By Brian Gaynor, Executive Director for European Product Solutions at J.P. Morgan.
Let’s start with the basics, The Second Payment Services Directive (PSD2) was officially published by the European Commission in December 2015 and follows on from the First Payment Services Directive (PSD1), which was implemented in 2009. PSD2 will go live from 13thJanuary, 2018and will have implications for all companies in Europe that deal with payments, ranging from how to regulate the emergence of Third Party Providers (TPPs) to the need for strong customer authentication (SCA).
Rapid changes in the payments sector have heralded the upgrade of PSD1. Technological advances in areas such as cloud and mobile applications have opened up the banking sector to a swathe of new competitors. These TPPs are offering new ways for customers to access their bank accounts to make payments. Over three quarters of Europeans now use mobile devices to keep track of finances and to make payments, compared with just 18% in 2015.
Another major change has been the continuing rise in online shopping. According to a recent survey, one in four Europeans with internet access shopped online at least once a week in 2016. Unfortunately, the rise in eCommerce has resulted in a concomitant rise in cybercrime; both in data breaches and online credit card fraud. In 2016, nearly £309 million was lost to credit card fraud in eCommerce transactions in the United Kingdom. This compares to just £13.6m in 1998.
It’s against this background that the European Union (EU) is implementing PSD2. There are generally two elements to European law; the need to encourage competition among financial providers, as well as the need to enhance consumer protection.
PSD2 at a glance
- Update of First Payment Services Directive (PSD1) driven by continual rise of eCommerce and technological innovation in payments sector.
- Second Payment Services Directive (PSD2) will be implemented from 13th January, 2018. The earliest date that member states are expected to have implemented Regulatory Technical Standards (RTS) is August 2019.
- PSD2 includes 112 articles and 11 mandates (specific topics that the regulators asked the European Banking Association to examine).
- One of these mandates is around strong customer authentication (SCA) and includes guidance around exemptions and challenges.
- Another key area is the regulation of Third Party Providers (TPPs) which could help stimulate a new generation of financial companies.
The emergence of TPPs
Presently the main way for customers to access their bank accounts is through the products and channels provided by their banks. Under PSD2 two new regulated entities will emerge:
- Payment Initiation Service Providers (PISP) – This allows third party companies to initiate payment on behalf of a consumer without them having to visit their online bank’s portal. PISPs offer consumers flexibility when it comes to payment.
- Account Information Service Providers (AISP) – This will allow third party companies to access a consumer’s bank, as well as display information relating to their account. For example, this could allow a consumer to aggregate information from multiple accounts in a single application giving them an overview of their financial situation.
In order to facilitate these new providers, banks will have to provide their APIs (Application Programming Interfaces) to those that request it. This is quite a radical change that will provide a boost to the new generation of Fintech companies, fitting in with the EU’s desire to promote increased competition and innovation. The support for TPPs is expected to give consumers greater control and convenience as they will be able to centralise their account information and payment options on a single device.
This is anticipated to benefit the eCommerce market because it will give customers more flexible banking and payment options. There are also opportunities for merchants; for example, they could potentially utilise an AISP to get more information on a potential consumer, such as their account balance and payment flows and use it to make risk assessments. Or they could use the information to identify and target their most high-value customers. Of course, merchants will have to radically rethink the way they obtain their customer’s consent to store personal data and ensure their processes and procedures comply with the General Data Protection Regulation.
PSD2: Key implications for merchants
|Creation of PISPs||Services that can initiate credit transfers on behalf of account owners (digital or card based).|
|Creation of AISPs||Services that can collect and consolidate data across one or more deposit accounts.|
|Limited surcharges||Merchants will not be able to surcharge payment methods with regulated interchange (e.g., 4-party consumer schemes, Single Euro Payments Area (SEPA) SEPA credit transfers).|
|SCA||Two-factor authentication will be required for all electronic payments, although there are exemptions to allow “frictionless flow”.|
|3-D Secure||eCommerce merchants will need to integrate dynamic authentication tools (e.g., 3D Secure 2.0).|
SCA and the drive for increased payment protection
One of the major implications of PSD2 is the focus on improving security in the payments space by emphasising strong customer authentication. An important element of SCA is two-factor authentication. Most consumers are aware of this even if they don’t know it by that name. It’s for those situations where inputting the username and password by themselves aren’t considered secure enough, so additional steps are required. Obvious examples of such an approach are additional questions that only a consumer would know, such as “what’s my mother’s maiden name?” New approaches to two-factor authentication are emerging e.g., biometric recognition or fingerprint activation.
What is two-factor authentication?
This is authentication based on the use of two or more elements categorised as knowledge (i.e., something only the user knows), possession (i.e., something only the user possesses), and inherence (i.e., something the user is).
Within the cards space there is already a scheme in place to ensure SCA called 3-D Secure (3DS). This is a service offered by credit card providers that gives additional protection to card users by introducing another layer of password protection. The result of which is the message that customers sometimes see when completing a transaction, depending on the network upon which the card is operating.
However, there are drawbacks with 3DS in its current version. It deploys a pop-up screen which uses a different URL – thus looking rather similar to a phishing site. There’s the requirement to remember the password that has been used, something that may be problematic for a customer with several such cards. The first version of 3DS was primarily designed for PC transactions and is a clunky way of making a purchase for mobile phone users – and with smartphones increasingly deployed in eCommerce, this is a stumbling block.
To address some of these challenges a new version of 3DS has just been released. One major change of 3DS 2.0 is that it will offer the ability to authenticate a transaction using a biometric method, something that many mobile phones offer these days. By using finger prints or facial recognition the amount of fraud is potentially going to be greatly reduced while also increasing convenience for consumers. There are other upgrades too: the troublesome payment window will be discarded with and 3DS 2.0 will also allow mobile and digital wallet payment methods. This is a major change as previously only cards could be used (unsurprising, considering the origins of the technology).
Another major implication of 3DS 2.0 is that when a customer makes a purchase, the merchant will have the option of agreeing to ‘frictionless flow’ – where the payment is authorised without additional security measures. Alternatively, they can request that the payment is challenged resulting in the issuer making a risk-based authentication of the consumer and potentially asking for further security, such as two-factor authentication. Having frictionless payment is beneficial for customers and therefore merchants, as their payments can be made quickly and seamlessly. However, it can also increase the potential of fraud. One of the main implications of PSD2 is that it provides clear guidelines about how this process can be managed.
PSD2 and frictionless flow
Under PSD2 there are clear rules regarding the challenging of payments. Transactions that are under €30 will not need to be challenged, it is entirely up to the discretion of the merchant. For transactions above €30, a new procedure kicks in, one that depends on the reference fraud rates of the acquiring bank and the issuer – not the merchant.
Under PSD2, if the fraud rate is below 13 basis points (bps) there’s no requirement for a challenge for transactions of up to €100. But if the fraud rate is below 6bps that ceiling rises to €250. For those with a rate of under 1bps a transaction can be as high as €500 before there’s a need for a challenge.
There are a couple of caveats to this approach.
- Not all low-value transactions will go unchallenged: every fifth transaction (below €30) will need to be challenged. This will also apply if the combined value of several unchallenged transactions goes above €100. This could present some difficulty for merchants who will have to deal with customers’ expectations of a frictionless process.
- There’s also the issue of recurring transactions. If there’s a regular payment and it’s of the same amount every time, there needs only to be one challenge. However, if the amount changes for example, a mobile bill fluctuates and the amount is over €30, it would need to be challenged.
Although SCA methods can reduce fraud, they likely will also impact the speed and convenience of online shopping. However, PSD2 will not necessarily have a negative impact on eCommerce. The new regulations are predicted to drive acquirers and other entities in the payment processing ecosystem to improve their own fraud rate as that would mean they could offer frictionless flow at higher thresholds. Conversely merchants may start seeking out financial providers with a good record of fraud prevention, as this would allow them to offer more convenient payment options to their consumers with fewer challenge presentments.
With PSD2 the onus is on the many parties in the payments ecosystem to improve security and reduce their fraud rates. With the right solutions merchants can be compliant with the new regulations and help reduce fraud while still offering a frictionless, user-friendly experience for the majority of their customers. eCommerce is booming in Europe, but the number one reason preventing even further uptake is concern over fraud. By forcing improvements to payment processing, PSD2 could end up increasing conversion rates.
The implementation of PSD2 is going to shake up the payment sectors. There are a number of potential advantages for merchants: purchasing processes will become easier, they will be offered more choice of financial providers (and consequently methods of payment) and there will be reduced risk of fraud.
But there will still be work to be done; merchants may need to change their systems to handle 3DS 2.0 or other SCA methods, as well as working on how to meet customers’ expectations. And because there will generally be more challenges, SCA needs to be handled in a way that minimises disruption to the purchasing process. In this sense, the regulations could spark a wave of innovation that may ultimately improve the online shopping experience.
Merchants will also have to pay closer attention to their partner acquirers and issuers. Some important differentiating factors will be the fraud rate, as well as the help provided in negotiating the PSD2 upheaval.
PSD2 opportunities for merchants
- Reduced fraud rates in the industry and increased trust with consumers.
- Innovation around two-factor authentication to make the process smoother.
- A boost in eCommerce as consumers have more online banking and payment options.
- Merchants can leverage new payment aggregators to increase their strategic information on consumers.
Chase Paymentech Europe Limited, trading as J.P. Morgan, is regulated by the Central Bank of Ireland.
The information herein does not take into account individual client circumstances, objectives or needs and is not intended as a recommendation of a particular product or strategy to particular clients and any recipient of this document shall make its own independent decision. This document and the information provided herein may not be copied, published, or used, in whole or in part, for any purpose other than expressly authorised by Chase Paymentech Europe Limited.
© 2017, JPMorgan Chase & Co. All rights reserved.
 VisaEurope. ‘Mobile Money Takes Off as 77% of Europeans Use their Phones to Bank and Make Everyday Payments.’ Available at: https://www.visaeurope.com/newsroom/news/mobile-money-takes-off-as-77-of-europeans-use-their-phones-to-bank-and-make-everyday-payments. Accessed October 2017.
VisaEurope. ‘Mobile Payments soar as Europe embraces new ways to pay.’ Available at: https://www.visaeurope.com/newsroom/news/mobile-payments-soar. Accessed October 2017.
Mastercard, ‘Mastercard Index 2017 – Pan-European eCommerce and new payment trends.’ Available at: https://newsroom.mastercard.com/wp-content/uploads/2017/03/Masterindex-2017.pdf. Accessed October 2017.
U.S. inauguration turns poet Amanda Gorman into best seller
WASHINGTON (Thomson Reuters Foundation) – The president’s poet woke up a superstar on Thursday, after a powerful reading at the U.S. inauguration catapulted 22-year-old Amanda Gorman to the top of Amazon’s best-seller list.
Hours after Gorman’s electric performance at the swearing-in of President Joe Biden and Vice President Kamala Harris, her two books – neither out yet – topped Amazon.com’s sales list.
“I AM ON THE FLOOR MY BOOKS ARE #1 & #2 ON AMAZON AFTER 1 DAY!” Gorman, a Los Angeles resident, wrote on Twitter.
Gorman’s debut poetry collection ‘The Hill We Climb’ won top spot in the online retail giant’s sale charts, closely followed by her upcoming ‘Change Sings: A Children’s Anthem’.
While poetry’s popularity is on the up, it remains a niche market and the overnight adulation clearly caught Gorman short.
“Thank you so much to everyone for supporting me and my words. As Yeats put it: ‘For words alone are certain good: Sing, then’.”
Gorman, the youngest poet in U.S. history to mark the transition of presidential power, offered a hopeful vision for a deeply divided country in Wednesday’s rendition.
“Being American is more than a pride we inherit. It’s the past we step into and how we repair it,” Gorman said on the steps of the U.S. Capitol two weeks after a mob laid siege and following a year of global protests for racial justice.
“We will not march back to what was. We move to what shall be, a country that is bruised, but whole. Benevolent, but bold. Fierce and free.”
The performance stirred instant acclaim, with praise from across the country and political spectrum, from the Republican-backing Lincoln Project to former President Barack Obama.
“Wasn’t @TheAmandaGorman’s poem just stunning? She’s promised to run for president in 2036 and I for one can’t wait,” tweeted former presidential candidate Hillary Clinton.
A graduate of Harvard University, Gorman says she overcame a speech impediment in her youth and became the first U.S. National Youth Poet Laureate in 2017.
She has now joined the ranks of august inaugural poets such as Robert Frost and Maya Angelou.
Her social media reach boomed, with her tens of thousands of followers ballooning into a Twitter fan base of a million-plus.
“I have never been prouder to see another young woman rise! Brava Brava, @TheAmandaGorman! Maya Angelou is cheering—and so am I,” tweeted TV host Oprah Winfrey.
Gorman’s books are both due out in September.
Third on Amazon’s best selling list was another picture book linked to politics and projecting hope: ‘Ambitious Girl’ by Vice-President Kamala Harris’ niece, Meena Harris.
(Reporting by Umberto Bacchi @UmbertoBacchi, Editing by Lyndsay Griffiths. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers the lives of people around the world who struggle to live freely or fairly. Visit http://news.trust.org)
Why brands harnessing the power of digital are winning in this evolving business landscape
By Justin Pike, Founder and Chairman, MYPINPAD
Delivery of intuitive, secure, personalised, and frictionless user experiences has long been table stakes in digital commerce, well before the era of COVID-19. As businesses harness the revolutionary power of digital technologies, they have pursued large-scale change to adapt to evolving consumer preferences (some more successfully than others, but that’s a blog for another day). Digital transformation is a term we hear repeatedly, and it looks different for each organisation, but essentially, it’s about utilising technology and data to digitise, automate, innovate and improve processes and the customer experience across the entire business.
As I said, this was already well underway but then came 2020 and no industry escaped the disruption of the coronavirus outbreak, which has had an indelible impact on businesses performance, operations, and revenue. Regardless of whether the impact of COVID has been very positive or very challenging, it has forced organisations globally to re-evaluate and re-orient strategies to adapt.
As lockdowns and pandemic-related restrictions continue to change daily life, this raises the question of how we can balance a dramatic shift to digital and the benefits it brings, while ensuring business continuity and innovation both during and post-COVID, and protecting everyone against fraud?
Digital is an essential survival tool, and even more so in a COVID world
No one could have predicted the dramatic digital pivot that has taken place over this year. Indeed, within weeks of the COVID outbreak cash usage in the UK dropped by around 50%. Digital solutions including delivery applications, contactless payments, mobile commerce, online and mobile banking have become essential components of a touchless customer experience in the era of social distancing. It’s no longer just about an enhanced and superior customer experience, it’s also about health, safety and survival.
In store, businesses have benefited from contactless payments enabling faster throughput and reduced need for consumers to touch payment terminals (therefore requiring greater cleaning, which degrades the hardware much faster). Mastercard reported a 40% increase in contactless payments – including tap-to-pay and mobile pay – during the first quarter of the year as the global pandemic worsened. Digital has also become an essential sales channel for many B2C brands. Where brick and mortar stores have been required to close, digital commerce enables continuity of customer relationships and revenue. This channel also provides brands with rich customer data, which can be used to enhance and personalise the customer experience and typically results in greater levels of engagement and uplifts in revenue.
Industry forecasts estimate that worldwide spending on the technologies and services enabling digital transformation will reach GBP 1.8 trillion in 2023 – a clear indication that the process represents a long-term investment and a global commitment to digital-first strategy. The key point here is that digital brings significant benefits, and regardless of COVID, is here to stay.
The challenges that rapid digital transformation brings to businesses
Regardless of whether businesses are operating in developed or less-developed economies, these times of crisis have levelled the playing field in the sense that all businesses are facing similar issues. Access to products and supplies, maintaining customer relationships, accelerating sales for some and declining sales for others, health and hygiene are just a few of the unique challenges brought about by COVID.
Many businesses in physical environments have had to swiftly implement changes to significantly reduce safety risks for staff and customers, such as contactless payments, mobile ordering and delivery options. But with these changes come a host of other benefits of digitisation, such as faster transactions, and reduced human error at the point-of-sale.
The reliance on technology, however, can also expose organisations and consumers to certain vulnerabilities. In particular, the risks of fraud and cybercrime have dramatically increased since the onset of the pandemic as scammers have taken advantage of digital technologies to target both businesses and individuals.
As a McKinsey report illustrates, new levels of sophistication in the activities of fraudsters have placed more pressure on companies that have been previously slow to go digital, bringing “into sharp relief how vulnerable companies really are”, and damaging the financial health of small and large businesses. In fact, the Bottomline 2020 Business Payments Barometer reveals that only one in 10 small businesses across the UK report recovering more than 50% of losses due to fraud.
But take these stats with a grain of salt. While it is important to be aware of the risks and challenges this new business landscape brings, it’s equally as important to have a lens firmly across your own business, industry and audience, and to identify the changes you can make internally to mitigate risk as well as improve your customer experience. Where can you make some quick wins? Do you have the right skillsets internally to achieve what you need to achieve? What technology is out there that will enable your business goals? There are tech companies like MYPINPAD that are making huge strides in software development, which will transform businesses globally.
A digital world post-COVID
Almost a year in, the line between business success and failure remains fragile. However, an ongoing transition towards greater digitisation will be the difference between survival and the alternative.
There is a wide range of initiatives businesses can implement to weather this storm. If we look at the space MYPINPAD operates within, secure digital consumer authentication is crucial to the ongoing success and security of not only financial products but also identification and verification across a range of different industry verticals. Shifting the authentication of consumers securely onto mobile devices enables businesses to completely reshape their customer experiences. By bringing together a more seamless, frictionless customer experience, accessibility, privacy, security and access to consumer data, businesses are able to drive digital transformation across day-to-day activities.
Against this backdrop, software with stronger security standards continue to play an ever more vital role in supporting society, protecting consumers and businesses from the increase in risks that rapid digitisation brings. Already, merchants can deploy PIN on Mobile technology from companies like MYPINPAD, onto their smart devices to speed up the digitisation process many are now tackling.
Essentially, opening up universal payments and authentication methods that feel familiar, for both online and face-to-face transactions, will be key to opening up a world of possibilities when it comes to redefining how businesses engage with consumers.
Brexit responsible for food supply problems in Northern Ireland, Ireland says
LONDON (Reuters) – Food supply problems in Northern Ireland are due to Brexit because there are now a certain amount of checks on goods going between Britain and Northern Ireland, Irish Foreign Minister Simon Coveney said.
British ministers have sought to play down the disruption of Brexit in recent days.
“The supermarket shelves were full before Christmas and there are some issues now in terms of supply chains and so that’s clearly a Brexit issue,” Coveney told ITV.
The Northern Irish protocol means there are “a certain amount of checks on goods coming from GB into Northern Ireland and that involves some disruption,” he said.
(Reporting by Guy Faulconbridge; Editing by Tom Hogue)
The Beaconsoft story and introducing its one-of-a-kind digital campaign intelligence platform
By Nigel Bridges, founding CEO of Beaconsoft Limited What were you doing prior to setting up Beaconsoft? Before setting up...
Top 8 Tax Scams to Watch Out For
It is tax time and that means finding the best way to file your taxes and to get a refund...
Hisham Itani and Resource Group Recognized in the 2020 Global Banking & Finance Awards®
Global Banking & Finance Review has awarded Hisham Itani the Chairman and CEO of Resource Group, Technology CEO of the...
Euro zone business activity shrank in January as lockdowns hit services
By Jonathan Cable LONDON (Reuters) – Economic activity in the euro zone shrank markedly in January as lockdown restrictions to...
Volkswagen’s profit halves, but deliveries recovering
BERLIN (Reuters) – Volkswagen reported a nearly 50% drop in its 2020 adjusted operating profit on Friday but said car...
Global chip shortage hits China’s bitcoin mining sector
By Samuel Shen and Alun John SHANGHAI/HONG KONG (Reuters) – A global chip shortage is choking the production of machines...
Iran’s oil exports rise ‘significantly’ despite sanctions, minister says
DUBAI/LONDON (Reuters) – Iran’s oil exports have climbed in recent months and its sales of petroleum products to foreign buyers...
Nissan to source more UK batteries as part of Brexit deal ‘opportunity’
By Costas Pitas LONDON (Reuters) – Nissan will source more batteries from Britain to avoid tariffs on electric cars after...
Muted recovery for UK retailers in December ends worst year on record
By David Milliken and Andy Bruce LONDON (Reuters) – British retailers struggled to recover in December from a partial coronavirus...
Chinese phone maker Honor partners with key chip suppliers after Huawei split
By David Kirton SHENZHEN, China (Reuters) – Chinese budget phone maker Honor said on Friday it had signed partnerships with...