The Balancing Act between Security and Customer Experience for Bill Payments
Data breaches involving payment data have doubled in the past year for many reasons—lack of security innovation, misplaced corporate priorities and weaknesses in developer portals to name a few.
According to a recent Ovum and ACI Global Payments Insight survey, 50 percent of corporations report they had payments data stolen in the past 12 months, up from 22 percent the year before. And not surprisingly, those breached should expect to lose customers; 83 percent of consumers indicated they plan to stop spending with a company for several months after a breach (per the survey). Yet, these same customers prioritize ease and convenience over security when making a bill payment.
It is clear that the industry merits change – and security-first innovation is one way to better protect both billers and consumers.
Innovation hasn’t focused on security
Top drivers of payments innovation, according to executives surveyed, include responding to competition, entering new markets and improving customer experience. Security ranks only at #7 as a driver of payments innovation.
Corporations report that the number one barrier to innovation is security requirements. How can we think differently to embrace new heights of security and innovation? Or in other words, is it possible to have our cake and eat it too?
Consumer experience trumps security
67 percent of corporations report they would not make improvements to fraud measures if they add friction to the consumer bill payment experience. Consumers agree – they rank ease as more important than security when paying their bills.
With the cost of data breaches rising to more than $8 million per breach in the U.S., we need security innovations that improve customer experience while increasing their confidence.
Several innovations that improve security and the customer experience are focused on the call center
The call center channel receives a lot of attention for improving security since company employees commit 34 percent of data breaches. New and innovative ways to secure payment data at the call center are now available, including:
- Companies that take bill payments storing tokens in place of card or bank account numbers in their systems. This overcomes a chief reason why customers won’t sign up for recurring payments – distrust in their personal security. A bonus is that when the process of setting up recurring payments feels secure to customers, twice as many consumers use recurring payments.
- Call center agents can initiate payments using stored payment methods (masked) without adding new cards.
- Customers enter credit card numbers into their phone while still in communication with call center agents – card data is securely loaded into the system behind the scenes without exposure to the agent.
Developer portals may create exposure
Corporations that offer developer portals and interfaces for use by third parties have a higher incidence of stolen payments data (65% vs 40%). Fast-moving companies eager to innovate may inadvertently leave the door open to hackers. Clearly there is a desire for innovation, but how can it be done while also prioritizing payments security?
I propose three ways below, and if you have any you’d like to add, I welcome your comments on this post:
- Strong central function driving innovation that also has security innovation in its charter
- Prioritization of emerging security technologies
- Emphasis on both security and innovation as part of team members’ annual goals
New payment options broaden security scope
92 percent of corporations currently have new bill payment options in development. This means new ways to delight consumers and increase revenues, but also new hatches to batten down.
The most popular payment technologies in development by corporations right now include:
- Virtual collection agents (40%)
- Real-time payments (40%)
- eBilling optimized for mobile device (38%)
Corporations must constantly add new payment options to keep up with changing consumer demands. Using a single secure platform to add new options allows you to accept new ways to pay while maintaining security.
Outsourcing Alone Won’t Stop Data Breaches
As the data on developer portal breaches hints, we can’t just make payments security someone else’s problem. Corporations don’t avoid data breaches just by hiring third parties to process payments; they rely upon the right partner with the right security solutions in place.
I previously wrote about the top 10 cyber security practices of cloud payment providers, and this is a list that will grow, as 87 percent of corporations now have a ‘cloud first’ strategy for all new software procurement. Outsourcing payment processing remains a high priority, with 70 percent of corporations now processing payments through outsourced providers and only 30 percent using in-house data centers.
92 percent of corporations added new security software or services
While security doesn’t top the charts for payments innovation drivers, most corporations are making improvements. In fact:
- 92 percent have invested in new security software or services
- 89 percent have engaged with security experts
- 87 percent have placed greater limits on employee access to consumer data
Security-first innovation should be prioritized
More than nine out of ten companies adding new security software in the past 12 months line up with one of the seven habits of highly innovative organizations – investment focused on delivering new capabilities.
But to stay ahead of nimble cybercriminals, we need security-first innovation that incorporates each of these seven habits, which show that it (security-first innovation) is not a single project – it is an ethos, which includes:
- Management having a strong understanding of technology
- Technology at the core of the business needs the flexibility to support change
- Responsibility for shaping and delivering innovation and improvement sits with all employees
This new ethos must address these top 12 threats to payments security.
Secure consumers’ emotions
Consumers are seeking more than just data security; they also want the emotional security that their finances will be safe in the future. As one consumer said, “help me not screw up my finances.”
Customers don’t want to worry about making mistakes with their money. They want easier ways to understand where they sit with their finances. Corporations offer this with notifications and easy-to-read bills. Then, after knowing what to do, consumers crave simpler ways to pay.
You can balance payment security and customer experience with an innovative payment solution provider
Leading payment providers are well versed in the balancing act between security and customer satisfaction. The next generation of billing payment and presentment services offers greater flexibility for consumers to receive bills and make payments, while increasing the trust that their financial information is secure.
Find out more how ACI Worldwide can help you with this balancing act with our innovative billing, payment and communication services.
Related Blog Posts
Social, Mobile and Instant Payments: How Digital Payment Overlay Services Will Power Up P27
For some years now, the Nordics region has been a global-standard bearer for payments and financial services innovation. Sweden has for many years been a leader in the progressive move towards cashlessness, championing the range of efficiencies that it brings. Major payments innovators like Klarna, FundedByMe and iZettle are based in the region, rubber-stamping Stockholm as a genuine fintech hub. Analysts and insight leaders also regularly single the Nordics out as a genuine leader, in particular praising the collaboration between governments, regulators, financial institutions and businesses that has led to such fertile ground for financial modernization initiatives.
How to Meet ISO 20022 Migration Deadlines for Fedwire and SWIFT
Over the next decade, we will undoubtedly see huge shifts in how financial institutions throughout North America transact, whether domestically or across international borders. This will be driven not just by changing technologies, but also by regulatory events – such as the widespread adoption of financial messaging standards like ISO 20022.
How Can European Banks Meet the ISO 20022 Migration Deadlines for TARGET2 and SWIFT?
First published in 2004 – and already broadly used in some quarters – ISO 20022 is rapidly set to become the de facto standard for financial messaging around the world, replacing MT messages.
The Pathway to Global Real-Time Payments: What Will Be the Impact of SWIFT and ISO 20022?
The whole world is moving toward the ISO 20022 standard, and almost in unison. Globally, most major currencies are planning to shift to the new data-rich standard for either high-value payments or immediate payments (high value being global messaging via the SWIFT network or an RTGS scheme).
Digital Payments Overlay Services: Accelerating Real-Time Payments Growth
The global real-time payments landscape is transforming every day, as the world moves toward payments that offer a multitude of digital payment overlay services that drive consumer experience and adoption. But what are digital payment overlay services? They are ancillary services that often ride the real-time payments rails, and can be flexible, nimble drivers of innovation. These digital services – piggy-backing on the standard real-time payments rails – not only add value to core payments, but also bring about convenience and ease of use for all participants in the payments ecosystem.
Real-Time Payments: Global State of Play, Lessons Learned and How to Make Money
There is a lot of noise around real-time, immediate and instant payments. These interchangeable phrases are generally used to discuss the development and domestic rollout of non-card-based methods of payment that provide real-time notification of payment and fast settlement. So, given all of this ”noise,” where are we on the journey, what have we seen work (and not work) and can we make money from real-time payments?
Request for Payment and Other Real-Time Payments Trends That Will Shape 2020
In 2020, the conversation around real-time payments will increasingly be about what banks can do with real-time, as they move beyond setting up to support real-time payments schemes. New use cases will emerge – but there are a few main trends that are likely to shape the direction of real-time in the year ahead.
Nordic’s P27 Powers Ahead with Cross-Border Payments
P27 continues its accelerated journey to cross-border payments in the Nordic region, with an ambitious project scope and timeline. For banks, processors et al, this poses questions of prioritization. Payments players must identify their most pressing business needs, and what can be achieved with their current stack.
How India is Tackling the Challenges of Digital Payments Growth
India’s massive transformation from a cash-based society to a cashless society is underscored by the rise in fintech adoption and the growth of the Unified Payments Interface (UPI) platform, which is now processing more than one billion transactions each month.
Digital Overlay Services Unlock the Value of Real-Time Payments
The global payments industry continues to drive toward true real-time, with the potential opportunity for corporate banking often cited as the most lucrative.