I spent a few days in Las Vegas last month meeting with my payment security peers and technology partners. As I noted in my last post, I look forward to this event every year and every year it exceeds my expectations. This is a dynamic space that is continuously evolving and while I noted that last year had several big announcements that shaped the digital payment landscape, this year’s news was a bit more subdued. I’m seeing the industry focus shift toward executing on the process instead of looking at new disruptive offerings.
There were three areas that piqued my interest at the show: blockchain, real-time payments and Open APIs. What do they have in common? All of these digital payment components depend on a strong need for crypto and security to manage risk in their deployment.
Blockchain
Blockchain is probably the most hyped financial services technology of 2016. While only a very small proportion of global GDP is held in the blockchain, analysts expect this to increase significantly in the next decade, as banks, insurers and other industries see the technology as a way to speed up transactions, settlements, financial processes in general, and cut costs.
One such announcement came from Visa, who introduced its B2B Connect service. B2B Connect is an enterprise payment service that uses blockchain technology from Chain for cross-border payments. Pilots are likely to begin in 2017, but Visa claims that B2B Connect will achieve near real-time exchange of international payments between financial institutions on behalf of corporations. This offering squarely competes with SWIFT and I believe will be a serious contender in market due to the benefits in accelerating transactions. Visa has been changing its role in the market by opening its network and services to payment service providers and with B2B Connect it is expanding the nature of its services to attract more customers onto Visa's network. While Visa has the name recognition, Ripple is yet another contender in the cross-border payments market which has attracted a lot of attention and also uses blockchain technology. Given the strong interest in blockchain this year and in reflecting on the blockchain sessions I attended covering different approaches and use cases, I think it was summed up pretty well with the statement that the impact of blockchain technology will be profound.
Real-time payments
Early Warning Services announced Zelle as the brand name for the person-to-person payment service formerly known as clearXchange, the bank-owned network providing real-time fund transfers between bank accounts. Backed by several major U.S. banks and open to all financial institutions, Zelle will go head-to-head with Venmo, part of PayPal, in the alternate payments space. Alternative payment options like Venmo are gaining traction because they offer an improved customer experience and faster access to funds. It will be interesting to see whether financial institution owned person-to-person payment services will gain similar traction and broad acceptance. Of course, the Federal Reserve Bank and The Clearing House are working on enabling real-time payments through our ACH system in the U.S. but for now we have clearXchange/Zelle so that consumers do not have to wait days for transactions to clear. Instead, in mere minutes, transactions are complete and money has electronically changed hands. Based on the discussions I participated in, I also expect that real-time payments will be another enabler for new payment services. Expect to see more innovation as payment service providers start leveraging this capability.
Open APIs
There were several sessions on the topic along with discussions on whether the concept is an opportunity or a challenge to a bank’s relationship with a consumer. For a topic which is typically discussed in association with the European PSD2 initiative, it was great to see the high level of interest as well as hear about banks, such as BBVA, that are already offering an API in the U.S. market. It demonstrates the recognition of the value of Open APIs in driving innovation through relationships and the possibility that more banks may follow suit. Open APIs are an enabler in offering consumers a better experience with financial services through service offerings that leverage data from tighter integrations – an aggregated money management interface or bill payment service drawing information from several financial institutions or utilities. The people I spoke with at Money 20/20 recognized that security is important from a business perspective, but not an inhibitor, and also that Open API standards are a must but currently lacking.
Another item that I would be remiss not to mention is that AliPay has expanded into the U.S. market based on its partnership with First Data and Verifone. While the current focus is Chinese travelers in the U.S. it should be recognized that AliPay which started as a payment mechanism, has morphed into a lifestyle with the ability to provide much more than just payments. This reinforces that customer value and convenience are primary criteria for success when it comes to mass adoption. These elements cannot be overlooked as payments and security are embedded into consumer applications.
It is now up to the industry to make use of these digital payment components to fuel innovation in bringing about seamless and quick consumer experiences that are not compromised by lax security measures. It will require a holistic approach to application, authentication, and payment security, where cryptography is an important aspect. But as we see growing adoption of mobile devices for delivering services and embedded payments, the industry will need to implement strong authentication schemes without introducing undo friction into the system. These authentication measures are likely to rely on methods built into today’s smartphones such as biometrics – fingerprints or images. Other areas that still need to be addressed are online transaction security, as well as protection of all personal information such as social security numbers, email, address, etc. To date, the focus has been on PIN and card numbers but there is a growing realization that it needs to be broader.
Want to know what’s next for the digital payment space and the security implications in 2017? Check back next month for a blog that looks ahead and puts these trends into perspective for 2017.