Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
May 21, 2018
Heading toward A New Era of POS Portability?
At recent conferences I've attended, exhibitors in the point-of-sale (POS) terminal and acquiring business were all showing off their portable devices. With one of these, a restaurant server could take a payment at the table or a retail employee could conduct a transaction in a store aisle. The exhibitors said that these devices allow for a more high-touch, personalized customer experience than traditional counter-top POS devices. In fact, while walking the exhibit floor, I noted that countertop POS devices were extremely hard to find.
The theme of POS portability was also evident in the session rooms. Multiple panel discussions and keynote speeches focused on the Payment Card Industry's (PCI) PIN-on-glass security standard, which would give already-in-the-marketplace devices for using mobile phones and tablets as card readers the ability to use PIN-based authentication. In essence, the standard allows customers to enter their PINs on merchants' commercial off-the-shelf (COTS) devices—such as bring-your-own-device tablets or phones—rather than on PCI-certified devices that a merchant owns or leases through its acquiring relationship. PIN on glass has been widely implemented in Australia and, based on what I've heard at these conferences, it is probably one to three years from making any headway here in the United States.
I first wrote about portable POS devices in the restaurant industry nearly six years ago. Since then, I can count on my hands the number of times I've swiped or dipped my card at a portable POS terminal (and several of these interactions occurred in Mexico). Most experiences were positive. On numerous occasions, I've used my card with a COTS device, also with mostly positive experiences. I have honestly never envisioned using or yearned to use a PIN for these transactions.
Little has changed in the way of mobile POS adoption since I wrote that post. So, do I believe we are moving towards a new era of POS mobility? Yes, but very slowly. With the proliferation of independent software providers and their mobile-based solutions for payment processing, I think the industry is now better positioned than it was six years ago for a change. However, I learned from speaking with others in the industry that the conversion process remains time consuming and costly. As far as PIN on glass goes, will the consumer be an obstacle to adoption? I'm not convinced that consumers will be comfortable entering their PIN on someone else's mobile device.
What is your take on the future of POS portability?
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
May 14, 2018
Is My Identity Still Mine?
I'm sure you've seen the famous cartoon by Peter Steiner published in the New Yorker in 1993. That cartoon alluded to the anonymity of internet users. Twenty-five years later, do you think it's still true? Or is the cartoon by Kaamran Hafeez that appeared in the February 23, 2015, issue of the New Yorker more realistic? Is online anonymity a thing of the past?
Having just returned from three days at the Connect: ID conference in Washington, DC, my personal perspective is that numerous key elements of my identity are already shared with thousands of others—businesses, governmental agencies, friends, business colleagues, and, unfortunately, criminals—and the numbers are growing. Some of this information I have voluntarily provided through my posts on various social media sites, but hopefully is available only to "friends." Other bits of my personal life have been captured by various governmental agencies—my property tax and voter registration records, for example. The websites I visit on the internet are tracked by various companies to customize advertisements sent to me. Despite the adamant disavowals of the manufacturers of voice assistant devices, rumors persist that some of the devices used in homes do more than just listen for a mention of their "wake up" name. And, of course, there is the 800-pound gorilla to consider: the numerous data breaches that retailers, financial institutions, health care providers, credit reporting agencies, and governmental agencies have experienced over the last five years.
The conference exhibit hall was filled with almost a hundred vendors who concentrated on this identity security issue. There were hardware manufacturers selling biometric capture devices of fingers, palms, hands, eyes, and faces. Others focused on customer authentication by marrying validation of a government-issued document such as a driver's license to live facial recognition. Remote identification and authentication of end users is becoming more and more common with our virtual storefronts and businesses, but is also becoming more challenging as the fraudsters look for ways to defeat the technology or overall process in some way.
I have yet to have my identity stolen or compromised, but notice I said "yet," and I have probably just jinxed myself. Unfortunately, I believe my identity is no longer just mine and is out there for the taking despite my personal efforts to minimize the availability of personal information. Do you agree?
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
May 7, 2018
Evidence of the Digital Age
Are you one of the estimated 90 percent of Americans who have shopped online over the past year? According to the most recent data published by the Federal Reserve Payment Study, remote payments grew faster than in-person payments by both volume and value. For example, from 2015 to 2016, remote general-purpose credit card payments grew at the rate of 16.6 percent, compared to 7.9 percent for in-person credit card payments. (See the chart.) Remote spending drove almost all of the growth of the general-purpose prepaid card during 2015–16, according to the study. If we had any doubts before, this growth shows us clearly that we're in the digital age, a time in history when digital technology has become ubiquitous.
The shift from in-person payment to remote payment is certainly telling a story that will affect our future conversations and research. We need to take into consideration that as remote payments grow, they will become less and less connected to a physical card. Eventually, consumers may stop considering them to be card payments at all. They will likely start thinking first of their ability to make a payment with a digital account, with subsequent transactions eligible to ride a number of different payment rails, like ledger transfers, ACH, or other faster payments models.
The U.S. Census Bureau estimated that total ecommerce sales for 2017 were about $453.5 billion, an increase of 16 percent from the year before and accounting for 8.9 percent of total sales in 2017. Last year the Department of Commerce reported ecommerce sales have been growing nine times faster than traditional in-store sales since 1998. And remote payments will continue to accelerate. Consider the top retail trends of the year, according to research from the National Retail Federation:
- Online purchase, store pickup: Stores are adding lockers for easier pickup.
- Talking tech: Virtual assistants are rapidly growing in popularity and are ready and able to help customers make purchases.
- Showrooms without inventory: Stores offer browsing, testing, and fitting, with the customer subsequently making the purchase online. This approach helps showrooms reduce their overhead and give consumers customized options.
- Membership clubs: Stores collect customers' money upfront (sort of like prepaid) and send merchandise later, depending on what analytics have taught them about their customers and consultative sales touchpoints.
Future Federal Reserve Payment Studies will continue to track shifts in payments. However, we may need to adapt the ways we discuss these types of payments as the digital-first age leads to innovative transaction accounts with subsequent remote payments untethered from plastic cards.
By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
April 30, 2018
Cash Discount Programs: The Flip Side of Surcharging?
In a recent post, I reviewed the structure of credit card surcharging programs that a panel discussed at the Southeast Acquirers Association conference earlier this year. Since that post, some of my colleagues who have encountered cash discount programs asked me if they were simply the flip side of credit card surcharging. While there are some similarities in the requirements of the two programs, there are some key differences.
Cash discount programs became legal across the United States in October 2011, following the passage of the Durbin amendment of the Dodd–Frank Act. That amendment permitted merchants to offer a discount to cash (or check) customers as an incentive to use those payment methods instead of cards. The way it works is that the merchant charges a service fee to all transactions that the merchant then reverses or discounts if the customer pays with cash or check.
The sample receipts below illustrate the difference between a purchase made with a payment card and a cash payment from a merchant who uses a flat service charge pricing option.
Unlike surcharges, which apply only to credit card payments, service fees are applied against all types of card payments. And while surcharge program fees are always a certain percentage of the transaction, a cash discount program can use a flat fee (usually based on the average ticket size) or a percentage of the transaction amount. Businesses with a wide range of sales values would best be served using the percentage model, while a flat fee works better for businesses with relatively consistent ticket sizes. Credit card surcharge program rates are capped at 4 percent of the transaction amount, but cash discounting has no restriction. Of course, the higher the service fee the more likely the customer will be to notice and possibly move to another merchant who does not have such a program.
As with surcharges, the cash discount merchant must prominently display consumer notices at the entry points of the store as well as at the register about the service charge—that the customer can reduce or avoid by using cash. In addition, the sales receipt must explicitly display the service charge and, when applicable, the cash discount.
Among the possible benefits, merchants can lower their effective card processing expenses by collecting the service charge. Colleagues at the Boston Fed authored a discussion paper titled "Why Don't Most Merchants Use Price Discounts to Steer Consumer Payment Choice?" in late 2012 that reviewed a number of factors that might cause merchants to think twice about implementing a cash discount program. I believe the factors they reviewed are as relevant today as they were at the time of the paper. As for the credit card surcharge, the merchant has to consider customers' potentially negative response to such a fee, especially if they believe that the merchant has already built much of the cost of payment acceptance into the goods and services.
Merchants have to register credit card surcharge programs with the card brands prior to implementation. However, cash discount programs have no such requirement, so their adoption rate among the merchant community is difficult to quantify. One indicator may be from the Federal Reserve's 2015 Diary of Consumer Payment Choices. According to an analysis of the data, the national sample of respondents indicated they received a cash discount on 1.9 percent of their non-bill transactions that had a median value of $20. Interestingly, in a breakdown by industry type, transactions at automobile/vehicle-related and entertainment/transportation businesses were more likely to offer a cash discount—of 8.2 percent and 5.1 percent, respectively.
What has been your experience with cash discount or credit card surcharging programs? Did such a program cause you to change your initial form of payment?
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
- Heading toward A New Era of POS Portability?
- Is My Identity Still Mine?
- Evidence of the Digital Age
- Cash Discount Programs: The Flip Side of Surcharging?
- Paying with PlasticMetal
- Merchant Surcharging: Winners and Losers
- Fintech for Financial Wellness
- Advice to Fintechs: Focus on Privacy and Security from Day 1
- Convenience Always Wins, In One Form or Another
- Mobile Banking and Payments' Weakest Link: Me
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud