Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
October 26, 2009
Survey shows risk concerns slow adoption of cell phones for mobile payments
Cell phones may be everywhere, but adoption of the devices as mobile payments delivery channels by financial institutions and consumers faces an array of obstacles. These include concerns about security risk, consumer demand, and revenue according to a 2008 survey of New England depository financial institutions on mobile banking by the Federal Reserve Bank of Boston (FRBB) and the New England Automated Clearing House Association (NEACH). The results are published in a joint paper titled "Mobile Banking in New England: The Current State of the Market." The paper describes the enabling technologies, barriers, and associated risks with mobile banking services from the perspectives of the more than 300 banks and credit unions in the New England region that participated in the survey.
The state of mobile banking in the United States
Financial institutions have different value propositions for mobile banking services. Most financial institutions are absorbing the expenses associated with mobile offerings to remain competitive and retain depositors while some view it as an extension of their online banking services, including routine call center inquiries with self-service bank inquiries. Mobile banking may also appeal to unbanked consumers, particularly for remittance services.
The report noted that consumer adoption might be improved with efforts to provide better education on the benefits and risks of mobile banking and payment services. Concerns with security may be addressed by implementing multifactor authentication controls on handsets, using antivirus software, as well as imposing transaction limits, to name a few.
Perhaps the most notable conclusion presented in the report is that better collaboration between mobile participants is necessary. The entry of mobile network operators (MNOs) into the payments arena may create competition for financial institutions providing mobile payment services. Numerous conflicts exist between MNOs and financial institutions because of their starkly different business models and disagreement over customer ownership. Wide-scale adoption of mobile banking and payments going forward may depend upon the future cooperation of the telecom and banking industries to establish a sound and effective mobile banking environment.
Security risk a key barrier for mobile banking
While 43 percent of the respondents indicated that they plan to offer mobile banking services in the next three years, almost half reported no plans to offer mobile banking. The reasons for not offering mobile banking included the lack of customer demand, inadequate resources, and concerns about security.
In fact, when ranking the top three barriers to adopting mobile banking services, the survey respondents ranked security as their top concern.
Most planned services bill-pay related
For financial institutions that currently offer mobile payment services (in addition to mobile banking services) or plan to do so, the most popular response, at 87 percent, was bill payment through online banking systems. Other popular choices included sending bill payment alerts, payments at the point of sale, and online purchases through the Internet.
A fledgling market in transition
The survey concluded that much work needs to be done to encourage adoption because of the current state of customer demand, safety, and value proposition for financial institutions, especially for the smaller FIs and Credit Unions. It reports that despite media excitement about the future of mobile banking and payments, the market needs time to engage the numerous parties at the proverbial table, including the MNOs, the handset makers, and financial institutions themselves, to alleviate real and perceived barriers to adoption.
By Cindy Merritt, assistant director of the Retail Payments Risk Forum, and Jennifer Grier, senior payments risk analyst at the Atlanta Fed
October 20, 2009
Building a bridge: Will proactive discussions of fraud concerns help drive financial services and telecom industry collaboration in the emerging mobile payments context?
Much has been written in this blog and elsewhere about the emergence of mobile phone-enabled payments. Recently, we had the pleasure of attending two excellent conferences that stimulated thinking about how the lines between two major industries, telecoms and financial services, are beginning to blur. First was the Finovate 2009 conference in New York. Among a wide array of financial services technologies and business model demos presented was a fascinating lineup of emerging methods for accomplishing payments transactions using the mobile phone. Clearly, much new innovation is emerging in this area. Technology providers are building bridges between banks and telecoms in this environment. All of this fertile stew of ideas bears watching in the years to come.
Second, we recently attended a joint session put together by the Santa Fe Group Vendor Council and the Communications Fraud Control Association in Atlanta. This meeting offered an opportunity for those thinking about fraud controls in the payments arena and those concerned about fraud in the communications (telecoms) industry to begin to discuss issues of mutual concern as mobile payments emerge in the United States and abroad.
For example, issues at the table included the following:
- Registration protocols vary significantly between mobile services and bank payment services. This variation can complicate the forensics on a fraudulent transaction in the aftermath as either investigators within banks or telecoms or law enforcement may find it very difficult to map a transaction to a particular person through mobile payments channels.
- Authentication protocols are also differentiated because of regulatory requirements and industry practices. These protocols complicate investigations as varying audit trails create complexities.
- Malware concerns such as SMiShing in mobile phones are emerging and may be creating new and poorly understood vulnerabilities and hacker threats in the payments environment.
- Fraud detection "flags" may not be translated or communicated well between the two industries. What happens when a phone is reported as lost to the mobile carrier, and it is a fully enabled mobile wallet? Does the bank with whom the customer is affiliated also need to be notified? Does a compromised account at a bank also need to be reported to the telecom provider when the phone is a transaction device?
- Are fraud investigators duplicating efforts when they investigate a fraudulent episode involving a mobile payments transaction? How could these efforts be better coordinated?
- Do privacy restrictions in the banking and telecom environments create undue barriers to sharing of useful information to help track down bad actors?
- If a payment transaction is reliant upon an “always on” mobile connection, what happens to the transaction when and if a connection is lost midstream? Who is responsible? What about the fraud risk?
These and other issues were raised in the context of the discussion, and all agreed that further elaboration of these issues was needed to determine the best opportunities for collaborative action. However, it seemed clear that when it comes to fraud, open channels between the two industries could go a long way to ensuring effective deterrence and loss mitigation in the mobile payments environment.
On a larger scale, these conversations are likely to deepen as many of the emerging mobile payments business models take hold. In this emerging environment, collaborative cross-industry work on fraud issues could be a positive launching point for breaking down industry silos for the good of financial services and telecommunications companies, and it could benefit their customers, which will in turn further support the utilization of all those innovative mobile payments models we heard about at Finovate.
By Clifford S. Stanford, assistant vice president and director of the Retail Payments Risk Forum at the Atlanta Fed
TrackBack URL for this entry:
Listed below are links to blogs that reference Building a bridge: Will proactive discussions of fraud concerns help drive financial services and telecom industry collaboration in the emerging mobile payments context?:
October 13, 2009
Patenting the payments system--New developments in patent law may have dramatic impact on payments players
A seemingly obscure point of interpretation of U.S. patent law could have meaningful impact on innovation in the payments market. This interpretation could affect new players and existing players alike and deserves attention. Investments in innovative new payments technologies always carry risks. Investments can fail if the business model does not come to fruition. Poor understanding of vulnerabilities in new technology could open up new opportunities to fraudsters or simply could alter risks for parties to the transaction or providers of the transaction service itself. However, those same investments in payments innovation could also serve to strengthen the defenses to various risks, thereby improving the overall picture for all.
On November 9, 2009, the Supreme Court will hear the Bilski case, which draws into question the viability of business method patents. This is a subcategory of the range of patents that have been issued in recent years for payments-related innovations described in a previous Portals and Rails post. In particular, Bilski will address the issue of whether U.S. patent law requires that the subject matter of patents be reflective of machines or some physical transformation of matter. Included in this issue is a question of whether abstract ideas that mention computers as a means to reduce the idea to practice are patentable as well. This case could affect the calculus for making new payments technology investments overall.
Some feel that a ruling by the Supreme Court that limits patentable subject matter to exclude business methods will negatively affect a wide array of innovations, including those for the manipulation of information, whether or not implemented by computer. Others, including some from the financial services industry, feel that business method patents should be limited or eliminated and that progress and innovation will in fact be strengthened as there will be less threat of suit by those who obtain monopoly patent rights on "abstract ideas."
Payments innovations are firmly ensconced as part of the "knowledge economy." In the payments context, as reported in this blog and elsewhere, there are a dynamic array of technology and business model developments and an ongoing stream of new patents and patent applications. Just think of the array of new ways that payments can be accomplished using the Internet in the past 10 years or so. Many of these existing and future innovations may be affected by the Bilski decision one way or the other.
Patents have been seen as a key tool to reward financial services innovations and as a means for new entry into various market segments. Patents also serve to disclose publicly the nature of the invention, which helps to drive other, follow-on innovations. Over the long term, limiting patent protection for business methods could alter the reward incentive structure for payment innovations. Or it could remove an impediment to product investments in payments as there is less threat of suit, which may allow for more rapid deployment of innovative new products and services.
The Supreme Court's decision in Bilski could have a dramatic impact on the payments marketplace as competitors may have to adjust their sights in terms of how they protect and deploy their innovations. New players in the marketplace may find it more difficult to enter the payments markets while existing players may or may not have their market positions strengthened.
For now, the jury is out, so to speak. To get a deeper sense of the issues being considered, see the related briefs filed with the Supreme Court.
By Clifford S. Stanford, assistant vice president and director of the Retail Payments Risk Forum at the Atlanta Fed
TrackBack URL for this entry:
Listed below are links to blogs that reference Patenting the payments system--New developments in patent law may have dramatic impact on payments players:
October 5, 2009
Mobile top-up for international remittances: New opportunities and new risks
The growth in the mobile telecommunication industry worldwide is driving the ubiquity of handsets, which in turn is expanding the reach of financial services across wireless networks in less developed countries.
Adding air-time value (industry parlance known as "mobile top-up") to a mobile phone represents a new method that some mobile network operators (MNOs) are using to provide payment services, particularly in emerging countries where financial services are scarce. One example is Safaricom's M-Pesa, offered in Kenya and Tanzania. This service uses money agents, often small village stores, to sell additional air time on mobile phones. This air time can then be used for nontelecom purchases of goods and services, or sent via text message (SMS) as a person-to-person (P2P) payment transfer, allowing the recipient to use the prepaid value.
A recent case study found improved financial access in years following the 2007 launch of M-Pesa. The availability of mobile payment services lessened the population's reliance upon more risky hand-to-hand transfers and has been widely reported as a positive development for these emerging economies. Initiatives such as the Mobile Money for the Unbanked (MMU) program supported in part by the Bill and Melinda Gates Foundation, are contributing to the expanded use of mobile financial services in emerging markets.
Mobile top-up is also emerging as a means for international remittances by allowing users in one country, such as the United States, to purchase mobile air time for users in other countries, thereby "topping-up" the recipient's account in the local currency. For example, Western Union recently announced a service to provide mobile top-up remittances within the United States for users of phones issued by LIME in the Caribbean. Because many international telecom operators have roaming agreements that span geographic borders, mobile top-up remittances can be far-reaching, with the recipient using the prepaid value on the mobile phone to purchase goods and services in the home country.
While these innovations have been shown to have positive impacts in terms of access to financial services in emerging markets and may offer a number of other efficiency benefits, they also alter the risk profile for service providers and those who monitor payments for criminal activity. Depending upon the business model and parties involved, regulatory and law enforcement agencies will have new issues to consider in terms of anti-money laundering and monitoring international payment flows under existing laws. These developments in the mobile top-up market deserve continued attention to ensure that effective policing of payment flows can ride alongside the positive developments in the emergence of a new means for movement of money internationally.
By Cindy Merritt, assistant director of the Retail Payments Risk Forum at the Atlanta Fed
- Looking for Partners in Safer Payments
- The Range of Un-Friendly Fraud
- Payments Webinar October 10: Cash in the 21st Century
- "Insuring" Ransomware Will Continue to Flourish
- Designing Disclosures to Be Read
- Is There a Generation Gap in Cash Use?
- What the Most Convenient Food Tells Us about Payments
- Is Friction in Payments Always Bad?
- Why Should You Care about PSD2?
- At the Intersection of FinTech and Financial Inclusion
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- account takeovers
- ATM fraud
- bank supervision
- banking regulations
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- credit cards
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- financial technology
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- online retail
- Payment Services Directive
- payments fraud
- payments innovation
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- skills gap
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workforce development
- workplace fraud