Market Research Logo

Insight Report: Security in Consumer Payments and Retail Banks

Insight Report: Security in Consumer Payments and Retail Banks


Timetric’s 'Insight Report: Security in Consumer Payments and Retail Banks' analyzes the growing threat faced by payment systems across the world. Following the increase in the number of targeted attacks, the payments industry is grappling with the question of whether banks can counter the sophisticated skills of cybercriminals.Cybercriminals work in an unconstrained environment, enabling them to combine creativity and the latest technical expertise faster than banks can anticipate their attacks; as a result, banks tend to lag behind, constrained by their size and legacy systems.

The report gives extensive details of the challenges faced by banks in dealing with cybercriminals. It also analyzes current security tools adopted by banks, along offers in-depth analysis of emerging technology in payments security. The report also explores the relationship of security with consumer convenience. The importance of context-aware and progressive security is discussed, as is the need for a collaborative approach from participants in the payment ecosystem to reduce instances of data breach and fraud.


Timetric’s 'Insight Report: Security in Consumer Payments and Retail Banks' provides insights into security threats to consumer payments, and the approaches taken by retail banks to counter them. It also:

  • Analyzes the methods of major attacks on payment systems.
  • Covers key challenges faced by banks in defending consumer payments.
  • Explores initiatives taken by banks to secure payment infrastructures.
  • Discusses emerging technology and its likely impact on payment security.
  • Explores whether context-aware security can help banks balance consumer convenience and security.
  • The report covers major instances of cyber-attacks on payment systems between 2012 and February 2015.
  • It analyzes major challenges faced by banks in securing consumer payments.
  • It analyzes various security measures and tools adopted by banks to lower instances of fraud, along with their impact and weakness.
  • It covers security concerns related to outsourcing, and a snapshot of vendor management best practices.
  • It analyzes the role of biometrics and tokenization in securing payments.
  • It explores the future options in payment security such as context-aware/progressive security and unified approach from different market participant of payment ecosystem to limit cyber-threats and fraud.
Reasons To Buy
  • Gain an understanding of cyber-threats in the global payments market. Is this something your organization is ready for?
  • Understand how banks across the world are trying to limit instances of cyber-attacks and fraud.
  • Gain insights into the impact of current security tools on various threats and their weaknesses.
  • Understand why banks are lagging behind cybercriminals.
  • Gain insights into why it is difficult to control targeted attacks.
  • Understand why a collaborative approach is required to limit instances of cyber-threats and fraud.
  • Gain insights into how context-aware security can help banks improve security without compromising consumer convenience.
Key Highlights
  • Cybercriminals work in an unconstrained environment that enables them to combine their creativity with the latest technical expertise faster than banks can anticipate their attacks; and as a result, banks tend to lag behind because they are constrained by their size and legacy system.
  • Banks put in most of their efforts to stop cyber threats through making investments in security; for example JPMorgan Chase spent US$250 million on online security in 2014, with these expenditures to reach US$500 million by 2019. Yet according to Timetric, more collaboration is required to protect the industry from potential threat.
  • Systematic attacks need to be tackled with a collaborative approach to defeat cybercriminals. Individual banks, no matter how big, are unlikely to amass resources to fight targeted attacks on their own. While there is some collaboration, it is limited by cultural differences, the banks’ individual risk aversion, and the increasing modularity of banking systems.
  • In addition to external threats, a major threat to data security emanates from insider events. More often, external threats attract the majority of budget consideration while insider threats are understated. “People with privileged information such as employees and contractors should be monitored more carefully. Nevertheless, organizations tend to rely on trust.
  • Issues for banks are also confounded by the need to balance security with usability. As the industry is moving towards an environment where banks compete on customer experience, the mechanics of payments should not be conspicuous to banks' clients; they should be seamless and secure. Market perception of trade off between security and usability can be changed with efficient use of technology.

  • Executive Summary
  • Are Banks too Slow to Overcome Threats?
    • Increasing Threat for Payment Systems
      • Table Instances of Large-Scale Attacks on Payment Systems, 2012-2015
    • Why are Banks Lagging Behind?
      • Table Regional Deployment of EMV, Q4 2013
      • Table Notable Cybersecurity Expenditure by the `Big Four' US Banks
    • Banks' Approaches to Tackling Threats
      • Table How are Banks Protecting Clients?
  • Outsourcing and Security Concerns
  • The Role of Biometrics and Tokenizaton in Payment Security
    • Biometrics in Banking and Payments
      • Table Potential Applications of Biometrics in Banking and Payments
    • Securing Card Payments with Tokens
      • Table Tokenization and Card Payment Ecosystems
  • Balancing Security and Usability
    • Table Security and Usability Rankings of Key Technologies
    • Is Context-Aware or Progressive Security the Way Forward for Banks?
      • Table Perimeter vs Progressive Security
  • Defeating Cybercriminals: A Collaborative Approach
    • Table A Collaborative Approach to Limit Payment Fraud and Cyber-Attacks on Banks
  • Appendix
    • Methodology
    • Definitions
      • Table Key Definitions
      • Table EMVCo Worldwide EMV Deployment: Regional Definitions
    • Contact Timetric
    • About Timetric
    • Timetric's Services
    • Disclaimer

Download our eBook: How to Succeed Using Market Research

Learn how to effectively navigate the market research process to help guide your organization on the journey to success.

Download eBook

Share this report