With each passing year, more and more consumers are buying some, if not all, of their goods and services online. In order to pay the merchants from whom they make their purchases, most customers are inputting their names, addresses, and credit card data numerous times over a broad range of ecommerce sites. The Secure Remote Commerce (SRC) specifications now being proposed by EMVCo are seeking to revolutionize the way people pay for what they buy.
What is SRC?
While online shopping is the preferred way to shop for many, consumers still complain that the checkout process can be tiresome. There are so many different ways to checkout depending on the format and process used that consumers, and even merchants, can get confused. The SRC specifications are a set of standards being implemented as a way to streamline the checkout process.
The Advantages of SRC
When buyers are forced to manually input their credit card data over and over again, the likelihood of difficulties rises significantly. For one thing, SRC would standardize the technical framework that consumers use to make their payments, thereby allowing them to use their credit and debit cards across all payment channels. Furthermore, the payments could even take place on different browsers and via mobile devices. In the end, data would be more secure and less prone to the human error that happens with manual entry.
How Would it Work?
Many customers are already familiar with digital wallets. With this technology, they input their card information into an application on their mobile device. When the time comes to make a purchase, the customer simply brings up their digital wallet, places the mobile device near the retailer’s NFC reader, verifies their identity via fingerprint or facial recognition, and the purchase is transacted. No actual numbers, expiration dates, or security codes are entered because the payment is tokenized. The same would be true for SRC payments.
How would buyers be able to confirm that they are who they say they are?
After the first login, the SRC recommends that cookies be used to verify the consumer’s identity. As an additional safeguard, the issuing bank can require that the customer prove their identity on the bank’s application by providing fingerprint or face recognition authentication.
The Remaining Concern
SRC does not happen automatically. In order for consumers to have a platform to store and tokenize their card information, their issuing bank must connect to the token service provider (TSP) offered by card schemes such as Mastercard, Visa, and American Express. At this time, many issuing banks remain committed to low rate payment processing but have not seen their way to taking on the significant investment of time and resources necessary to adopt SRC.
We have already seen that the EMV security standards have made purchases at point-of-sale locations more secure by enabling the customer to retain possession of their card at all times. Now with the introduction of SRC, the same safety can be brought to the ecommerce milieu.
Finally, buyers and merchants alike can have security without sacrificing convenience and vice versa. Faster and more secure checkouts lead to fewer shopping cart abandonments and happier customers. In other words, once issuers make the commitment to embrace the added safety and efficiency of SRC, everyone will win.