About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Take On Payments

September 25, 2017


Fed Payments Webinar Series Launching

One of the comments we consistently received when we conducted the Mobile Banking/Payments Survey last fall was the desire for the Atlanta Federal Reserve to provide more educational opportunities on current payment technologies and issues. Not only have small and mid-sized financial institutions expressed this need, but so have consumer advocacy groups and law enforcement agencies. Educational efforts, along with research, on payment risk issues are at the core of the Retail Payments Risk Forum's overall mission.

In response to these requests, the Risk Forum is launching a webinar series called Talk About Payments (TAP). The TAP webinars will supplement this blog, forums and conferences we convene, and other works we publish on the Forum's web pages. The current plan is for the webinars to be presented once a quarter. Financial institutions, retailers, payment processors, law enforcement, academia, and other payment system stakeholders are all welcome to participate in the webinars. Participants can submit questions during the event.

We will have our first webinar—titled "How Safe Are Mobile Payments?"—on Thursday, October 5, from 1 to 2 p.m. (ET). The webinar will cover such topics as mcommerce growth, mobile wallets, tokenization, fraud attack points, and risk mitigation tools and tactics.

Participation in the webinar is complimentary, but you must register in advance. To register, go to the TAP webinar web page. After you complete your registration, you will receive a confirmation email with all the log-in and toll-free call-in information.

We hope you will join us for our first webinar on October 5, and for our future webinars. If there are any particular topics you would like for us to cover in future webinars, please let us know.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

 

September 25, 2017 in emerging payments, mobile banking, mobile payments, payments risk | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

February 13, 2017


The Five-Star That Flops

For the most rabid college football fans, a major day just occurred—National Signing Day, the day when high school seniors sign scholarship papers to attend their colleges of choice. Not only have these seniors been evaluated by coaches, but also entire websites are devoted to their evaluation and ranking using a star-based system, with a five-star player being a top-rated, can't-miss player. Traditionally, much fanfare accompanies these players, and media and fans shower them with attention. Many times, these five-star players go on to accomplish great things at their respective schools, but sometimes they are "busts," failing to live up to lofty expectations and making minimal or no impact for their team. Unfortunately, my college team has had its fair share of five-star busts. Because of being let down, I no longer get caught up in recruiting rankings and I don't fret about the big recruit that got away. And in 2017, this is my new attitude when it comes to mobile payments at the point of sale, or POS.

I've been in the payments industry for a decade, and for over half of that time, I've been hearing and reading how mobile payments are going to change the POS experience. I've heard major announcements about new mobile payment wallets, from Apple Pay to Samsung Pay, and platforms, such as LevelUp, time and time again. I have overheard conversations with contemporaries and colleagues about the latest and greatest mobile solution that will forever change my experience at the POS.

But in 2017, I am not hearing any of this anymore because I am tuning it out. Oh, I am sure that I could attend a conference this year and within the first hour, someone would state that 2017 is the year of mobile payments. But after hearing about the next great mobile wallet or that this wallet will finally bring mobile payments to scale repeatedly, year after year (you get my tone by now), I am no longer getting caught up in the hype around using my phone instead of a card at the POS.

However, I will continue to get excited about mobile commerce opportunities. With more and more people shopping on their mobile phones and tablets, apps and in-browser platforms are making that experience so much better. When picking up a coffee on my way to the office or grabbing a chicken sandwich for lunch after ordering ahead on my mobile phone, I always wonder to myself, why are all those people standing in line? (I am a bit worried, and apparently rightfully so, that as more people use order-ahead features, that pick-up line might grow to be worse than the traditional ordering line.) During the Christmas season, I purchased many gifts on my mobile phone, and that experience was almost always simple and seamless—unlike in years past, when it was a bit cumbersome.

Using my phone to order ahead or shop online has truly simplified my life, unlike using my phone as a replacement to a card at the POS. With so much hype around mobile at the POS, I believe that many people only relate mobile payments to this use case, but it is so much broader. And I believe the mobile commerce piece is akin to the unheralded two-star recruit who goes on to lead his team to the national championship. What do you think 2017 entails for mobile and its place in payments and commerce?

Photo of Douglas King By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

February 13, 2017 in emerging payments, mobile payments | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

January 30, 2017


Pssst…Have You Heard about PSD2?

No, I'm not talking about the latest next-generation video gaming console. I am referring to the revised Directive on Payment Services (PSD2) that the European Parliament adopted in October 2015 and that will serve as the legal foundation for a single market for European Union (EU) payments. The original PSD was adopted in 2007 but, according to official statements, the Parliament found that an update was necessary to incorporate new types of payment services, improve consumer protection, strengthen payment transaction security, and increase competitiveness with an expected result of lower consumer fees in the payments processing market. PSD2 applies only to digital payments and must be in force in all EU countries by January 13, 2018.

The directive and subsequent implementation rules that the European Banking Authority* is developing make a number of major changes in the European banking landscape, including:

  • Opens up the regulated financial services system to merchants and processors who might initiate payments on their consumer customer's behalf as well as data aggregator firms. In particular, PSD2 will apply to any financial institutions already operating within the scope of the PSD but will also apply to third parties such as operators of e-commerce marketplaces, gift card and loyalty plans, bill payment service providers, public communication networks, account access services, mobile wallets, and those who receive payment by direct debit.
  • Requires financial institutions, upon the request of their customers, to allow these approved nonbank, third parties significant, but not unlimited, access to the customer's account and transaction data through APIs (application program interfaces). Many financial institutions see having to turn over customer data to potential competitors as a significant threat to the retention of their customer's business as well as concerns with data security.
  • Sets out two-factor customer authentication as an absolute minimum, with additional security such as one-time passwords required for higher-value transactions. The card issuer must actively authenticate all transactions above 10 euros. Critics of these provisions point out that the criminals will have fixed transaction amounts and authentication methodology information to modify their attacks.
  • Supplementing card interchange limits imposed in December 2015, prevents merchants from adding surcharges to payment card transactions. Under the original directive, each country established rules regarding surcharging on card payments. It has been a common practice of European merchants to levy a surcharge on payment card transactions to offset the interchange fee paid to issuers.

While such a comprehensive single package of regulations is unlikely to occur in the United States, various flavors of these items have been and continue to be discussed. Do you favor such types of regulation here in the United States? I suspect the answer depends on your role in the payments ecosystem. I am interested in hearing from you.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed



_______________________________________

* Final rules are expected to be published in January 2017.


January 30, 2017 in emerging payments, mobile payments, payments, payments risk, payments systems, regulations, regulators, risk | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

January 9, 2017


The Year in Review

As we move into 2017, the Take on Payments team would like to share its perspectives of major payment-related events and issues that took place in the United States in 2016, in no particular order of importance.

Cybersecurity Moves to Forefront—While cyber protection is certainly not new, the increased frequency and sophistication of cyber threats in 2016 accelerated the need for financial services enterprises, businesses, and governmental agencies to step up their external and internal defenses with more staff and better protection and detection tools. The federal government released a Cybersecurity National Action Plan and established the Federal Chief Information Security Office position to oversee governmental agencies' management of cybersecurity and protection of critical infrastructure.

Same-Day ACH—Last September, NACHA's three-phase rules change took effect, mandating initially a credit-only same-day ACH service. It is uncertain this early whether NACHA will meet its expectations of same-day ACH garnering 1 percent of total ACH payment volume by October 2017. Anecdotally, we are hearing that some payments processors have been slow in supporting the service. Further clarity on the significance of same-day service will become evident with the addition of debit items in phase two, which takes effect this September.

Faster Payments—Maybe we're the only ones who see it this way, but in this country, "faster payments" looks like the Wild West—at least if you remember to say, "Howdy, pardner!" Word counts won't let us name or fully describe all of the various wagon trains racing for a faster payments land grab, but it seemed to start in October 2015 when The Clearing House announced it was teaming with FIS to deliver a real-time payment system for the United States. By March 2016, Jack Henry and Associates Inc. had joined the effort. Meanwhile, Early Warning completed its acquisition of clearXchange and announced a real-time offering in February. By August, this solution had been added to Fiserv's offerings. With Mastercard and Visa hovering around their own solutions and also attaching to any number of others, it seems like everybody is trying to make sure they don't get left behind.

Prepaid Card Account Rules—When it comes to compliance, "prepaid card" is now a misnomer based on the release of the Consumer Financial Protection Bureau's 2016 final ruling. The rule is access-device-agnostic, so the same requirements are applied to stored funds on a card, fob, or mobile phone app, to name a few. Prepaid accounts that are transactional and ready to use at a variety of merchants or ATMS, or for person-to-person, are now covered by Reg. E-Lite, and possibly Reg. Z, when overdraft or credit features apply. In industry speak, the rule applies to payroll cards, government benefit cards, PayPal-like accounts, and general-purpose reloadable cards—but not to gift cards, health or flexible savings accounts, corporate reimbursement cards, or disaster-relief-type accounts, for example.

Mobile Payments Move at Evolutionary, Not Revolutionary, Pace—While the Apple, Google, and Samsung Pay wallets continued to move forward with increasing financial institution and merchant participation, consumer usage remained anemic. With the retailer consortium wallet venture MCX going into hibernation, a number of major retailers announced or introduced closed-loop mobile wallet programs hoping to emulate the success of retailers such as Starbucks and Dunkin' Brands. The magic formula of payments, loyalty, and couponing interwoven into a single application remains elusive.

EMV Migration—The migration to chip cards and terminals in the United States continued with chip cards now representing approximately 70 percent of credit/debit cards in the United States. Merchant adoption of chip-enabled terminals stands just below 40 percent of the market. The ATM liability shift for Mastercard payment cards took effect October 21, with only an estimated 30 percent of non-FI-owned ATMs being EMV operational. Recognizing some of the unique challenges to the gasoline retailers, the brands pushed back the liability shift timetable for automated fuel dispensers three years, to October 2020. Chip card migration has clearly reduced counterfeit card fraud, but card-not-present (CNP) fraud has ballooned. Data for 2015 from the 2016 Federal Reserve Payments Study show card fraud by channel in the United States at 54 percent for in person and 46 percent for remote (or CNP). This is in contrast to comparable fraud data in other countries further along in EMV implementation, where remote fraud accounts for the majority of card fraud.

Distributed Ledger—Although venture capital funding in blockchain and distributed ledger startups significantly decreased in 2016 from 2015, interest remains high. Rather than investing in startups, financial institutions and established technology companies, such as IBM, shifted their funding focus to developing internal solutions and their technology focus from consumer-facing use cases such as Bitcoin to back-end clearing and settlement solutions and the execution of smart contracts.

Same Song, Same Verse—Some things just don't seem to change from year to year. Notifications of data breaches of financial institutions, businesses, and governmental agencies appear to have been as numerous as in previous years. The Fed's Consumer Payment Choices study continued to show that cash remains the most frequent payment method, especially for transactions under 10 dollars.

All of us at the Retail Payments Risk Forum wish all our Take On Payments readers a prosperous 2017.

Photo of Mary Kepler
Mary Kepler
Photo of Julius Weyman
Julius Weyman
Photo of Doug King
Doug King
Photo of David Lott
Dave Lott
Photo of Jessica Trundley</span>
</div>
Jessica Washington
Photo of Steven Cordray
Steven Cordray

 

January 9, 2017 in ACH, ATM fraud, cards, chip-and-pin, cybercrime, debit cards, emerging payments, EMV, fraud, mobile banking, mobile payments, P2P, prepaid, regulations | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

July 11, 2016


Surviving the Emerging Payments Providers

Predictions abound that emerging companies will dominate the remittance and person-to-person (P2P) payments space and financial institutions will be relegated to being a bystander. While I am not sold on their eventual dominance, I do think that emerging companies are creating positive changes. These changes have included new business models for financial institutions and traditional remittance providers who are able to offer their existing and prospective customers new, efficient payment choices. And as recently released financial and transaction figures show, some traditional players embracing change are poised to remain in their leadership positions.

I recently saw a speaker who said that one particular emerging digital remittance provider is the largest digital remittance business in the United States. However, I think the honor of the largest digital remittance transfer provider goes to a long-term remittance incumbent, Western Union. Though payments volume data are not available, revenue data do provide us with some insight into the size of these providers. According to Western Union's 2015 annual report, its digital money transfer services generated $274 million in revenues in 2015. As a point of comparison, three emerging companies (Xoom, Worldremit, and TransferWise) had combined revenues of $230 million. Though Western Union's online service represents only 6.3 percent of its consumer-to-consumer revenues, the segment grew by 26 percent in 2015.

In June, Chase announced changes to its digital P2P solution that will allow Chase customers to send and receive money in real time through ClearXchange with customers of Bank of America, U.S. Bank, and several other financial institutions. Chase's digital P2P solution has been a feature on the Chase mobile application and online banking website for several years now and was used in 2015 to send $20 billion in P2P payments. As a point of reference, the wildly popular emerging mobile and online P2P provider, Venmo, reported $1 billion in transfers during the month of January, up 250 percent from the prior January. With the additional reach of ClearXchange participants, Chase customers will now be able to digitally send and receive payments to 65 percent of the digital banking population in the United States, placing it in a position to experience significant growth to its digital solution.

With both remittances and P2P payments, online and mobile channels are seizing share from traditional channels. Even though the in-person agent model in remittances and P2P payments via cash and checks will remain a viable solution for many consumers, today's growth is being driven by digital models.

No doubt emerging players are threatening traditional companies for remittance and P2P dollars. However, financial institutions and established money transmitters are evolving, and based on the numbers, remain valuable payments providers. Given this environment, financial institutions and traditional remittance providers that don't evolve to embrace the digital remittance and P2P economy are at serious risk of losing share. And the threat isn't just coming from emerging companies. In fact, you can call me a traditionalist, but I think evolving traditional financial institutions and remittance providers are positioning themselves to remain the dominant providers of P2P and remittance payments.

Photo of Douglas King By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

July 11, 2016 in banks and banking, emerging payments, financial services | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

August 17, 2015


Pigskin and Payments

For those who know me well, they know that I find August to be the slowest-moving month of the year. It's not because of the oppressive southern heat and humidity, but rather it's my anticipation for football season. To help speed along the "dog days of summer," I generally read my fair share of prognostication publications. Alongside the predictions, improving player safety has become a key discussion topic as the season approaches.

Armed with data showing an increase in injuries as well as long-term negative effects from playing the sport, football's governing bodies on both the collegiate and professional levels are instituting rule changes to make the game safer. Equipment manufacturers are introducing new gear to improve safety and individual teams are adding new experts to their medical staffs all in the name of player safety.

Ironically, while there is a focus on improving player safety, football players continue to get stronger and faster aided by advancements in nutrition and workout regimes. As player strength and speed improves, this contact sport becomes more vicious and dangerous. And as a fan, I'll admit that I find watching a game featuring stronger and faster players more exciting. I do not want to see players injured, but at the same time I enjoy the excitement that comes with hard tackles and big hits.

Does this state of football sound at all like the current state of the U.S. payments industry? To make payments safer, public and private entities are leading literally hundreds of initiatives across various payments rails. Network rule changes are taking place and new technologies are being harnessed all in an effort to better secure payments. At the same time, start-ups, established payment companies, payment associations, and the Federal Reserve are collaborating to improve the speed of payments.

It's hard not to get excited about the possibilities of faster payments, from important just-in-time supplier payments to simple repayments for borrowing money from a friend or family member. However, can securing payments better derail the speed of payments? By way of example and personal experience, my more secure EMV (chip) credit card has clearly reduced the speed at the point-of-sale for my card payment transactions.

But just as player strength and speed has evolved alongside safety through rule-making and technology (think about leather football helmets here), I think we have seen the same progression within the payments industry. I think football remains as exciting as ever, and the payments expert in me is clearly excited about the future of payments.

Speed and safety are not to be viewed as mutually exclusive, and I am confident that the payments industry supports this view. In both football and payments, elements of risk will exist, regardless of safety measures in place. Finding the right balance between speed and safety should be the goal in order to maintain an exciting football game or efficient payments system. I can't wait to see what lies ahead on the gridiron and within the payments industry.

Photo of Douglas A. King By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

August 17, 2015 in emerging payments, EMV, fraud, innovation, risk management | Permalink

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

June 1, 2015


Follow the Money

This blog is inspired by Jack Weatherford's The History of Money, and I'll open with a quote from the book's introduction, attributed to Gertrude Stein: "The thing that differentiates man from animals is money." Now I'm guessing most of us can think of a few more distinctions than that, but I will wager her item would make just about any top ten list.

In his book, Mr. Weatherford discusses three generations of money, noting that today's free market systems saw their genesis in Lydia several millennia ago with the advent of coins. He credits the invention not only with leading to our free market systems but also with destroying "the great tributary empires of history." In other words, money can build new, mighty things and fell that which was once mighty.

Mr. Weatherford describes the second generation of money as beginning in Italy with the Renaissance and moving through the Industrial Revolution. What emerged in this turning was paper money and banking and what fell was feudalism, "changing the basis of organization from heredity to money," with ownership of land supplanted by ownership of stocks, bonds, and the like. In other words, modern capitalism took hold and society evolved into something very different from what it had been.

He describes stage three as electronic money and the virtual economy. Instantly, we recognize the current age. In the way he presents the history, he makes a compelling case that noteworthy evolution and reinvention of money changes the world.

"Fascinating," you might say, "but so what?" Before suggesting an answer, I point out that Mr. Weatherford published this work in 1997. Nevertheless, presciently, he said, "A new struggle is beginning for the control of [money]... We are likely to see a prolonged era of competition during which many kinds of money will appear, proliferate, and disappear in rapidly crashing waves. In the quest to control the new money [emphasis mine], many contenders are struggling to become the primary money institution of the new era."

Indeed. So, I get to my answer. At the moment, one of the focal points for many payment wonks is making platforms "faster." A lot has gone into that already, and much more seems yet to come. A key risk if not the chief risk in this endeavor is ending up with an industry focus that is too narrow (platforms only). It could cause key payment participants to end up missing an important change—in money—not the mechanisms for moving it.

As work progresses to reach consensus on what and how to improve the extant payment mechanism, it seems good to pause and make sure the focus. Pursuit of a purely faster mechanism that envisions world monetary systems continuing to be based on the things they've been based on for centuries now could cause us to overlook or miss the next evolution of money. It would have been of little use to invest in improving the systems for speeding the exchange of cowrie shells as the turn was made toward paper money and banking. I think that to get this right, it is important to worry less about improving the system(s) for facilitating exchange, and more about what's going to be exchanged.

Photo of Julius Weyman By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed

June 1, 2015 in emerging payments, innovation | Permalink

Comments

Excellent observation and well stated.

Posted by: Kimberly Rector | June 5, 2015 at 10:11 AM

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

May 4, 2015


Keeping Up with the Criminals: Improving Customer Authentication

The interesting thing about authenticating customers for checks and PIN-based debit transactions is that the customer's authentication credentials are within the transaction media themselves—a signature, a PIN. But for the rest of the transaction types, authentication is more difficult. The payments industry has responded to this challenge in a few different ways, and may be turning increasingly to the use of biometrics—that is, the use of physical and behavioral characteristics to validate a person's identity.

Improving customer authentication in the payments industry has been a focal point for the Retail Payments Risk Forum since its formation. After all, authenticating the parties in a payment transaction efficiently and with a high level of confidence is critical to the ongoing safety and soundness of the U.S. payments system. We have intensified our focus over the last two years, including holding a forum on the topic in mid-2013. The Forum has also just released a working paper that explores the challenges and potential solutions of customer authentication.

The working paper examines the evolution of customer authentication methods from the early days of identifying someone visually to the present environment of using biometrics. The paper reviews each method regarding its process, advantages and disadvantages, and applicability to the payments environment.

Much of the paper looks at biometrics, an authentication method that has received increased attention over the last year—partly because smartphones keep getting smarter as folks keep adding new applications, and as manufacturers keep improving microphones, cameras, accelerometers, touch sensors, and more.

The table lays out six key characteristics that we can use to evaluate a biometric system for a particular application.

New_characteristics_table

The use of biometrics will be the subject of an upcoming forum hosted by the Retail Payments Research Forum later this fall, so stay tuned as we finalize the date and agenda. In the meantime, if you have any comments or questions about the working paper, please let us know.

Photo of David Lott By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

May 4, 2015 in authentication, biometrics, emerging payments, innovation, mobile banking, mobile payments, risk management | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01b8d10cb742970c

Listed below are links to blogs that reference Keeping Up with the Criminals: Improving Customer Authentication:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

January 12, 2015


Forming a More Perfect Union (for Faster Payments)

Thus far, conversations about the basic idea of moving ahead with near-real-time payments in the United States have been positive. However, the thorny business of "walking the talk" hasn't begun. When the time comes to do so, I expect less comity.

The degree of fragmentation in the United States—within both the public and the private sector—is significant. Consider the public side first. To avoid listing each entity that has a stake in payments services, let me sum it up by saying that if we had a box of Alpha-Bits, we'd run out of letters long before we put together the acronyms of all the agencies and organizations. On the private side, fragmentation starts with merchants and banks but includes mobile and third-party providers as well. These groups are vital to the success of any effort to improve payments, but they don't move in lockstep. In the end, for a faster scheme to work, the public and private sides have to work through their respective issues—and then come together.

Whether we're considering the public or the private side of things, some of the trickiest questions look like this:

  • What will faster payments cost and who will pay?
  • Will certain interests lose from the success of faster payments in the United States while others win?
  • Can we build a faster system quickly and flexibly enough before the next wave of technological advancement makes the current vision obsolete?
  • What are the rules, and who will administer and manage them?

While you ponder those questions, consider this excerpt from the United Kingdom's Payment Systems Regulator consultation paper (November 2014):

    The Payment Systems Regulator (PSR)…will become fully operational in April 2015. The PSR is a subsidiary of the Financial Conduct Authority (FCA), but it is an independent economic regulator, with its own objectives and governance.

    In setting up the Payment Systems Regulator, the Government highlighted four aims for UK payment systems:

  • UK payment networks that operate for the benefit of all users including consumers
  • a UK payments industry that promotes and develops new and existing payment networks
  • UK payment networks that facilitate competition by permitting open access to participants or potential participants on reasonable commercial terms and
  • UK payment systems that are stable, reliable and efficient.

The Government's assessment was that there were problems in each of the first three of these areas, and that the best way to tackle these was to create a payment system regulator. The Government noted particular areas of concern, including ownership, innovation and access to payment systems…. [W]e believe that our regulatory package will address the underlying issues and concerns that led the Government to setting us up. However, should our proposals fail to do this, we will…consider further use of our competition and regulatory powers to take action as appropriate.

That's one way governance issues could be resolved here. Another way is revealed through a study of the evolution of the ATM networks. Consider that landscape circa 1980s and then contrast it to today. I can't do justice to that history in a single post but suffice it to say that the issues faster payments currently face look similar to those the ATM industry faced. Back then, the market figured things out. Such a course may be slower than a mandate, and there will be failures and angst. Will the United States need a PSR to direct us to faster payments, or will the market figure it out?

By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed


January 12, 2015 in emerging payments, regulators | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01b8d0b82c98970c

Listed below are links to blogs that reference Forming a More Perfect Union (for Faster Payments):

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

January 5, 2015


Can Insecurity Keep Us from Faster Payments?

Helen Keller once said, “Security is mostly a superstition. It does not exist in nature.… Avoiding danger is no safer in the long run than outright exposure.” It is unlikely that Ms. Keller was considering real-time payments when she offered this perspective, but this post will.

As part of its broad effort to chart a future for payments, the Federal Reserve conducted a Payment Security Landscape Study. It was no surprise that the study highlights “persistent and ever-changing threats” as a given within payment systems. The study suggested several improvement or focus areas:

  • Improve industry coordination to increase the timely adoption and implementation of technology, standards and protocols.
  • Improve the protection of sensitive data that can be used to perpetrate fraud, including devaluing or eliminating such data from the payments process.
  • Strengthen authorization and authentication of parties and devices across all payment methods and channels and adapt approaches as the payment system evolves.
  • Improve the collection and reporting of aggregate data on fraud losses and avoidance.
  • Broaden access to actionable security and fraud threat information to payments system participants, including less technologically sophisticated participants and end users.

Applying Ms. Keller’s risk perspective to payments systems would suggest that work to prevent security breaches, fraud, or theft is futile. Fortunately, using the foregoing list as evidence, it’s clear that those considering the future of payments haven’t adopted this perspective. The most critical elements for optimizing the security of payments are all there, though some could surmise that detection or prevention measures have a disproportionate emphasis, with response measures perhaps rating as secondary. It is important to make sure that risk management is optimized across all three broad areas—prevention and detection, yes, but also response. In particular, in the context of response, the enforcement landscape will need to be ordered such that consequences for perpetrators are both timely and proportionate to the harm a given incident may cause. User protections will need to evolve as well.

If one agrees that advancing faster payments offers rewards and that holding back doesn’t promise freedom from harm, it’s encouraging to observe industry direction. Indeed, it seems reasonable to conclude that faster payments scheme architects will heed the notion that real-time payments will require real-time security. Particularly encouraging is that the discussion on payment security is at the center of industry dialogue and likely to remain so as the work to advance faster payments continues.

By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed

January 5, 2015 in consumer protection, data security, emerging payments | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01b7c72c9476970b

Listed below are links to blogs that reference Can Insecurity Keep Us from Faster Payments?:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

Google Search



Recent Posts


October 2017


Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        

Archives


Categories


Powered by TypePad