The Seasons Are Changing (And So Are Fraud and Regulations)
Monday, November 13, 2017
If you smell the air, you can sense the seasons changing; a little crispy cold moving in suddenly, the leaves are reddening and the winds of Faster Payments and PSD2 are kicking up. Smooth transition, right? So, yeah, seasons change, and so do regulatory regimes. In the US, we’ve been largely left to our own discretions about how to run our fraud shops, with some regulatory oversight regarding disputes handling. Historically, financial institution processes around authentication and fraud monitoring (including analytics and strategy) could be anything or nothing, depending on an institution’s risk appetite. Like the seasons, this might be in transition.
Winds of change blowing from Europe
The approach is at least surfacing in Europe, where the Payment Services Directive 2 (PSD2) is mandating some minimum requirements for high-risk transaction monitoring if a payments player wants to get between banks and merchants. This innovative mandate will place minimum requirements to ensure that there are minimum requirements for fraud strategy; that strong (two-factor) authentication will underpin transactions, and it specifies the thresholds to which controls will be applied. It does not mandate machine learning, or biometric authentication, but rest assured, these elements are going to be heavily favored. The regulations that are there, however, will have teeth, and monitoring is mandated.
PSD2 has the potential to be hugely disruptive to the legacy banking business models, and it sets a very serious precedent on floor standards for future technologies, regardless of the channel. In the US, we have our own Secure Payments Task Force (convened by the Federal Reserve), with one of the tasks including the evaluation of future recommendations in payments to ensure that payments security is up to the standard of the western world. Yes, recommendations are not regulations, but if we are going to move to Faster Payments, and both understand and mitigate the risks associated with mobile wallets, we need to be sure that we do it right and not compromise the security of all stakeholders when recommendations are published.
So, while regulations may not be immediately forthcoming, best practice recommendations for the industry might be the first step in that direction, acting as a stopgap for a very compliance-sensitive industry. That means that if a regulator sets foot onsite, sees a significant control deficiency and identifies it as a safety and soundness risk, it could be a finding.
Combine that with the influence that PSD2 will bring to our shores in the US, and you can see the setup. Control standards will not be so isolated in the future, payments risk containment standards will jump geographies via multinational organizations, there will be cross-pollination of best practices, and vendor competition will ensure that everyone has a machine learning strategy and biometric/two-factor authentication out of the box. The seasons do change, so we should welcome it. Embrace this change and see the upside in the prism of colors that the leaves bring. Put a fire on and warm yourself, winter is coming!
Related Blog Posts
The Hidden Cost of Digital Payments for Retail Payment Players
It is not exactly breaking news that non-cash payments are on the rise globally, with column inches dedicated to the launch of digital financial-inclusion projects. But going cashless is not only a challenge for humanitarian endeavors, or developing countries. We all agree that removing cash from the system will save payments players big bucks in the future, but we must also consider the immediate impact of digital transformation on the legacy infrastructure of the powerhouses of the payments ecosystem.
Why User Engagement Matters, Even for Enterprise Applications
As a User Experience Designer at ACI, I spend a lot of time watching users interact with my designs. I need to make sure our solutions work properly, but lately I’m more interested in how they make my users feel. Engagement is a dominant concept in user interface design right now. It’s important because positive emotional experiences often lead to increased use and loyalty.
Five Payments Trends to Watch in 2018 [Part 1]
2018 is set to be a year of rapid change and new challenges for payments players. The floodgates are opening with PSD2 and UK Open Banking coming into force, bringing an onslaught of new competitors and potential partners. Whether evolution is mandated or market-driven, banks and processors are facing a critical year in their long-term success.
Five Payments Trends to Watch in 2018 [Part 2]
The New Payments Ecosystem Is Here. The floodgates are opening with PSD2 and UK Open Banking coming into force, bringing an onslaught of new competitors and potential partners. Whether evolution is mandated or market-driven, banks and processors are facing a critical year in their long-term success.
Open Banking Goes Live: The Walls Around Traditional ‘Old Style Banking’ Are Crumbling Down
January 13, 2018 may well be remembered as the ‘beginning of the end’ of the traditional retail banking industry.
Thanks to a profound set of new rules by European regulators and the UK government, we may see the start of an era where consumers no longer hesitate to change their bank accounts or make more personalized arrangements with regards to their finances.
The Bank of the Future: 2040 and the Reality of Ar and Vr
Mark, when I envision the bank of the future, I imagine Twiki and Buck Rogers at a casino. Or maybe I once dreamed that—I’m old and my mind is going. So what are we talking about and what can we envision when it comes to the bank of the future? And by future, I’m talking about 2040, before certain cities might be flooded (by water). But I digress, as this isn’t a post about climate change.
How 'Mega Trends' Are Shaping Payments in India
In a previous blog post, I wrote about the impact of demonetization in India and the staggering growth of new digital payment types. Building further on this, I want explore some of the “mega trends” in payments, and how India is embracing the opportunities presented by these trends.
One Year Later: How Demonetization Has Impacted India
This month marks the first anniversary of demonetization in India, and it has undoubtedly changed the country forever. When I visit India, I increasingly see micro-transactions conducted via mobile phones. Cash is still used, but I see less and less of it with each visit. We are in the middle of a true paradigm shift – and India is poised to become a global leader in new types of payment acceptance.
Security, the New Payments Ecosystem and the Need to Educate the Consumer (Or Ask Them to Unclog Your Sewer!)
When it comes to any payments ecosystem, you must remember that we are talking about MONEY. More importantly, people’s money (like yours and mine). In any conversation in this space, secure is something that is assumed. A consumer simply won’t use a new system if they don’t believe it is secure. Unless of course it’s free Wi-Fi. As we have seen, folks are willing to do almost anything to get free access on their devices, even agreeing to clean toilets! (This was a real thing… one hotspot operator added it to their Terms of Service fine print). When we talk secure, it’s important that we keep this in mind: secure is not just a piece of the Hierarchy of Payment Needs, it’s an integral part of it, which is why it sits directly on top of the foundations. Without this layer, the whole ecosystem collapses.
How to Deliver on Customer Experience
Don’t Break the Bank – Building for the New Payments Ecosystem.