Unlocking the True Value of Immediate Payments
Monday, October 16, 2017
Posted by Barry Kislingbury
Immediate Payments must be part of an open banking strategy
The question that most banks are asking themselves, as real-time payments schemes gather pace in different markets around the world, is, “How do we enable real-time, digitally-enabled payments in the best possible way?”
To answer that question, banks need to consider FAST payments in the context of the Hierarchy of Payment Needs.
A foundation built for FAST
A secure foundation is a key component of any holistic real-time strategy. The UK experience with real-time payments provides a valuable lesson in terms of understanding the dynamics between real-time payments and fraud. When UK Faster Payments launched there was no industry awareness around the new kinds of fraud that could potentially be deployed against banks and their customers. Unfortunately, the fraudsters knew exactly where the opportunities lay. And today's fraudsters are well versed in banking regulations, and they are aware of how they can exploit the system.
The fact that real-time payments are irrefutable, and that money can be shifted in a series of subsequent real-time (and also irrefutable) payments, means that money appropriated by fraudulent means quickly becomes untraceable. However, the industry has responded well, and the fraud rate for traditional push payments made in real-time is now lower than credit cards (0.007% for UKFP in 2013, compared to 0.063% for cards).
But fraudsters never rest for long, and the UK has seen the rise of a new kind of interception fraud. Criminals are utilizing details gleaned from social media, physical mail and web scrapes to insert themselves into conversations in such a way that it doesn’t appear suspicious or unexpected. They falsify communications from a known service supplier, such as a builder, and provide fraudulent account details to direct payments to their accounts, rather than to the genuine supplier. This is possible because the UK Faster Payments scheme doesn’t check recipient details as they're entered into a transaction request; it only verifies the formatting of the account number and sort code. That said, the implementation of proxies alongside payee confirmation will serve to curb this trend when it goes live in 2018.
Additional services that identify the payee obviously improve the current situation, but that's only one side of identity. New real-time schemes such as The Clearing Houses RTP are being launched with these services as default, alongside the new Request to Pay (RtP) function.
‘Request to Pay’ and digital transformation
With RtP, users will present themselves via biometrics, NFC checks with a smart device at POS, identity and loyalty cards, to correctly route an RtP notification to their device. In this scenario, individual identity becomes even more important. There are a wide range of public bodies, charities and think tanks working on the best way to store that digital identity, including looking at technologies such as blockchain.
As such, banks are presented with interesting challenges around customer data security and management. The UK Faster Payments service will hold some basic details that link to the bank account; however, ownership of that data is likely to still sit with the bank. Under the General Data Protection Regulation (GDPR), banks will face new obligations around the new data needed to enable RtP for immediate payments, and the potential fines for breaches of regulations are not insubstantial.
Some governments are looking at broader schemes to store digital identity for banking, for example within blockchain-based national identity. This becomes a much trickier conversation, however, when we consider consumer (and citizen) rights. How banks manage the transition period between proprietary and national repositories will depend on how well they prepare their bank for digital transformation overall.
Part of that transformation will be helping customers navigate the New Payments Ecosystem, though this isn’t about expecting the customer to understand the technology behind these new services. If we do our jobs well, we will create seamless customer experiences where the technology fades into the background. But at the same time, we must protect customers from the more complex fraud threats that accompany real-time and open payments. And part of that is teaching them how to protect themselves.
Customer protection and education
Younger digital natives are typically less concerned than their older cohorts when it comes to digital identities. Many don't understand that in the age of ubiquitous internet it’s relatively simple for fraudsters to source personal details – according to recent research, those in their 20s are “are more likely than pensioners to be targeted by fraudsters for the first time, because they don't bother to check their bank statements” in the internet-age if you aren’t careful about your sharing practices. And many Gen Yers (and close behind them Gen Zers) also tend to be financially naïve, not cognizant of the fact that their identity is more valuable than the ‘hard’ cash in their account. Some banks have been launching major consumer awareness campaigns, but as we move to a full real-time system, there must be a push for more industry-driven consumer education.
On a more positive note, consumers are open to this education, because they still trust their banks t to deliver significant financial services. This is how it should be; the regulatory pressure is on banks to ensure they secure customers’ money and data properly. Would you trust a lightly regulated fintech to do the same? The opportunity for fintechs in the long run is to be 'backed' by a bank that has done its due diligence, especially when the payments ecosystem reaches full real-time. There’s a lot of discussion around how Open APIs will let fintechs onto the banks’ playing field, but up until now that playing field hasn’t been level. The incumbents will soon be able to offer real-time all the time, including an accurate real-time balance, and this combined with the inherent trust in these major providers will be a potential springboard for banks that take advantage of the momentum.
True real-time and open banking should not only act as an equalizer for established banks and new market entrants, but also for the consumers who are challenged by today’s legacy banking environment. Many customers struggle to manage their budgets in the partially-digital world, where they have a lack of control. The combination of real-time rails with Open API-enabled services, such as Request to Pay, is going to place the power and control back with the people.
Learn more about preparing your bank for real-time and open payments, download the report: How to take your bank from good to great
Related Blog Posts
The EMV Deadline Has Been Extended for U.S. Fuel Merchants – Now What?
U.S. fuel stations were originally supposed to be EMV-compliant by October 2017, but due to complications and costs at the time, the deadline for EMV at the pump was extended for three years – and it has now been pushed out further to April 2021 due to the COVID-19 pandemic.
Merchant Fraud in the Age of COVID-19: We Need to Prepare Ourselves for a “Tidal Wave” of Attacks
With millions of consumers around the world self-quarantining at home, online shopping for goods, services and entertainment has become the new normal for many. A recent analysis of our own data has shown that average transaction volumes in the retail sector in March rose 74 percent compared to the same period last year.
Are Chargebacks Making a Comeback for U.S. Fuel Merchants?
With the planned EMV implementation date looming for U.S. fuel merchants, we’ll be spending some time ahead of the October 2020 deadline looking at the fraud issues affecting fuel merchants and how these might change through the final quarter of this year.
Rebirth of The High Street: An Unintended Consequence of COVID-19?
You don’t know what you’ve got until it’s gone. How true that is right now for the U.K.’s High Street (or for that matter local retailers in communities around the world) and our desire to shop.
Merchant Considerations for Protecting Payments During the COVID-19 Crisis
As the spread of COVID-19 continues to impact businesses of all shapes and sizes in unprecedented ways, the power of payments has never been clearer. Drastic increases in online transaction volume and the need for essential in-store payment processing create new challenges for online and brick-and-mortar retailers alike. Here are a few ways that merchants can protect their business – from the perspective of payment processing and fraud mitigation – during this uncertain time.
Positioning PSPs for Success in 2020: Scalability, Flexibility and Globality
We used to say that NFRs (non-functional requirements) such as scalability and availability didn’t really make for attention-grabbing headlines, but in fact, 2019 has shown us that these NFRs are often not far away from the biggest stories. A major outage or downtime – be it for bank or merchant – makes headlines in its own right, but we’re increasingly seeing a clear link between NFRs and a company’s growth trajectory. Those companies that are generating positive awareness from their ambitious global expansion plans, innovative customer experiences, or unique approach to fighting fraud – they are achieving this off the back of technology solutions that deliver world-class non-functional requirements. Scalability, flexibility and globality underpin these growth stories – and this message comes out clearly in speaking with some of our leading payment service providers (PSPs), which are supporting the growth of thousands of merchants around the world.
Three Merchant Payment Trends to Watch in 2020
In 2019, merchants everywhere were challenged by pressure from new entrants, the continued breakdown of traditional industry boundaries and growing customer preference for a digitally-led or digitally-influenced purchasing experience.
Learn How to Claim a Greater Slice of the Mobile Payments Pie
U.S. Wireless Players: $14.3B is at stake – are you in?
Mobile commerce is thriving as consumers seek out convenient, quick and secure shopping experiences. And transaction growth on mobile devices is outpacing traditional desktop and in-store channels, aided by click and collect and one-click purchasing trends. For U.S. telcos, the message is clear: proactively add value to the payments process, or risk missing out on increasing your portion of the growing mobile payments market.
How to Survive Black Friday and Cyber Monday… and Provide a Great Consumer Experience
As Black Friday and Cyber Monday approach, shoppers and merchants alike await amazing deals and a welcome boost in sales, respectively. I took a moment to speak with two of ACI’s merchant payments and fraud experts, Andrew Marshman (merchant payments lead, Europe) and Erika Dietrich (VP, Global Fraud Prevention Risk Services) about what merchants need to know as they head forth into one of the biggest shopping seasons of the year.
Strong Customer Authentication in Australia: Reducing CNP Fraud and Streamlining eCommerce Payments
Minimizing fraud without harming the customer experience can be done – using the right tools
In 2017-18, card-not-present (CNP) fraud cost Australian eCommerce AUD $478 million and accounted for some 85 percent of all fraud on Australian-issued cards1. In 2016, CNP fraud in Europe represented 70% of all card fraud2. Seriously uncomfortable numbers.