Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
June 25, 2018
Down but Not Out
As I noted in my last post, consumer habits are sticky when it comes to cash. Despite the many ways to pay, consumers make almost one-third of payments (by number) in cash. But sometimes cash just isn't an option. You can't use cash to buy a snack on an airplane, for example. This week, I look at factors about merchants that constrain consumers' payment options, including their unwillingness to accept cash for in-person payments or their inability to accept cash for online payments. (My colleague Doug King touched on cashless locations a couple of weeks ago.)
At the in-person point of sale, merchants' willingness to accept a payment instrument could affect the prevalence of cash. Consumers obviously cannot use cash when merchants will not accept it. Recent headlines (here and here) suggest that some quick-service restaurants, coffee shops, and food trucks may be growing reluctant to accept cash. As an example, here's a picture of a sign on a San Francisco food cart in late May.
The flip side of a merchant's unwillingness to accept cash is the merchant's willingness to accept card payments for ever-lower dollar values. And indeed, the average dollar value of card payments is dropping. For instance, the average dollar value of an in-person, non-prepaid debit card purchase fell from $35 in 2012 to $32 in 2016 (Federal Reserve Payments Study: 2017 Annual Supplement). This trend could indicate that merchants are increasingly agreeable to accepting cards for small-dollar transactions.
Consumers show they are aware of evolving merchant acceptance. The 2017 Survey of Consumer Payment Choice reported that consumers rate credit and debit cards highest for acceptance, with cash coming in third. The survey asked respondents to rate how likely each payment method is to be accepted by stores, companies, online merchants, and other people or organizations.
At the online point of sale, cash is not an option. (However, Doug mentioned in that same post that at least one online retailer is trying to make cash possible.) The share of purchases made online is still small—just about 12 percent of retail goods and services by number (2017 Survey of Consumer Payment Choice). Yet over the past four years that share has steadily increased. Data about remote card purchases in the Federal Reserve Payments Study (2017 Annual Supplement ) show the growing importance of online purchases. As Jessica Washington noted in her post in early May, remote card purchases grew more rapidly from 2015 to 2016 than did in-person card purchases, measured by both number and value.
Despite these developments, cash continues to dominate quick purchases. In October 2016, consumers paid for about half of their fast food purchases with cash. They used cash for 62 percent of convenience store purchases (2016 Diary of Consumer Payment Choice).
Cash has had staying power over decades of technological innovation. It may be down, but it isn't out.
To learn more about consumer payment choices and preferences, visit the Federal Reserve Bank of Atlanta's new consumer payments web pages that house a variety of surveys, studies, and research reports on the topic.
By Claire Greene, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
June 18, 2018
Thinking about My Grandmother and Future-Proofing Payments
I often reminisce about times I spent with my grandmother. She passed away when I was only nine years old, but fortunately left me with a host of memories that I cherish. How I loved our trips to Walden Bookstore in the Hickory Ridge Mall whenever she'd visit us in my hometown of Memphis. We'd pick out a book or two and then return home to read them together. I often wonder what she would think about my family's book shopping and reading habits today. Online bookstores, e-readers, and audiobooks downloaded or streamed onto mobile phones would be completely foreign to her as the technology behind these was not even around during her lifetime! How could she ever have known how the world of books would evolve?
And this brings me to the notion of future-proofing payments. Mobile payments just might be the hottest topic when payment professionals get together to discuss the future of payments. It makes sense to think that maybe one day our mobile phones will replace our debit and credit cards and maybe even cash. But to date, the mobile phone has not done for cards and cash what it has done for mp3 players, digital cameras, and portable navigation devices, to list just a few things. Perhaps we need more time for mobile phones to transform payments—or could it be that payments as we know them today will be made over by a technology or device that is not yet widely available or even conceived? Is it possible that the primary payment methods we use today can withstand the test of time and remain our primary methods for many more years? Thinking about my grandmother and books, maybe future-proofing payments is a losing proposition and we should be nimble, ready to adapt to whatever changes come our way.
Join me for the Atlanta Fed's Retail Payments Risk Forum's latest Talk About Payments webinar on Thursday, June 28, from 1 to 2 p.m. (ET), when I will explore the future of mobile payments at the point of sale by first considering the debit card's long rise to prominence. Participation in the webinar is complimentary, but you must register in advance. After completing registration, you will receive a confirmation email with all the log-in and toll-free call-in information.
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
June 11, 2018
Consumer Habits and Cash Use
As my colleague Doug King pointed out last month, cash is not going away anytime soon, Yanny/Laurel notwithstanding. By number, almost one-third of U.S. consumer payments were made in cash in 2017. Every year since 2008, the Survey of Consumer Payment Choice has found that cash is consumers' most popular or next-most-popular way to pay.
Many factors underlie cash's resilience, including access, current shopping habits, consumer ratings, and demographics.
Universal access. Paypal's chief financial officer commented to the Wall Street Journal earlier this year, "I don't think we will ever be entirely cashless, maybe in large part because I don't know if we will ever be in a world that every person has a smartphone or a mobile device."
Shopping habits. Most purchases—nine in 10—are made in person, not online (2015 Survey of Consumer Payment Choice). And when shopping in person, consumers prefer cash for small-dollar transactions. Two-thirds of U.S. consumers report that they prefer cash for in-person payments of less than $10 (2016 Dairy of Consumer Payment Choice). Forty percent prefer cash for in-person payments between $10 and $25.
Consumer ratings. Consumers say cash is the most cost-effective way to pay. The Survey of Consumer Payment Choice asks respondents to rate the cost of using a particular payment method, taking into account that fees, penalties, interest paid, etc. can raise the cost of a payment method, while discounts and rewards can lower it.
Demographics. People with fewer payment options use cash. That includes low-income people who have less access to credit cards as well as people without bank accounts who have no access to non-prepaid debit cards. It also includes millennials, who used cash for almost 30 percent of their payments in 2016 (Diary of Consumer Payment Choice).
You probably already know that card payments dwarf cash payments—almost 60 percent of consumer payments are made with some type of card, whether it's debit, prepaid, or credit. Yet cash persists. Recently, a new acquaintance told me he "never" uses cash. As evidence, he reported that he had no cash in his pocket, explaining "that's because I used my last $2 to buy coffee this morning."
Hmm. What does this say about the health of cash? What Dave Lott wrote in 2016 is still true today: not dead yet.
Next post: Merchant acceptance and the use of cash
To learn more about consumer payment choices and preferences, visit the Federal Reserve Bank of Atlanta’s new consumer payments web page that houses a variety of surveys, studies, and research reports on the topic.
By Claire Greene, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
June 4, 2018
The GDPR's Impact on U.S. Consumers
If your email inbox is like mine, it's recently been flooded with messages from companies you’ve done online business with about changes in their terms and conditions, particularly regarding privacy. What has prompted this wave of notices is the May 25 implementation of Europe's General Data Protection Regulation (GDPR). Approved by the European Parliament in April 2016 after considerable debate, the regulation standardizes data privacy regulations across Europe for the protection of EU citizens.
The regulation applies to both data "controllers" and data "processors." A data controller is the organization that owns the data, while the data processor is an outside company that helps to manage or process that data. The focus of the GDPR requirements is on controllers and processors directly conducting business in the 28 countries that make up the European Union (EU). But the GDPR has the potential to affect businesses based in any country, including the United States, that collect or process the personal data of any EU citizen. Penalties for noncompliance can be quite severe. For that reason, many companies are choosing to err on the side of caution and sending to all their customers notices of changes to their privacy disclosure terms and conditions. Some companies have even gone so far as to provide the privacy protections contained in the GDPR to all their customers, EU citizens or not.
The GDPR has a number of major consumer protections:
- Individuals can request that controllers erase all information collected on them that is not required for transaction processing. They can also ask the controller to stop companies from distributing that data any further and, with some exceptions, have third parties stop processing the data. (This provision is known as "data erasure" or the "right to be forgotten.")
- Companies must design information technology systems to include privacy protection features. In addition, they must have a robust notification system in place for when breaches occur. After a breach, the data processor must notify the data controller "without undue delay." When the breach threatens "risk for the rights and freedoms of individuals," the data controller must notify the supervisory authority within 72 hours of discovery of the breach. Data controllers must also notify "without undue delay" the individuals whose information has been affected.
- Individuals can request to be informed if the companies are obtaining their personal data and, if so, how they will use that data. Individual also have the right to obtain without charge electronic copies of collected data, and they may send that data to another company if they choose.
In addition, the GDPR requires large processing companies, as well as public authorities and other specified businesses, to designate a data protection officer to oversee the companies' compliance with the GDPR.
There have been numerous efforts in the United States to pass uniform privacy legislation, with little or no change. My colleague Doug King authored a post back in May 2015 about three cybersecurity bills under consideration that included privacy rights. Three years later, for each bill, either action has been suspended or it's still in committee. It will be interesting to see, as the influence of the GDPR spreads globally, whether there will be any additional efforts to pass similar legislation in the United States. What do you think?
And by the way, fraudsters are always looking for opportunities to install malware on your phones and other devices. We've heard reports of the criminal element using "update notice" emails. The messages, which appear to be legitimate, want the unsuspecting recipient to click on a link or open an attachment containing malware or a virus. So be careful!
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
- In Payments, What I Say May Not Match What I Do
- Organizational Muscle Memory and the Right of Boom
- Remote Card Fraud: A Growing Concern
- Three Views of Noncash Payments Fraud
- An Ounce of Prevention
- Safeguarding Things When They’re All Connected
- Racing Ahead in the Wireless Space
- Insuring against Business Email Compromise Fraud
- The Case of the Disappearing ATM
- The First Step in Risk Management
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- online retail
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud