Payment processing heretofore requires the disclosure of card or account information from a buyer to a seller. For example, a buyer may be required to hand over the credit card or bank account information to the seller, enter the information on a website, or provide the information over the phone to an agent. The seller then can initiate a transaction that is processed through a network of service providers that includes, banks, payment processors, merchant account agents, shopping cart providers, and credit card companies such as Visa, MasterCard, American Express, Discover, etc.
Once the seller is in possession of the account information, the consumer is no longer in control of the privacy or security of their account information. For as long as there has been a system of processing transactions in this manner, there has been fraud and theft targeted at points of weakness in the handling and storage of the account information.
When a successful unauthorized fraudulent transaction takes place, everyone loses except the perpetrator of the theft. There have been several attempts at implemented technology and procedures to stop such fraudulent transactions. None of these attempts have been able to slow down the hackers attempting to get access to account information.
The Payment Card Industry (PCI) has standards and certification requirements for merchants, banks and processors, and other service providers to ensure the security of consumers' account information. There is Tokenization technology, ApplePay, AndroidPay, SamsungPay, Visa Checkout, Google Wallet technology, EMV, and Smart cards. In such systems, account information is exposed in too many places because of a lack of control or knowledge, creating a huge network of weak points that allows hackers to get access using smart electronic tools.