A Thing
The Green SheetGreen Sheet

The Green Sheet Online Edition

September 27, 2021 • Issue 21:09:02

Payments in 2021 and beyond: Changing payments for good

By David Poole

Editor's Note: This article is the fourth and final installment in MYPINPAD's series focusing on payments in 2021 and beyond. It was previously published on Aug. 23, 2021, on MYPINPAD's blog at https://bit.ly/3nv5DJ4. It is reprinted here with permission.

There's an old saying that goes, "There's only two things you can be sure of in life: death and taxes." I think there's a third thing you can be sure of—change. Globally, there have been massive shifts over the past decade, all driven by technology and the resulting evolution in human needs and demands. People are more tech savvy, more aware of what's possible and driven to experience the world in more meaningful ways. And pretty much every industry on earth has changed as a result of this shift in consumer behavior.

Now, we're experiencing the largest catalyst for change certainly in my generation: COVID. Here we find ourselves a year and a bit on and still in the midst of significant change.

A brief history of payments

Only seventy years ago we paid with cash for just about everything. Then we started using checks and by the late 1970s credit cards were in full swing. While the way we pay has evolved over the years, the payment experience has remained largely the same. That is, we line up in front of a counter, wait for our turn, and pay via a form of hardware (like a payment terminal) that is fixed to the counter.

However, in the last couple of years payments has been identified as a critical piece of the customer experience, particularly given the bottleneck it causes at the point of sale. Where technology has enabled B2C companies to completely rethink the customer experience in many aspects, payments has been something of a thorn in the side of end-to-end experience innovation. There's a good reason for this: payments have to be secure, the bespoke hardware used to process payments is as secure as it gets, and this isn't easy to replicate with software.

The payments industry knew it needed to move with the times. And mobile technology was the obvious place to turn to given its versatility, universal nature, affordability and ability to revolutionize the customer experience. But we all know that mobile devices are nothing close to the security of a payment terminal, so this was the largest problem to solve when software-based payment technologies started to be developed.

Security must be the hero of payments technology development

Being part of software-based payment technology innovation, I can attest to the world of possibilities to innovate within the customer experience that it can open up. But I'm also a stickler for security because you cannot have a successful software product for payments without it. You'll also know that while the PCI Security Standards Council, the regulatory body for payments (https://www.pcisecuritystandards.org), is working to produce the next set of security standards for software-based payments, these are still about six months away, which means there are solutions coming to market that potentially will not pass muster when the hammer falls. And that's a big concern for a couple of reasons:

  1. Businesses will invest in these solutions and may have to invest in another solution shortly after if the first chosen solution does not achieve a PCI certification.
  2. There will be solutions in markets that are vulnerable to attack. We are already living in a world with inflated levels of fraud due to COVID and the number of inexperienced consumers shopping online. As an industry we need to be actively looking to produce solutions that are as secure (if not more secure) than existing payments hardware solutions. This is not easy and takes a long time to get right.

So, where does this leave us? Actually, still in a really exciting space because there are companies out there that are developing software-based payment solutions built on a foundation of security. The advice I would give to businesses looking at software-based payments solutions is to do your due diligence thoroughly.

Achieving PCI certification is a lengthy and costly process that involves every aspect of the vendor's business. Any solutions that have come to market quickly may be fine to pilot or complete a PoC but very likely will not be robust enough to meet the stringent security requirements—and very soon, every solution deployed to market will need to be certified.

Changing the face of payments for good

For businesses in the UK and European Economic Area (EEA), Strong Customer Authentication (SCA) is an important consideration (see https://bit.ly/3E6nprM). As a requirement under the second Payment Services Directive (PSD2) it has impacted user experience and changed L3 certification processes for face-to-face transactions in the same way as it has impacted user flows for card not present transactions.

It requires banks to perform additional checks when consumers make payments to confirm their identity and needs to be a combination of two forms of identification at checkout. These include:

  • Knowledge: something they know, for example a PIN or password
  • Possession: something they have, for example a mobile phone or other device evidenced by a one-time password
  • Inherence: something they are, for example a fingerprint.

Note that SCA is already in place for face-to-face transactions. Now, getting back to the topic of this post—"changing payments for good"—here's the exciting part: software-based payments will absolutely reshape the brick-and-mortar customer experience, but the most significant shift will be for online payments.

Not only is online where fraud is exploding and consumers and merchants are the most vulnerable, it's also where the payment process differs greatly from the physical world experience.

Imagine this: a consumer shopping online selects an item and goes to their shopping cart. The consumer is offered two choices to pay: the traditional method of typing in the card details, or simply tapping their own payment card against their own mobile device and securely entering their PIN on the device screen. If the consumer chooses to tap and enter their PIN, this is a card-present transaction, which means there is significantly less opportunity for fraud, and the merchant could therefore pay lower interchange fees reflecting the improved security.

Plus, it's the same experience the consumer is familiar with when they pay in store. Everyone is more protected, the industry can process such a transaction easily, too, so everyone wins. This level of security and customer experience has never been possible online before, but with software-based payments technology, it is just around the corner.

So here we are. Second quarter of 2021 down and while the world is still undergoing massive change and learnings, we're on a forward trajectory with payments innovation that will have a significant and lasting impact.

My final word on the topic is this: all innovation and technological developments should improve our lives. For payments, it's not just technology that we need to focus on, it's making it secure. Because security is the linchpin of this industry, and it is the one thing that will make or break any solutions that come to market. So, develop securely. Choose solutions wisely and we will all enjoy a better world. end of article

David Poole is MYPINPAD's global head of mobile solutions. For more information, please visit https://mypinpad.com.

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

Prev Next
A Thing