GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
Skyscraper Ad

Thursday, July 28, 2016

EMVCo, FIDO seeking stronger authentication

P ayments industry leaders are optimistic that a new collaboration between EMVCo and the Fast IDentity Online (FIDO) Alliance, disclosed in July 2016, will help facilitate widespread adoption of biometric authentication schemes. The two global bodies entered into a memorandum of understanding designed to help simplify mobile payments authentication methods to mitigate online fraud without complicating the user experience.

"The payments community wants consumers to benefit from the simplicity of device-based authentication, which could be a fingerprint or facial recognition, for example," said Jonathan Main, EMVCo Board of Managers Chair. Main noted that advanced forms of authentication are not depended on Internet connectivity; cardholders can verify themselves even when their devices are not connected to a network.

"This initiative, therefore, enables us to effectively combine EMVCo's payment industry knowledge with the FIDO Alliance's authentication expertise to deliver cardholder verification that is convenient for the user, sustainable for the marketplace and most important, highly secure, thereby reducing consumer fraud in the mobile payment space," Main said.

Collectively owned by American Express Co., Discover Financial Services, JCB International Credit Card Co. Ltd., Mastercard, China UnionPay and Visa Inc., EMVCo manages EMV (Europay, Mastercard and Visa) specifications, adapting when necessary in response to regional regulations.

EMVCo Associates work closely with the global body's business and technical teams to create flexible and sustainable standards that stand the test of time. Members include payment card issuers, acquirers, networks, merchants, manufacturers, technology providers and testing laboratories from numerous countries. Any payments industry stakeholder may subscribe to receive EMVCo updates, which include advance notifications of new developments and draft documents.

Leveraging personal identifiers

Formed in July 2012, the FIDO Alliance is committed to developing strong, interoperable authentication technologies to eliminate the need for users to create and memorize multiple usernames and passwords. The global body is focused on changing the nature of authentication through standards that simplify and strengthen authentication within an open, scalable, interoperable framework. The many forms of FIDO authentication share common attributes of heightened security, privacy, and simplified user interfaces for authenticating users of online services.

FIDO Alliance members include Aetna Inc., Alibaba Holdings, American Express Co., ARM Holdings, Bank of America Corp., BC Card, CrucialTec, Daon, Egis, Google Inc., Intel, ING, Infineon Technologies AG, Lenovo, Mastercard, Microsoft, Nok Nok Labs Inc., NTT DOCOMO Inc., NXP Semiconductors N.V., Oberthur Technologies OT, PayPal, QualComm Inc., Samsung Electronics Ltd., Synaptics, USAA, VASCO Data Security International Inc., Visa Inc. and Yubico. "FIDO standards, solely focused on authentication, were designed to complement other technical body efforts," said Brett McDowell, Executive Director of the FIDO Alliance. "This partnership with EMVCo is a prime example of how industry bodies can work with the FIDO Alliance to use simpler, stronger FIDO authentication to fulfil their own requirements.

"With the growing use of EMV mobile payment, there is a real need for cardholder verification that is highly secure but unobtrusive for consumers. FIDO standards address that need, and this joint work with EMVCo has the potential to accelerate the global adoption of mobile authentication standards within the payments community."

Selfie 2.0

One popular form of biometric authentication is the selfie photo, a common feature on numerous smartphones and feature phones. End users can use the method to verify their identities when logging into to websites from mobile devices. EyeVerify, a FIDO Alliance member, has registered millions of users to its mobile app Eyeprint ID. The app is designed to securely open mobile devices, log into websites and apps and protect mobile payments. The company also provides a software development kit to enable developers to integrate the biometric with third-party applications.

The company mentioned the following additional benefits of its biometric technology:

Visa gets chummy with PayPal
Tuesday, July 26, 2016

A fter years of intense competition, Visa Inc. and PayPal Inc., are burying the hatchet. The two companies disclosed they are on "a new path," the upshot of which is that Visa cards gain parity with the automated clearing house (ACH) system in terms of PayPal payment options.

Founded as Confinity in 1998, the company launched PayPal, its money transfer service, in 1999. Confinity merged with online banking company in 2000, was subsequently renamed PayPal and went public in 2002. Soon thereafter, PayPal was acquired by eBay Inc., where it charted phenomenal growth as a low-cost, ACH alternative to credit and debit card acceptance by online merchants. PayPal was spun off from eBay and became a publicly traded company in 2015.

PayPal claims 184 million accountholders. During the first quarter of 2016, PayPal reported handling $81.8 billion in transactions, a 31 percent increase over the same period in 2015. As PayPal's business has exploded, however, it has come under increasing fire from Mastercard and Visa because of its practice of steering customers to ACH payments.

According to published reports, Visa Chief Executive Officer Charlie Scharf stated during a recent meeting with analysts that roughly 50 percent of payments PayPal handles today clear as ACH items; the remaining 50 percent use credit, debit and prepaid cards. And at least some of those cards are issued as PayPal Mastercards.

"I've been very clear on this one, which is if you are a foe, you're not a friend," Scharf said about PayPal during a May tech conference sponsored by JPMorgan Chase & Co. "The foe part" is that they "do everything in their power" to encourage customers to use the ACH which disintermediates Visa. "We'd love to figure out a different model with them where it's consumer choice first whether or not disintermediating," Scharf said.

A 'new path'

Apparently, the two companies have come to an agreement on that model. "The partnership puts PayPal and Visa on a new path, with the companies working more collaboratively to accelerate the adoption of safe, reliable and convenient digital payments for consumers and merchants," Visa said in a July 21 statement about the partnership.

The arrangement with PayPal includes "economic incentives," like locking in Visa-assessed fees. Acquirers, issuers and financial institutions will benefit too, from more spending, better customer service, lower operational costs and improved security, the two companies said.

"Giving consumers choice in how and where they pay is essential to our goal of being a customer champion, and we welcome the opportunity to work with more partners like Visa who share our vision," said PayPal CEO Dan Schulman. Schulman has made several public statements in recent months about his desire to take the company beyond just moving payments. Scharf said Visa is "excited to begin a new chapter with PayPal."

Investor reactions to the news were mixed. PayPal's stock slid 7 percent on July 21. "Our initial take is that this deal exploits the leverage Visa has over PayPal," wrote James Cakmak, of the investment research firm Monness, Crespi, Hardt & Co. "Although this removes an ongoing investor concern, we note that there is a risk to margins and profitability with higher credit funding mix without meaningful incremental volume," wrote Colin Sebastian of the investment banking firm Robert W. Baird & Co.

But in the days following, other analysts gave the arrangement a thumbs up, issuing buy ratings for PayPal stock. "We believe this deal could turn an often-acrimonious relationship between PayPal and Visa/card issuers into a beneficial one for all, as it opens opportunities for [PayPal] at the point-of-sale, yields volume-based economic incentives and provides long-term Visa fee certainty," wrote Youssef Squali, an analyst with the investment banking firm Cantor Fitzgerald.

Here is a summary of key provisions of the partnership agreement, as detailed in Visa and PayPal statements:

Cardless ATMs address EMV, security concerns
Friday, July 22, 2016

W ith deadlines for the next wave of the EMV (Europay, Mastercard and Visa) chip card liability shift set to take effect for ATM network operators on Oct. 1, 2016, for Mastercard branded card ATM transactions, and Oct. 1, 2017, for Visa-branded cards; the race to adapt ATM equipment is on. However, a number of innovative financial industry players are finding ways to navigate beyond EMV's limitations.

In a mid-July 2016 agreement with Payment Alliance International, FIS NYCE Payments Network became the first national payment network to support mobile phone-to-ATM transactions, according to FIS. The partnership connects the FIS Cardless Cash mobile program, which eliminates the need for plastic cards, with PAI's network of 70,000 ATMs located at retailers, gas stations and convenience stores nationwide.

Prior to the collaboration, in early 2015, FIS began rolling out its Cardless Cash program through bank client ATMs by leveraging its preexisting FIS Mobile Banking app. With FIS Cardless Cash, customers can preorder an ATM cash-withdrawal from their mobile banking app for pickup at a nearby ATM. A tokenized, single-use quick response code makes it possible to execute secure ATM transactions, the company said.

"FIS has 36 million mobile banking end-users who are already connected to the brand," said Douglas Brown, Senior Vice President and General Manager of FIS Mobile, noting that the expansion of FIS Cardless Cash through the PAI network was a natural extension for FIS since it gives end users access to cash whenever and wherever they want.

For PAI, this marks the third such partnership in the past year. The company also partnered with Fiserv Inc. to develop CardFree Cash, a revised version of Fiserv's Popmoney mobile cash platform. According to PAI, users receive an encrypted token along with an ATM locator, which allows them to retrieve funds at nearly 5,000 ATMs across the United States.

In October 2015, HalCash North America teamed with PAI to launch Pin4, the first independent U.S. cardless cash network not to require an ATM card or bank account, PAI noted. Initially launched in Chicago, Los Angeles, Miami and New York, Pin4's full nationwide rollout is expected to be complete by the end of 2016. According to HalCash, the Pin4 API enables promotion and remittance companies, financial institutions and other businesses to deliver real-time, mobile, cardless cash to customers.

With Pin4, customers can key in four-digit tokenized codes at ATM locations. "What is even more interesting is they are working with insurance companies and other reward/redemption companies that today issue checks for redemption," said Donna Embry, Chief Payments Advisor at PAI. "Instead of issuing large numbers of checks, these companies can text a single-use token, which customers can use to access funds at a PAI ATM."

Beating ATM fraud

The number of ATMs in the United States compromised by criminals in 2015 was up 546 percent over the previous year, the highest ever recorded by FICO Card Alert Services, which monitors hundreds of thousands of ATMs nationally. According to FICO, nonbank ATMs were most impacted in 2015, and the average duration for ATM compromises dropped from 36 days in 2014 to 14 days in 2015.

While card skimmers and cameras have been popular tools for ATM fraudsters, compromise techniques are advancing. "The skimmers are getting smarter," Brown said. "They're starting to use techniques called inserts, which goes beyond that superficial skimmer that sits outside the machine. The insert is a physical device that is inserted inside the tracks of the machine. These inserts prey on both EMV and non-EMV cards."

And EMV cards that contain mag stripes fuel the problem. "With the phone-based authentication in Cardless Cash, you don’t have that, because we don't even put the card data onto the phone. We don't send your card information from the phone to the machine. The phone speaks to the ATM over a secure cloud path network."

Brown pointed out that another benefit with cardless cash is speed. "Because you can get in and out of an ATM in 11 seconds, there is a lot less physical threat to you," he said. For FIS customers, speedy access to funds is attracting customers. About 10 percent of FIS' early mobile banking adopters with access to Cardless Cash now use it, and that number continues to grow, Brown noted.

According to Embry, cardless ATM technology is highly cost effective. "Nobody has to do anything differently," she said. "It doesn't add to the cost of the machine, there is no hardware or capital cost to change a reader or certify anything, so it won't be onerous for them to have to have this on their machine. It's all upside. We have software available at the manufacturer. At some point, all new ATMs that PAI sells will be enabled with these products automatically."

Both Embry and Brown see endless possibilities for cardless cash moving forward, including person-to-person transactions, preset travel ATM funding so consumers aren't required to carry plastic cards, cross-border transfers and more.

ETA expands focus to underserved sectors
Thursday, July 21, 2016

G rowing adoption of mobile and web-based technologies to deliver services has highlighted the need for worldwide access to digital technologies. This is particularly true in developing countries lacking adequate connectivity and infrastructure. How Fintech is Addressing the Needs of the Underserved, published July 21, 2016 by The Electronic Transactions Association shares solutions designed by member companies to address the needs of underserved populations.

The global trade association’s white paper details how technical advancements can potentially benefit underserved consumers and their communities through a range of “safe, convenient, and rewarding payment solutions and lending alternatives.” The solutions are built around core values of access, affordability, convenience, security and financial literacy.

“ETA and its members support an inclusive financial system that provides high quality, secure, and affordable financial services for the broadest possible set of consumers,” the report authors wrote. “A goal of ETA member companies is to continually enhance the electronic payments and financial ecosystem so that it is accessible for all consumers, while ensuring their transactions can be completed securely, efficiently and ubiquitously.”

Expanded services, solutions menu

The expanding fintech sector, which the ETA white paper defined as “new technologies that expand financial offerings for consumers, lower costs, improve financial management, and increase transaction security,” has used innovative technologies to solve common problems faced by underbanked consumers. Following are cases cited in the report:

Support needed from Capitol Hill

The Washington, D.C.-based ETA is also continuing its important work with legislators to ensure that U.S. government policies will enhance these far-reaching initiatives, improving access to financial services for all Americans. “A key driver to achieving such a system is the development of new technologies that allow the underserved to access FI and fintech company financial products and services,” the report stated. “ETA encourages policymakers to support these goals through policies that support innovation and the use of technology in financial products and services.”

Additional insights from the ETA’s How Fintech is Addressing the Needs of the Underserved will be cited in an upcoming lead article that explores how emerging payment technologies are reshaping traditional methods of selling and implementing merchant services.

Additional insights from the ETA’s How Fintech is Addressing the Needs of the Underserved will be cited in an upcoming lead article that explores how emerging payment technologies are reshaping traditional methods of selling and implementing merchant services.

UK joins global backlash against interchange
Tuesday, July 19, 2016

B ritish consumers filed a class action lawsuit against MasterCard Worldwide July 6, 2016, seeking relief from what they describe as "illegal card charges" that violate terms and conditions of the Consumer Rights Act that became effective in October 2015.

Visa Inc. was excluded from the case, due to legal counsel's contention that Visa has set its rates at a "reasonable level." Grievances highlight growing dissatisfaction with credit card pricing models that led to actions by the European Union and U.S. retailers against payment card brands.

Legal analysts noted that MasterCard may have to pay as much as £19 billion ($24.5 billion) in collective damages if the court rules in favor of the plaintiffs, who represent all British consumers except those who specifically opt out of the class action.

The case, reported to be the largest class action in British history, follows a 2007 ruling by the European Commission that found MasterCard's interchange fees violated competition law between 1992 and 2007. MasterCard subsequently reduced fees in 2008 but challenged the legality of the EC ruling. While the case was finally closed in 2014, the new British claim shows the fight is far from over.

"The prices of everything we all bought from 1992 to 2008 were higher than they should have been as a result of the unlawful conduct of MasterCard," stated Walter Merricks, legal representative of the UK consumer class. "My aim is to get the redress to which UK consumers are entitled and to ensure that MasterCard cannot hold on to the illegal profits it made. This case should send a signal to companies that break competition laws at the expense of UK consumers that they do so at their financial peril."

Merricks, Commander of the Most Excellent Order of the British Empire and a former UK Chief Financial Services Ombudsman who has managed an array of grievances against financial institutions, is working with London-based law firm Quinn Emanuel and Chicago-based Gerchen Keller Capital LLC, to establish a process flow for orderly distribution of funds to millions of UK consumers involved in the settlement.

Consumer Rights Act

Great Britain's far-reaching Consumer Rights Act, enacted in October 2015, replaced the former Sale of Goods, Unfair Terms in Consumer Contracts Regulations and Supply of Goods and Services acts. Designed to protect all facets of consumer rights, the law protects product quality, merchandise returns, digital content rights and delivery rights. In addition, goods should be:

The Act further stipulates that consumers have up to 30 days after purchase to request a full refund. "After 30 days you will not be legally entitled to a full refund if your item develops a fault, although some sellers may offer you an extended refund period," the Act stated.

Aggregated claims

Proceedings against MasterCard, based on the allegations that the card brand's egregious pricing violated the terms of the Consumer Rights Act and harmed UK consumers, are expected to begin in the fourth quarter of 2016. Legal analysts who support the measures have called the landmark case a justified attack against unlawful, anticompetitive conduct that has resulted in untold losses to millions of consumers.

"That harm, likely to be in the hundreds of pounds, is not large enough for any individual consumer to bring their own claim," stated Boris Bronfentrinker, Lead Partner at Quinn Emanuel. "But by aggregating the claims and bringing them on a collective basis, all UK consumers who lost out will get the compensation they are owed."

MasterCard's share price, investor confidence and loyal consumer following will be adversely affected when the full scale of the harm it caused to UK consumers is revealed, Bronfentrinker added. These comments reveal the transparently opportunistic nature of the class action, according to anonymous sources familiar with the lawsuit.

New regime, new precedent-setting case

Great Britain marked a new milestone July 13, 2016, when former Home Secretary Theresa May was sworn in as prime minister. She replaced David Cameron, who resigned after the country voted to leave the European Union. In her initial remarks, Prime Minister May pledged to support "all of our citizens, everyone, whoever we are and wherever we're from." Consumer groups are cautiously optimistic that the new government will honor existing buyer protections, as the country prepares to withdraw from the EU.

Preparations are underway at the Competition Appeal Tribunal, where the case against MasterCard will be presented. Legal proceedings will include a certification hearing, followed by a general hearing that is expected to begin in 2018, barring any settlement offers by MasterCard.

View prior breaking news

Spotlight Innovators:

North American Bancard | Harbortouch | Sage | UMS | USAePay