) 1263 711 800 for the next generation vending machines! [email protected] Much has been written about Russia in the mainstream press in the past months.
    [Show full text]
  • Overview Mobile Payments Initiatives
    EPC091-14 Date issued: 12 December 2014 Version 2.0 OVERVIEW MOBILE PAYMENTS INITIATIVES Abstract This document aims to provide an overview on initiatives on mobile payments, mobile wallets and mPOS introduced or planned for introduction into the market. Document Reference EPC091-14 Issue Version 2.0 Date of Issue 12 December 2014 Produced by EPC Secretariat Circulation Publicly available Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A, B-1040 Brussels Tel: +32 2 733 35 33 Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 www.epc-cep.eu [email protected] Table of Contents Disclaimer ...............................................................................................................................................................................................6 Executive Summary .................................................................................................................................................................................7 1. Document information ......................................................................................................................................................................8 Structure of the document ..................................................................................................................................................................8 References ..........................................................................................................................................................................................8
    [Show full text]
  • In This Issue
    Welcome to the July edition of ACT News. This complimentary service is provided by ACT Canada; "building an informed marketplace". Please feel free to forward this to your colleagues. In This Issue 1. Editorial - malware, digital currency and the role of government 2. White paper outlines principles for secure, wide-scale adoption of innovative products and services in the Canadian payment industry 3. Giesecke & Devrient is the first SIM provider to receive Mifare Classic and Mifare4Mobile certification for its SkySIM CX Hercules 4. Mobile ticketing comes to Toronto’s transit system 5. New GlobalPlatform white paper explores the value of the trusted execution environment to mobile services security 6. AmEx launches online payments with AmEx Express checkout 7. Incomm and Gemalto deliver secure prepaid mobile NFC payments 8. Moneris makes checkout easy for retailers and consumers with payd pro plus 9. The North West Company introduces first scalable direct deposit solution for prepaid cards to stores across northern Canada 10. FIME first to receive EMVCo qualification for contactless terminal RF test tool 11. AnywhereCommerce brings unmatched versatility to retail with mePoS tablet PoS platform 12. Europe 'winning the war' on CNP fraud 13. ICC Solutions expands to meet growing customer demand 14. Global role for UnionPay on the cards 15. Giesecke & Devrient receives VISA certification for HCE cloud payment services 16. Meet Europe’s latest digital payments network 17. Why MasterCard is launching facial scan app for smartphone users to make secure purchases? 18. Can Apple Pay make its financial mark in Canada? 19. Inside Secure launches new product to meet cybersecurity demand 20.
    [Show full text]
  • A Pymnts.Com Report ©2015 September 2015
    SEPTEMBER 2015 POWERED BY A PYMNTS.COM REPORT ©2015 COVER STORY There are many players across the payments ecosystem hard at work trying to solve one basic problem: how to move beyond the lowly password to authenticate a person’s digital identity. The Fast IDentity Online Alliance (FIDO) was set up in July 2012 solely for the purpose of establishing a standard for how to do that. Organized as a non-profit, The FIDO Alliance is narrowly focused on authentication related to a consumer’s identity. Its mission is as complex as it is simple: to create a standard for how users authenticate to a device and for that device to, in turn, authenticate to the network in such a way that it is simple, scalable, and interoperable – and of course, secure. “Consumer authentication has remained in very poor condition and has largely been based on passwords,” said Rajiv Dholakia, VP of Product and Business Development at Nok Nok Labs, a founding FIDO organization and board member said recently. “Our mission is to make authentication simple for the consumers, strong for the relying parties and scalable.” And a small enough piece of the massively complicated security puzzle that it could make demonstrable progress. FIDO works on a standard for authentication that is “case agnostic” – so can work across a variety of verticals – payments, enterprise security, health care, etc. – that others can leverage. Dholakia compares FIDO to the early days of SSL, which worked as a building block for the Web. “SSL was not and is not specific to payments, but rather encrypted data exchanged between the server and the consumer browser.
    [Show full text]