The Dutch Central Bank (DNB) has recently started a plea for safer Internet payments.
De Nederlandsche Bank advocates a ‘dual consent’ approach to Internet payments whereby new payment services are granted conditional access to the payer’s bank account. The number of possibilities to make payments over the Internet has soared in recent times.
Paying in a webshop via Internet banking from one’s home PC has become commonplace. But purchases can also be made away from home, from a laptop, a smartphone or an app downloaded to a tablet. And new providers of payment services appear on the market that ask to access the payer’s bank account.
At the same time, however, the spate of new e-payment possibilities has made it harder for consumers to judge whether a particular internet payment method is safe or not. This is because the Internet itself poses safety risks. The consumer is not always able to check whether an unfamiliar website is bona fide or not. This happens, for instance, where the merchant employs an intermediary: a payment service provider that handles the financial side of purchases but that is unfamiliar to the prospective buyer. Other risks include that of e-mail phishing, genuine-looking but fraudulent websites and attacks directed at the consumer’s computer such as botnets or man-in-the-middle fraud. Or the consumer may be seduced to give implicit consent for payments to be made.
Thus there is an urgent need for regulatory measures to protect consumers when making payments over the Internet. Given the global span of the Internet, only internationally agreed measures can be effective. Also, such measures will need to be robust enough to deal with ongoing innovation going forward.