Security, the New Payments Ecosystem and the Need to Educate the Consumer (Or Ask Them to Unclog Your Sewer!)
When it comes to any payments ecosystem, you must remember that we are talking about MONEY. More importantly, people’s money (like yours and mine). In any conversation in this space, secure is something that is assumed. A consumer simply won’t use a new system if they don’t believe it is secure. Unless of course it’s free Wi-Fi. As we have seen, folks are willing to do almost anything to get free access on their devices, even agreeing to clean toilets! (This was a real thing… one hotspot operator added it to their Terms of Service fine print). When we talk secure, it’s important that we keep this in mind: secure is not just a piece of the Hierarchy of Payment Needs, it’s an integral part of it, which is why it sits directly on top of the foundations. Without this layer, the whole ecosystem collapses.
The Evolution of Payments
As we leave the comfortable and known confines of yesterday’s payments ecosystem, questions around security are normal and expected. You can’t have trust in something without knowing it’s secure, or that there are fail-safes in place if something does go wrong. In the past, we had very defined payment scenarios, where you knew without a doubt where liability lay if something did go wrong – the ‘unhappy flow’ was accounted for. However, as we move to a more open environment where new parties are joining every day, it is only natural to have your head on a swivel. After all, we are only as safe as the weakest link in our workflows.
Regulation and Recreation
A more open environment means that our sandbox needs to have built-in security, and an ability to manage threats both at the ecosystem level and within our solutions. The flexibility in the new environment, and in the applications themselves, makes this possible today – a marked change to the ‘old’ payments ecosystem. Applying the same logic, agreements and regulations that were in place to manage the older ecosystem will be strained to breaking point in the new ecosystem. This is why we are seeing new regulations like PSD2, The UK Open Banking Initiative and General Data Protection Regulation (GDPR) coming into play.
A major challenge is how we layer in secure elements without impacting the ‘need for speed,’ by which I mean real-time! Luckily for us, Moore’s law is at play, which is making it possible to process information in nanoseconds. But there’s also a change in the user experience; an opportunity to gather information ahead of the transaction and view further upstream than has ever been possible previously. This is thanks to the increasingly “open” nature of payments at the core of our discussion. As we open up access, we create a two-way street: we not only broadcast out payment capabilities, but in return we can marry-in APIs from the broader API ecosystem. Whether those are geo-location based services or facial recognition software, we need to innovate in the secure layer without impeding the speed of the transaction. This may actually make transactions ‘lighter’ and able to move quicker, ultimately propelling us towards a more secure ecosystem!
Getting Your Hands Dirty
While it sounds counterintuitive to some, the New Payments Ecosystem has great potential to not only embrace the need for speed, but also to do so more securely than today. It comes down to embracing the change, rolling up your sleeves and playing with new technology, be it distributed ledger, blockchain, or Open APIs. All have the potential to solidify the baseline assumption of security needed to allow the New Payments Ecosystem to strive.
Related Blog Posts
The Race to Real-Time Payments in Europe
Instant payments have quickly morphed into the new norm, and as individual European nations forge a real-time, digital-first payments environment, they raise the bar for all financial institutions conducting business in the Eurozone. It’s no longer a question of “what’s the business case?” but a matter of how instant payments players can take advantage of the opportunities now being created.
Keeping Up With Fraudsters: A Month Isn’t Enough
As the Government of Canada campaigns for improved fraud prevention and awareness this month, I’d like to do my part as a fellow Canadian, and shed some light on why payments need to stay a step (or more) ahead of fraudsters, today more than ever.
Local Perspectives: Real-Time Realities Across Asia-Pacific in 2019
Money20/20 Asia returns to Singapore this week, attracting payments professionals from around the vast APAC region – and beyond. The real-time and open imperative is one of the reasons why all eyes are on Asia-Pacific when it comes to payments, so I caught up with ACI payments experts representing three of the key countries within the region, to take the pulse of real-time schemes that are in varying stages of maturity.
What it Takes to be an ‘Influential Woman in Payments’ [Q&A]
Coming off the back of International Women’s Day this past weekend, PaymentsSource has recognized the Most Influential Women in Payments, spanning multiple industries including financial services, retail, investment and technology. Among the honorees is ACI’s very own Carolyn Homberger, group president, global sales. Part of the executive leadership team at ACI, Carolyn leads a team of payments professionals operating across all global regions, and plays a critical role in setting business strategy. As an advocate for the leadership and growth of women in the payments industry, Carolyn is also responsible for launching ACI’s own Women’s Initiative.
Instant and Open Payments for Consumer Purchases – Lessons Learned From India and Beyond
Did you know that 65% of merchants want to accept instant payments? That’s because they know the customer experience (CX) benefits will drive growth for their business, and they recognize that this payment type will save their business money.
What it Means for a Bank to be Real-Time Ready – It’s More Than Just Payments
Banks are quickly learning that real-time enablement of the business is more than just a technological upgrade – there is a wider challenge of transforming services and customer experience. Although the banking world faces this challenge with some trepidation, there are success stories from other industries that have overcome legacy technologies and transformed frustrating and opaque customer experiences.
What We Talk About When We Talk About Digital Transformation
The recent headline grabbing announcement that Banco Santander has signed a USD $700M contract with IBM got me thinking… what’s up with ‘Digital Transformation’ these days? Santander’s announcement was all about digital transformation… and they are a forward-thinking bank. The new global technology agreement is designed to increase efficiencies in the bank’s operations, enable it to be more innovative and deliver new products, faster. But not every bank can pony up $700M and not every bank has suitable technology in place. It got me thinking, what is actually needed for digital transformation?
Putting Malaysia on the Path to Payments Innovation
The public launch of the DuitNow instant credit transfer service, in December 2018, provides just a taste of what lies ahead as Malaysia’s Real-time Retail Payments Platform (RPP) is progressively rolled out. Fueled by Bank Negara’s (BNM) increasing support for e-payment platform development, there has been a steady increase in mobile wallet and digital payment usage, setting the stage for 2019 to be a year of transformation for the payments industry in Malaysia.
The Potential of 'Request to Pay' to Revolutionize Payments
How often have you been in a situation where you realize in the middle of the month that you’re late paying an important bill? And then hit with a wave of dread as you check your bank account with trepidation to see if you can pay? Many of us are lucky to not be in that situation regularly, but most of us have been there at some point, and likely know others who are regularly confronted by this situation.
What Can the Re-Regulation of Other Industries Tell Us About Open Banking One Year On?
UK Open Banking just reached its first birthday milestone (on January 13 to be precise) and given my own commentary – including in the ACI blog – on this topic, the first anniversary of Open Banking in the UK certainly won’t pass without a debrief on the progress that’s been made and what challenges lie ahead.