Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
June 18, 2018
Thinking about My Grandmother and Future-Proofing Payments
I often reminisce about times I spent with my grandmother. She passed away when I was only nine years old, but fortunately left me with a host of memories that I cherish. How I loved our trips to Walden Bookstore in the Hickory Ridge Mall whenever she'd visit us in my hometown of Memphis. We'd pick out a book or two and then return home to read them together. I often wonder what she would think about my family's book shopping and reading habits today. Online bookstores, e-readers, and audiobooks downloaded or streamed onto mobile phones would be completely foreign to her as the technology behind these was not even around during her lifetime! How could she ever have known how the world of books would evolve?
And this brings me to the notion of future-proofing payments. Mobile payments just might be the hottest topic when payment professionals get together to discuss the future of payments. It makes sense to think that maybe one day our mobile phones will replace our debit and credit cards and maybe even cash. But to date, the mobile phone has not done for cards and cash what it has done for mp3 players, digital cameras, and portable navigation devices, to list just a few things. Perhaps we need more time for mobile phones to transform payments—or could it be that payments as we know them today will be made over by a technology or device that is not yet widely available or even conceived? Is it possible that the primary payment methods we use today can withstand the test of time and remain our primary methods for many more years? Thinking about my grandmother and books, maybe future-proofing payments is a losing proposition and we should be nimble, ready to adapt to whatever changes come our way.
Join me for the Atlanta Fed's Retail Payments Risk Forum's latest Talk About Payments webinar on Thursday, June 28, from 1 to 2 p.m. (ET), when I will explore the future of mobile payments at the point of sale by first considering the debit card's long rise to prominence. Participation in the webinar is complimentary, but you must register in advance. After completing registration, you will receive a confirmation email with all the log-in and toll-free call-in information.
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
June 11, 2018
Consumer Habits and Cash Use
As my colleague Doug King pointed out last month, cash is not going away anytime soon, Yanny/Laurel notwithstanding. By number, almost one-third of U.S. consumer payments were made in cash in 2017. Every year since 2008, the Survey of Consumer Payment Choice has found that cash is consumers' most popular or next-most-popular way to pay.
Many factors underlie cash's resilience, including access, current shopping habits, consumer ratings, and demographics.
Universal access. Paypal's chief financial officer commented to the Wall Street Journal earlier this year, "I don't think we will ever be entirely cashless, maybe in large part because I don't know if we will ever be in a world that every person has a smartphone or a mobile device."
Shopping habits. Most purchases—nine in 10—are made in person, not online (2015 Survey of Consumer Payment Choice). And when shopping in person, consumers prefer cash for small-dollar transactions. Two-thirds of U.S. consumers report that they prefer cash for in-person payments of less than $10 (2016 Dairy of Consumer Payment Choice). Forty percent prefer cash for in-person payments between $10 and $25.
Consumer ratings. Consumers say cash is the most cost-effective way to pay. The Survey of Consumer Payment Choice asks respondents to rate the cost of using a particular payment method, taking into account that fees, penalties, interest paid, etc. can raise the cost of a payment method, while discounts and rewards can lower it.
Demographics. People with fewer payment options use cash. That includes low-income people who have less access to credit cards as well as people without bank accounts who have no access to non-prepaid debit cards. It also includes millennials, who used cash for almost 30 percent of their payments in 2016 (Diary of Consumer Payment Choice).
You probably already know that card payments dwarf cash payments—almost 60 percent of consumer payments are made with some type of card, whether it's debit, prepaid, or credit. Yet cash persists. Recently, a new acquaintance told me he "never" uses cash. As evidence, he reported that he had no cash in his pocket, explaining "that's because I used my last $2 to buy coffee this morning."
Hmm. What does this say about the health of cash? What Dave Lott wrote in 2016 is still true today: not dead yet.
Next post: Merchant acceptance and the use of cash
To learn more about consumer payment choices and preferences, visit the Federal Reserve Bank of Atlanta’s new consumer payments web page that houses a variety of surveys, studies, and research reports on the topic.
By Claire Greene, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
June 4, 2018
The GDPR's Impact on U.S. Consumers
If your email inbox is like mine, it's recently been flooded with messages from companies you’ve done online business with about changes in their terms and conditions, particularly regarding privacy. What has prompted this wave of notices is the May 25 implementation of Europe's General Data Protection Regulation (GDPR). Approved by the European Parliament in April 2016 after considerable debate, the regulation standardizes data privacy regulations across Europe for the protection of EU citizens.
The regulation applies to both data "controllers" and data "processors." A data controller is the organization that owns the data, while the data processor is an outside company that helps to manage or process that data. The focus of the GDPR requirements is on controllers and processors directly conducting business in the 28 countries that make up the European Union (EU). But the GDPR has the potential to affect businesses based in any country, including the United States, that collect or process the personal data of any EU citizen. Penalties for noncompliance can be quite severe. For that reason, many companies are choosing to err on the side of caution and sending to all their customers notices of changes to their privacy disclosure terms and conditions. Some companies have even gone so far as to provide the privacy protections contained in the GDPR to all their customers, EU citizens or not.
The GDPR has a number of major consumer protections:
- Individuals can request that controllers erase all information collected on them that is not required for transaction processing. They can also ask the controller to stop companies from distributing that data any further and, with some exceptions, have third parties stop processing the data. (This provision is known as "data erasure" or the "right to be forgotten.")
- Companies must design information technology systems to include privacy protection features. In addition, they must have a robust notification system in place for when breaches occur. After a breach, the data processor must notify the data controller "without undue delay." When the breach threatens "risk for the rights and freedoms of individuals," the data controller must notify the supervisory authority within 72 hours of discovery of the breach. Data controllers must also notify "without undue delay" the individuals whose information has been affected.
- Individuals can request to be informed if the companies are obtaining their personal data and, if so, how they will use that data. Individual also have the right to obtain without charge electronic copies of collected data, and they may send that data to another company if they choose.
In addition, the GDPR requires large processing companies, as well as public authorities and other specified businesses, to designate a data protection officer to oversee the companies' compliance with the GDPR.
There have been numerous efforts in the United States to pass uniform privacy legislation, with little or no change. My colleague Doug King authored a post back in May 2015 about three cybersecurity bills under consideration that included privacy rights. Three years later, for each bill, either action has been suspended or it's still in committee. It will be interesting to see, as the influence of the GDPR spreads globally, whether there will be any additional efforts to pass similar legislation in the United States. What do you think?
And by the way, fraudsters are always looking for opportunities to install malware on your phones and other devices. We've heard reports of the criminal element using "update notice" emails. The messages, which appear to be legitimate, want the unsuspecting recipient to click on a link or open an attachment containing malware or a virus. So be careful!
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
May 29, 2018
Laurel or Yanny? Cash or Card?
The latest and greatest trend on the Internet is the debate over whether you hear a recorded voice say "Laurel" or "Yanny." While I don't intend to get into the science of the phenomenon, I do find it fascinating (and completely ridiculous) that anyone would hear "Yanny." As I was thinking about this current crazed conundrum, the payments geek in me started to relate the Laurel-versus-Yanny debate to the payments industry.
It seems that we in the Retail Payments Risk Forum get asked at least monthly when the United States will become cashless. Our short answer is "never." Some people still prefer to pay with cash for many items, especially small-dollar purchases. In fact, a hamburger chain launched a cashless location during the past year only to find out that some of its customers were not happy that they were unable to pay with cash. And a large online retailer just announced a partnership that will allow its customers to use cash for purchasing gift cards to use on its website.
On the flip side, there are those (and I am smiling at one of my Risk Forum colleagues) who wince at the thought of making a paper-based payment, including cash, for anything. Here in the United States, we have embraced payments choice for consumers. And while I might be someone who prefers to pay with a credit card, I have close friends who prefer debit cards. I even know a few people who prefer to use their mobile phones.
Science can explain why people might hear a word differently. Perhaps we also need science to understand the factors that have a role in driving payment preferences—factors that might include past behavior and experiences, socioeconomic status, and incentives. Nevertheless, the fact remains that you will have your Laurels and your Yannys in payments, and oftentimes the two sides won't understand why the other would ever want to pay with their preferred method.
Research can get caught up in the hysteria that surrounds emerging payments and fintech and overlook established forms of payments. But let the Laurel-and-Yanny debate serve as a reminder that differences among consumers in payment preferences will always exist. Let's not lose sight of those established forms of payments that remain vitally important to commerce, even as the industry races to implement new technologies and systems.
To learn more about consumer payment choices and preferences, be on the lookout for the June 1 launch of the Federal Reserve Bank of Atlanta's new consumer payments web pages that house a variety of surveys, studies, and research reports on the topic.
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
- Thinking about My Grandmother and Future-Proofing Payments
- Consumer Habits and Cash Use
- The GDPR's Impact on U.S. Consumers
- Laurel or Yanny? Cash or Card?
- Heading toward A New Era of POS Portability?
- Is My Identity Still Mine?
- Evidence of the Digital Age
- Cash Discount Programs: The Flip Side of Surcharging?
- Paying with PlasticMetal
- Merchant Surcharging: Winners and Losers
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud