Unlocking the True Value of Immediate Payments
Monday, October 16, 2017
Posted by Barry Kislingbury
Immediate Payments must be part of an open banking strategy
The question that most banks are asking themselves, as real-time payments schemes gather pace in different markets around the world, is, “How do we enable real-time, digitally-enabled payments in the best possible way?”
To answer that question, banks need to consider FAST payments in the context of the Hierarchy of Payment Needs.
A foundation built for FAST
A secure foundation is a key component of any holistic real-time strategy. The UK experience with real-time payments provides a valuable lesson in terms of understanding the dynamics between real-time payments and fraud. When UK Faster Payments launched there was no industry awareness around the new kinds of fraud that could potentially be deployed against banks and their customers. Unfortunately, the fraudsters knew exactly where the opportunities lay. And today's fraudsters are well versed in banking regulations, and they are aware of how they can exploit the system.
The fact that real-time payments are irrefutable, and that money can be shifted in a series of subsequent real-time (and also irrefutable) payments, means that money appropriated by fraudulent means quickly becomes untraceable. However, the industry has responded well, and the fraud rate for traditional push payments made in real-time is now lower than credit cards (0.007% for UKFP in 2013, compared to 0.063% for cards).
But fraudsters never rest for long, and the UK has seen the rise of a new kind of interception fraud. Criminals are utilizing details gleaned from social media, physical mail and web scrapes to insert themselves into conversations in such a way that it doesn’t appear suspicious or unexpected. They falsify communications from a known service supplier, such as a builder, and provide fraudulent account details to direct payments to their accounts, rather than to the genuine supplier. This is possible because the UK Faster Payments scheme doesn’t check recipient details as they're entered into a transaction request; it only verifies the formatting of the account number and sort code. That said, the implementation of proxies alongside payee confirmation will serve to curb this trend when it goes live in 2018.
Additional services that identify the payee obviously improve the current situation, but that's only one side of identity. New real-time schemes such as The Clearing Houses RTP are being launched with these services as default, alongside the new Request to Pay (RtP) function.
‘Request to Pay’ and digital transformation
With RtP, users will present themselves via biometrics, NFC checks with a smart device at POS, identity and loyalty cards, to correctly route an RtP notification to their device. In this scenario, individual identity becomes even more important. There are a wide range of public bodies, charities and think tanks working on the best way to store that digital identity, including looking at technologies such as blockchain.
As such, banks are presented with interesting challenges around customer data security and management. The UK Faster Payments service will hold some basic details that link to the bank account; however, ownership of that data is likely to still sit with the bank. Under the General Data Protection Regulation (GDPR), banks will face new obligations around the new data needed to enable RtP for immediate payments, and the potential fines for breaches of regulations are not insubstantial.
Some governments are looking at broader schemes to store digital identity for banking, for example within blockchain-based national identity. This becomes a much trickier conversation, however, when we consider consumer (and citizen) rights. How banks manage the transition period between proprietary and national repositories will depend on how well they prepare their bank for digital transformation overall.
Part of that transformation will be helping customers navigate the New Payments Ecosystem, though this isn’t about expecting the customer to understand the technology behind these new services. If we do our jobs well, we will create seamless customer experiences where the technology fades into the background. But at the same time, we must protect customers from the more complex fraud threats that accompany real-time and open payments. And part of that is teaching them how to protect themselves.
Customer protection and education
Younger digital natives are typically less concerned than their older cohorts when it comes to digital identities. Many don't understand that in the age of ubiquitous internet it’s relatively simple for fraudsters to source personal details – according to recent research, those in their 20s are “are more likely than pensioners to be targeted by fraudsters for the first time, because they don't bother to check their bank statements” in the internet-age if you aren’t careful about your sharing practices. And many Gen Yers (and close behind them Gen Zers) also tend to be financially naïve, not cognizant of the fact that their identity is more valuable than the ‘hard’ cash in their account. Some banks have been launching major consumer awareness campaigns, but as we move to a full real-time system, there must be a push for more industry-driven consumer education.
On a more positive note, consumers are open to this education, because they still trust their banks t to deliver significant financial services. This is how it should be; the regulatory pressure is on banks to ensure they secure customers’ money and data properly. Would you trust a lightly regulated fintech to do the same? The opportunity for fintechs in the long run is to be 'backed' by a bank that has done its due diligence, especially when the payments ecosystem reaches full real-time. There’s a lot of discussion around how Open APIs will let fintechs onto the banks’ playing field, but up until now that playing field hasn’t been level. The incumbents will soon be able to offer real-time all the time, including an accurate real-time balance, and this combined with the inherent trust in these major providers will be a potential springboard for banks that take advantage of the momentum.
True real-time and open banking should not only act as an equalizer for established banks and new market entrants, but also for the consumers who are challenged by today’s legacy banking environment. Many customers struggle to manage their budgets in the partially-digital world, where they have a lack of control. The combination of real-time rails with Open API-enabled services, such as Request to Pay, is going to place the power and control back with the people.
Learn more about preparing your bank for real-time and open payments, download the report: How to take your bank from good to great
Related Blog Posts
Helping Merchants Protect Themselves: Cybersecurity Tips from a Former White House CIO
In a world full of open technology, the devices that make our lives easier also leave us vulnerable to being hacked, according to Theresa Payton, former White House CIO and star of the CBS series Hunted. Payton recently joined me for an exclusive ACI cybersecurity webinar, sharing expert insights into how merchants can enable growth, enhance the customer experience and prevent greater instances of fraud.
Why India's Payments Players Need to Fight Fraud with Machine Learning
By 2023, experts are predicting 60 billion UPI (Unified Payments Interface) transactions annually, accounting for more than 50 percent of India’s total digital payments transactions. And it’s estimated that today nearly 50 percent of all real-time payment (RTP) transactions globally are processed in India. It’s an exciting market for payments innovation, with a wide range of digital overlay services available to consumers and merchants, thanks to the introduction of UPI.
The Untapped Opportunity of Machine Learning for Real-Time Payments Fraud Prevention
Artificial Intelligence (AI) is among the buzzwords of the moment, but when it comes to tangible innovations that have the potential to drive rapid ROI, machine learning should be part of every bank or processor’s strategy. No matter the size of the institution.
How Banks and Acquirers Can Deliver on the Benefits of PSD2 SCA Exemptions and Differentiate Their Merchant Services
PSD2 is an opportunity for acquirers to differentiate themselves by delivering improved services to their merchants, if they implement modern solutions to manage SCA exemptions. This will drive the best customer experience in combination with regulatory compliance.
Cooperation, Consultation and Collaboration Are the Keys to Countering CNP Fraud in Australia
As Europe, and other parts of the world ramp up for regulatory changes around PSD2, Australia is about to launch its own strategy to combat Card Not Present (CNP) fraud.
PSD2 and Strong Customer Authentication – What's in Store for Merchants?
With the final pieces of the Payment Services Directive (PSD2) puzzle coming together, payments businesses are highly focused on meeting their compliance obligations. But the forthcoming changes will affect everyone in the payments chain – and it’s important for merchants and PSPs to understand the practical implications for their businesses and customer relationships.
Why Banks Must Democratize Machine Learning for Fraud Prevention and Payments Intelligence
Banks are already actively on the path to digital transformation, considering new technologies, new customer experiences and new business models. A critical piece of this digital transformation centers on better understanding the wealth of data within the banks’ systems and mining it for improved customer insight. In the New Payments Ecosystem, data is as valuable to the bank and its customers as the deposits held in their accounts, and it should be protected, and leveraged for the benefit of the customer.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Building Trust in Open Banking with Behavioral Biometrics and Machine Learning
Strategies for fraud prevention in payments are having to evolve quickly, as new technologies emerge and digitalization of the banking ecosystem continues at pace. I spoke with Giselle Lindley, Principal Financial Crime Consultant at ACI Worldwide and Tim Dalgleish, Head of Threat Analytics, Asia Pacific at BioCatch to understand how financial institutions can use payments intelligence to build trust in this challenging environment.
Knowing New Customers – And How Shared Data Helps in Fighting Fraud
As the eCommerce industry continues its rapid growth, the lines between physical and digital shopping are becoming increasingly blurred. These changes are creating a number of challenges for merchants, not least around customer visibility and fraud prevention.