Payments Testing - March 19, 2024
The number one reason often cited by consumers for not adopting new technology is fraud. The first time I recall hearing the issue of security expressed as a deterrent to technology adoption was in the mid-1990s, when the company I worked for in the was in the middle of a very successful IPO roadshow. Our company played in the payments space and the investment community was trying to measure the potential of an idea that seemed outrageous to most at the time: e-commerce. At nearly every stop on our roadshow, institutional investors would express their belief that our business would see no benefit from consumers shopping online using their credit cards because of security.
Convenience over Concerns
The CEO at the time responded to this assertion in a way that would become a mantra for me, considering that what drove consumer behavior related to how they did or did not use technology. He said: “Really? How many of you or your spouses order things over the telephone? (Nearly everyone in the room raised their hands.) So, you give your credit card number and other details to a person in a call center working for minimum wage that you have never met? (Quiet falls over the assembly.) Why? Because it is easier than going to the store. As much as people claim security is a concern, convenience will trump it every time.” Of course, the CEO was right.
Passwords: The Weakest Link
Even though “security” is still the reason most consumers, both individual and corporations, state as the reason they are slow to adopt new technology though they will adopt most any technology that adds convenience to their lives regardless of their initial concerns around safety. That makes these end users our greatest asset and our greatest threat. Convenience overrules security concerns and convenience makes them some of the worst practitioners of security measures. Studies show the average consumer has stored personal information on more than two dozen websites protected by fewer than five unique passwords. In a recent report by Splashdata, a password management and security solutions company, the most common password used by consumers remains “123456” and "password." Meanwhile, reverse engineering methods have become increasingly sophisticated, meaning that a single weak link in the chain can be exploited to compromise an entire system.
The consumer’s willingness to trade convenience for security without even realizing that what they are doing is based on the fact that time remains our most precious commodity. It is the one thing that none of us can make more of and the one thing most under siege in our multi-task based lives. As the “Internet of Things” is extended into homes with the promise of letting our chip-enabled, fully connected homes take over more of the mundane, repetitive tasks.
Almost certainly future technology advances such as IoT devices will involve making some type of payment when the refrigerator orders more milk (or beer) or the HVAC arranges for its annual service. That is not a comforting scenario if your job is to make sure the payments infrastructure is fully tested and secure since weaknesses in IoT devices have been exploited in distributed denial of service attacks. No less serious, but more humorous are the stories of Alexa users accidentally ordering merchandise they did not intend to order.
While those of us in the business can vent their frustrations over end user behavior, our complaints are largely moot. In today’s tech environment, the consumer dictates the rules of engagement. Insistence on stringent constraints that run counter to those rules is a recipe for lost market share and product irrelevance. In such a conundrum, payments testing strategies that automate repetitive processes and allow for more code coverage will be essential to staying out of the headlines.
