About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Take On Payments

January 16, 2018


Not Just a Card-Not-Present Problem

In 2012, I published a paper that looked at trends in card fraud in several countries that had adopted or were in the later stages of adopting EMV chip cards. The United States is now in the process of adopting EMV, so I am refreshing that paper with an eye towards fraud trends in what are now mature EMV markets. Payments experts know that card-not-present (CNP) fraud will continue to pose challenges that EMV chip cards do not solve, but are there other challenges lurking in these markets that the U.S. payments industry should note?

Although I'm still gathering data, one particular data point from the United Kingdom—lost and stolen fraud—already has me intrigued. In 2016, losses from this type of fraud stood at more than £96 million (about $130 million), up from more than £44 million (about $60 million) in 2010, a 117 percent increase. In 2010, lost and stolen fraud accounted for 12 percent of overall card fraud in that country. By the end of 2016, it had become 16 percent of card fraud. It is now the second leading type of fraud in the United Kingdom, though it still falls far behind CNP fraud, which accounts for 70 percent.

Remember that in the United Kingdom, PIN usage was adopted to mitigate lost and stolen card fraud at the same time that EMV chip cards were implemented. Yet lost and stolen card fraud is up significantly. According to Financial Fraud Action UK, fraudsters are getting their hands on the PINs—a static data element—through distraction tactics and scams. Other factors, such as the proliferation of contactless transactions and those that have no cardholder verification method, could also be drivers of this fraud, as could an increase of reports of lost or stolen fraud that is actually first-party, or "friendly," fraud. EMV has proven to be an effective tool to authenticate cards, but authenticating an individual using a card, even in a card-present environment, remains a challenge.

The lost and stolen fraud figures out of the United Kingdom lead me to believe that cardholder authentication isn't just a CNP problem. Furthermore, the decades-old PIN solution for the card-present environment is now showing signs of weakness. At the same time, to reduce customer friction, many card networks are eliminating signature verification and relying on data analytics to authenticate transactions. Is this a perfect storm for lost and stolen card fraud? Is it the foreshadowing of the emergence of biometrics, or some lesser known technology? Or will I find that this problem is isolated and should not worry us in the United States?

Photo of Douglas King By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

January 16, 2018 in authentication , cards , chip-and-pin , debit cards , EMV , fraud , payments | Permalink | Comments ( 0)

January 8, 2018


Consolidated Mobile Banking and Payments Survey Results Published

In earlier posts, we published highlights of the 2016 Mobile Banking and Payments Survey of Financial Institutions in the Sixth District results as well as a supplement showing the results by financial institution (FI) asset size. The survey was designed to determine the level and type of mobile financial services that FIs offered and to find out what plans FIs had to offer new services.

Six other Federal Reserve Banks also conducted the survey in their districts, and we've combined all the data into a single report. Marianne Crowe and Elisa Tavilla of the Boston Fed's Payment Strategies group led the team that consolidated the data. The report—now available on the Boston Fed's website—addresses mobile banking and payment services from the perspective of the FI. The report offers additional value with its inclusion of a large number of small banks and credit unions (under $500 million in assets), a group from which data are often difficult to obtain.

Consolidated-survey-respondents-by-asset-size

The seven districts participating were Atlanta, Boston, Cleveland, Dallas, Kansas City, Minneapolis, and Richmond. A total of 706 FIs responded.

Here are some of the key learnings from survey responses regarding mobile banking:

  • Retail mobile banking offerings are approaching ubiquity across financial institutions in the United States. Eighty-nine percent of respondents currently offer mobile banking services to consumers, and 97 percent plan to offer these services by 2018.
  • By the end of 2018, 77 percent of bank and 47 percent of credit union respondents will be providing mobile banking services to nonconsumers including commercial and small businesses, government agencies, educational entities, and nonprofits. Commercial and small businesses will be the most prevalent.
  • Among FIs offering and tracking business mobile banking adoption, more than half still have adoption rates of less than 5 percent.
  • The most important mobile banking security concern that respondents cited is the consumer's lack of protective behavior. In response, FIs have implemented a range of mitigating controls. To enhance security and help change consumer behavior, more than 80 percent of respondents support inactivity timeouts and multi-factor authentication (MFA) as well as mobile alerts.

And here are some important findings regarding mobile payments:

  • Implementation of mobile payment services is growing as FIs respond to competitive pressure and industry momentum. In addition to the 24 percent already offering mobile payments, 40 percent plan to do so within two years. However, the current offering level fell substantially short of the expected 57 percent predicted by the responses to the 2014 survey.
  • Mobile wallet implementations are increasing steadily, with Apple Pay as the current leader.
  • Enrollment and usage remain low. Eighty-one percent of the respondents had fewer than 5 percent of their customers enrolled and actively using their mobile payment services.
  • Asset size makes a difference in many areas: larger FIs have greater resources to expend on new services, implementations, and security technologies and controls.
  • Banks and credit unions often differ in approaches and strategies for mobile payments.

We will conduct the survey again this year and are eager to see how the mobile banking and payments landscape has changed. If you have any questions about the survey results, please let us know.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

January 8, 2018 in banks and banking , mobile banking , mobile payments , payments study | Permalink | Comments ( 0)

January 2, 2018


2017 Year-End Review

In December 2013, the Retail Payments Risk Forum began an annual tradition of authoring an end-of-year post highlighting what we consider to be the most significant payment topics or events of the year. We continued that tradition this year, but we changed our platform, instead covering our top events in our Talk About Payments webinar series. Watch a recording of the webinar's presentation.

We encourage you to listen to the webinar, during which we discussed in more detail the following key payment stories of 2017:

  • Fraud schemes
  • Data breaches
  • Chip migration
  • Payments security
  • Same-day ACH–phase II
  • Person-to-person payments
  • Fintech
  • Mobile payments
  • Virtual currency/Distributed ledger

As we begin 2018, we in the Risk Forum look forward to continuing our efforts to mitigate payments risks through industry collaboration and convening. We will also continue to offer our insights using multiple platforms, including this weekly blog and our quarterly webinar series, Talk About Payments. As always, we value your feedback and comments, so do not hesitate to reach out to any of the Risk Forum team members.

Best wishes for a happy, and fraud-free, new year from all of us at the Retail Payments Risk Forum!

Photo of Mary Kepler
Mary Kepler
Photo of Julius Weyman
Julius Weyman
Photo of Doug King
Doug King
Photo of David Lott
Dave Lott
Photo of Jessica Trundley</span>
</div>
Jessica Washington
Photo of Steven Cordray
Steven Cordray

 

January 2, 2018 in chip-and-pin , mobile banking , mobile payments | Permalink | Comments ( 0)

December 18, 2017


Training Workers for Payments Jobs

Do you boast, or at least talk, about your work in payments at social events? When I tell someone in a social setting that I work in payments, they either move on, after a polite pause, to meet the next person, or they take a deep breath and ask, “What does that entail?” What is most humbling is when I overhear my husband trying to explain my job. And what has been the most entertaining was when a four-year old asked me to perform an interpretive dance representing my occupation—a payments Nutcracker, if you will. Whatever the circumstance, you have to be ready to engage and convey excitement about all things payments to keep our workforce thriving. The industry is growing so rapidly that many employers are struggling to fill positions.

Many people I meet assume I am a mathematician when I talk about my work in payments. While I do own a calculator, I tell them, people in the payments workforce have diverse skill sets that go above and beyond using calculators. This diversity becomes more important every day, as technology keeps growing and changing. Ultimately, the majority of the population may not care how payments work, and they may not care to see an interpretive dance about payments. But there are dedicated, skilled professionals who, thankfully, perform their payments-related jobs safely and efficiently. And we need more of them.

The payments industry is growing. Fintechs alone account for a good portion of this growth. According to an industry research firm, venture capital-backed fintech companies globally raised a total of $5.2 billion in the second quarter of this year—–a 19 percent increase from last year. U.S. fintech funding saw a 58 percent rise, to $1.9 billion in the second quarter this year compared to $1.2 billion in the first quarter.

We need a more robust pipeline of available workers to support the growth in the industry. We need to both cultivate new talent and attract available skilled talent. This task can be daunting given the range of jobs available in the industry that transcend traditional educational curriculums.

Here are just a very few of many inspiring workforce training initiatives supporting industry growth today:

  • FinTech Atlanta, along with the University System of Georgia and other colleges and universities in Georgia, launched a FinTech Degree and Certificate Programs to create needed talent to fuel the fintech workforce.
  • NACHA, with the regional payments associations, has launched a Payments Risk Professional accreditation program. The program brings together skills for managing risk combined with knowledge in payment services, whether for financial institutions, solution providers, processors, businesses, or other end users.
  • Workforce Innovation Hub, sponsored by Accenture and affiliated with Atlanta's City of Refuge, provides nonprofit technical education options to lift the underemployed and underprivileged. The IT training program teaches software and application development, IT support, web development, graphic design, and more—all skills that can be put to use in payments and fintechs.
  • Some professional development programs work with military veterans, offering career opportunities and education resources that can help prepare them for careers in the payments industry. One example is First Data Salutes; another is Syracuse University's Institute for Veterans and Military Families (IVMF) and its affiliated program Entrepreneurs Bootcamp for Veterans with Disabilities.

Be a payments ambassador at your next social event and talk about your favorite payments initiative. It is up to you to decide if you want to perform an interpretive dance of your payments job—but it's up to all of us to keep our workforce growing at pace with the industry.

Photo of Jessica Washington  By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

December 18, 2017 in financial services , payments | Permalink | Comments ( 0)