PSD2: The Race to the Consumer

The following things have been clear for a while:

  1. The three and four party models represented by the card schemes are in real danger of being disintermediated as mobile technology advances;
  2. The use of plastic will only begin to fade when consumers have a compelling reason to move, mobile payments alone is insufficient;
  3. Retailers are desperate to engage consumers much earlier in the buying process, as well as for a long time after it;
  4. Identity Management and Authentication will take their rightful place in payments and beyond; and
  5. The average consumer has no idea what they want

What has NOT been clear [to me anyway] is what will be the impetus for thing to actually change, and I never thought it would be a regulation.

But that is exactly what is happening here in the EU. Even a cursory examination of the Payment Services Directive 2 (PSD2) makes it clear that the established order is changing. It has already been adopted by the European Parliament, and adoption by the EU Council of Ministers is only a pending formality. Once published, each of the EU countries has just 2 years to write the Directive into their laws.

If you had to distill the PSD2 into its major players, they would be;

  1. Account Servicing Payment Service Provider (ASPSP) – Usually the banks, these guys will need to open up account data once they have received permission to do so from the consumer.
  2. Account Information Service Providers (AISPs) – Aggregators of data received from ASPSPs
  3. Payment Initiation Service Providers (PISPs) – Can initiate a payment, but can only provide a ‘Yes’ or ‘No’ in terms of funds availability.

It’s the AISPs that are truly the new guys on the block. Imagine it; a non-bank Third Party Provider (TPP) can, once properly vetted / ‘licensed’ request all the information from all of your banks / financial institutions and display it to you in a single location! The possibilities to money management alone are enormous, but it’s retail that will be the big winners. Well, some retailers.

The reason that retail and TPPs alike should be dribbling at the thought of this is that these centralised ‘Money Managers’ (MMs) are the perfect location to begin the buying process.

You want to buy a TV, so you open your MM app which has already gone through the effort to combine feeds from all of the following:

  1. Retailers – If retailers do not provide feeds of stock, deals, locations, terms and so on, these will not be presented to the consumer as an option
  2. Ratings & Reviews – Few people realise what goers into those 5 stars you see on Amazon and the like, but you’d be surprised how much influence they have
  3. Your Finances – No point looking if you can’t afford it

Then, once you have gone through a nice friendly wizard to narrow down what you are looking for, your MM goes out and looks for the best deal, AND offers you the best payment terms from all of your lenders. And the WAY you pay? What do you care, the MM has already determined the best way and took care of the detail?!

Those steps may not sound all that radical, but there are two incredibly important facts here:

1) the holder of your money has become far less relevant, so even the banks themselves are losing the Race to the Consumer, and

2) consumers will stop caring HOW they pay in terms of channel, making every other intermediary in the current payment ecosystem irrelevant.

This is what your money is, a stored value, why SHOULD you care if it’s direct debit, standing order, or branded card as long as it’s the best deal for you. It all comes back to you anyway.

[If you liked this article, please share! Want more like it, subscribe!]

Invisible Payments, Are They Real?

In short, yes, they WILL be, but like everything worthwhile there is a significant cost involved. In this case, the currency will be your identity, and the more invisible you want payments – or any transaction for that matter – to become, the more of your identity you will have to spend. In this case, there is a direct correlation between your identity, and your privacy.

First, what is an invisible payment? Seeing as Wikipedia hasn’t even got a listing yet, I’ll take a stab at defining what invisible payments are to me;

A payment can effectively be called invisible when there is limited to no interaction required by the payment initiator (consumer) to complete the authorisation and settlement of a transaction.”

Any fan of Star Trek has seen this in play for decades. When was the last time you saw Captain Kirk reach into his pocket for a 10 spot or a credit card? Did he have to use biometrics or a swipe card to get onto the bridge? Maybe, but we saw none of it, and that’s the point.

Imagine this scenario; You walk into Sainbury’s and pick up a basket, then walk up and down the isles choosing your items. Once you have finished shopping, you walk out to your car [optionally] without any further interaction whatsoever.

What was the process?

  1. As you walked in, any number of authentication mechanisms were at play; from smartphone proximity (NFC), to facial and/or gait recognition, to whatever biometric innovation comes next;
  2. Both the shopping carts and the baskets could be easily be fitted with fingerprint, vein, hand geometry recognition sensors in order to assign the subsequent basket contents to you;
  3. As you place items in the basket, they are scanned and optionally listed on your mobile device for a running total / loyalty benefits / instant coupons and the like;
  4. Walk through a final scanner into a bagging area, or just go straight to your car, either way your final tally is calculated and the funds directly charged to the payment option of choice. It’s up to you if you want to authorise the final payment with a PIN number and/or biometric on your smartphone; and
  5. Everything you just purchased is now available on your home database for tracking of ingredients for a meal, expiration dates and so on.

While the majority of the technology behind this transaction is more in the realm of the Internet of Things (IoT), the payments aspect is an extremely simple form of Identity Management on smartphones. What’s more, all of this technology is available today, the only thing missing is the demand.

There will be 2 extreme camps to the above scenario; 1) Where do I sign-up!? and 2) Never in a million years!

Most of us will be somewhere nearer the middle, and it should be clear that the further you get in to the ‘sign-up’ camp the more of yourself you have had to share. When it comes to invisible payments – and IoT for that matter – the convenience described above came at a cost to your privacy. And until security catches up with technological innovation, that cost is seen by most to be too high.

That’s the demand I mentioned above, and while scenarios like this will be common place one day, we’re not quite there yet.

[If you liked this article, please share! Want more like it, subscribe!]

New Payment Technology: A Race to the Bottom?

In a recent article on; 68 PERCENT OF PAYMENTS PROS SAY NEW TECH INCREASES RISK; “68 percent of [payment-systems professionals] say pressure to migrate to new payment systems puts customer data at greater risk instead of making it safer, according to a new survey by Experian and the Ponemon Institute.” This relates to EMV and mobile payments, but it is unclear exactly to which technologies they refer.

What it does not say is whether the insecurity is due to the pressure of the migration itself (which is implied), or to the inherent insecurity of the underlying technologies. These are two radically different concepts, from which the reader can draw wildly different conclusions.

As in any business, the pressures of maintaining a competitive advantage can lead to some very poor business decisions, and without a robust governance function unsecure systems can easily find their way into production untested. However, if the article is suggesting that it’s the new payment systems themselves that are the issue, we would strongly challenge that argument.

There exists today payment technologies whose security is far in advance of those possible for the legacy non-cash and non-chip based payment infrastructures. Mobile devices alone are capable of multiple multi-factor authentication mechanisms through every-day use. Integration of this technology is held up by many factors, but perceived insecurity of the data should not be one of them. EMV is also far more secure than mag stripe (for example), and the combination of chip and PIN is even more secure.

It is difficult to understand how you could introduce EMV unsecurely given its self-contained nature, but mobile payments is something altogether different and is easily addressed by the implementation of appropriate products and due diligence. This may well be what is of the most concern to those surveyed.

With regards to technology in general, and retail especially, neither the payment method itself nor security are core functions. Being paid for the goods is. It’s not surprising that that; “Only 51 percent of the Experian/Ponemon respondents agreed that “the security of electronic payments is a top priority issue” for their organizations.” In fact, we suspect the only reason it’s that HIGH is because Experian/Ponemon were talking to payment-system professionals and not the CEOs.

EMV roll-out in the US was never going to be completed by this October, and even 2020 is doubtful. The reasons for this are myriad; from the expense (which is significant), to investment only in technologies that are not future-proofed, to analysis-paralysis related to loyalty and value-add services, and to a trend toward competitive edge based on customer service alone all play a part in a decision that can quite literally make or break an organisation.

A payment, in its simplest terms, is a transfer of value from one place to another. Getting those payments transferred is a multi-trillion €/£/$ industry which has yet to provide the kind of leadership merchants are looking for. In the end the only thing that matters is that the consumer is able to securely authenticate themselves and make the transfers they want, when, where, and however they want, and it’s clear that current technology falls short.

EMV and tokenisation are security patches while the payments ecosystem transitions to mobile, and delays in implementation of either of these technologies is a direct result of retail’s inability to double their investment in payment acceptance channels, as well as their inability to know which of the technology horses is going to win the race.

[Ed. Written in collaboration with]

Payments Innovation Should NOT be Disruptive!

By now I think everyone has heard the phrase ‘Disruptive Innovation’, as defined by; “an innovation that helps create a new market and value network, and eventually disrupts an existing market and value network (over a few years or decades), displacing an earlier technology.“. This phase is especially bandied around in payments.

But how many of you have heard the phrase; ‘Sustaining Innovation’, which; “does not create new markets or value networks but rather only evolves existing ones with better value, allowing the firms within to compete against each other’s sustaining improvements.

So if you accept that a payment itself is just a way for you to access your stored value (what we call money) any time / place of your choosing, why is everyone so interesting in disrupting the existing payment ecosystem? And by “everyone” I of course mean those who are trying to either break into market, or those trying to wrest even more control for themselves. Non-cash payments work [for the most part], and you have a large degree of faith in your bank’s ability to protect your monetary assets, do you really want the whole thing to change? Do you even know what it is that you want that’s different from what you have today?

Do things even need to change? Yes, they do. Are there innovations available NOW that make the payments process easier, cheaper, and more secure for the consumer? Yes, there are. Can we expect the entire payment industry to throw out everything they have spent billions on over the last few decades, are used BY billions, just to make room for every start-up with a good idea? No, we can’t, and that’s the real issue here.

In the last 10 years there have only been 2 true disruptors in the payments industry; the mobile phone, and block chains (Bitcoin et al), neither of which has achieved anywhere near its full potential. Yet. Not because the technologies are flawed [necessarily], but because the introduction OF the technologies was done poorly. For mobile devices, the payments challenges included the ‘fight’ between NFC and BlueTooth, the numerous options for security on the device (Secure Elements, Trusted Execution Environments and so on), and the presumed insecurity of the technology overall. For block chains is was, and still is, the almost complete lack of understanding of how they even work in the first place. I’ve looked into them and I still find the concept nearly incomprehensible.

But even these disruptors need current context, and they represent a fundamental shift from our overly complicated view of payments back to its basics; I go to work to earn value (money), the value gets stored somewhere (a bank), and I access the value when I want it regardless of time or location (mobile payment). This would suggest that the only disruption we really need is the disintermediation of some of the players. There are simply too many middle-men whose only input to the new world of payments will be value erosion. Thank God the Mobile Network Operators (MNOs) are too busy bickering amongst themselves or this would be even more complicated!

As a consumer who has a very good idea of what he want to see change, I know that only those who help the payments industry evolve will have a lasting positive impact, and this will only be though collaboration and fair competition.

The greedy can stay home.

[If you liked this article, please share! Want more like it, subscribe!]

On Disabilities In Payments

Have you ever wondered what it would be like to go through life blind? Or with a learning disability? Or perhaps what it will be like when you’re older and your mental acuity is not what it once was?

What must it be like to be almost totally reliant on loved ones, or worse, the honesty and goodwill of complete strangers?

I readily admit, these are not thoughts that I have very often, as any disabilities I have relate to my sparkling personality. However, I am now in a position to HAVE to think about it and it’s more than a little humbling to see what those with physical or mental challenges have to go through.

For the purposes of this blog, I will restrict myself to issues related to non-cash payments, as that is my skill-set, the limit of knowledge on the subject of disabilities, and there is more than enough material to fill several blogs, lets alone this one.

The issues faced today centre on the fact that the only ubiquitous form of non-cash payment is the branded credit / debit card (Visa, Mastercard et al), and both the cards themselves and the infrastructure necessary to accept them is geared almost entirely to those without any sort of disability. In fact, even if you wanted to make changes to the infrastructure, the effort would be entirely prohibitive given both the limited return on investment and the absence of any legislation.

For example, according to Action for the Blind there are approximately 360,000 in the UK with ‘sight loss’ (total population ~64M), yet the number of people who can actually read braille is under 20,000. So even card terminals with braille overlays are more for marketing / image purposes than actually providing a means for expanding independence. Terminal manufacturers don’t have to spend more, so why would they?

According to Dr. John Gill, one of the UK’s leading experts in the field of disabilities, challenges for the disabled related to non-cash payments go way beyond issues with sight. The elderly, for example, not only begin to have challenges with vision, but their declining ability to handle abstract concepts, hand tremors and even an aversion to / fear of new technology means that payment innovations will be largely avoided by this group. Especially if their individual needs are not built in from the beginning.

I have posited in previous blogs that mobile devices are far better placed to enable cashless payment for those with disabilities, but it’s clear that this will only be the case if considerable thought is put into the challenges from the outset. ‘Consistency of Interface’ (Dr. Gill’s primary interest), simplification of available technologies, and setting of individual preferences across all payment front-ends will all be required before adoption of mobile technologies is available to everyone.

Well, almost everyone.

Too many technologies aimed at disabilities are nothing more than smoke-and-mirrors, and any effort on the part of manufacturers is aimed at demonstrating that they are good citizens. And while there can and will never be 100% adoption of mobile technology, it represents a significant advance over current systems which are now in their 6th decade of use.

Payment systems for those with disabilities must be able to address the following or they will simply not be used:

  1. Consistency of Interface – Terminal manufactures have some standards they need to apply to their devices, but constancy of interface is not one of them. Even as a sighted person, I sometimes have an issue with where to put my card, where the OK button is, how to apply tip (or not) and so on. However, I CAN read the total, what are the options for those who can’t?
  2. Swiss Army Knife Approach – I love technology and innovation, yet even I use a fraction of the abilities of my phone. The elderly not only use even less, they want to SEE less available. The drive is for more and more functionality, but no-where is there an option for less, and until there is, adoption in the elderly will be limited.
  3. Non Reliance on Biometrics – You just have to look at payment innovation and see that biometrics will be a major factor. This ridiculous concept from MasterCard for example; MasterCard, Zwipe announce fingerprint-sensor card. But what about those with deformities, injuries, mobility issues? Apparently people who work with concrete or pineapples have fingerprint issues, as do those on various forms of chemotherapy. Who knew?
  4. Size of Keypad – Something as simple as this can result in the avoidance of non-cash payments. Combine a small PIN pad with low contrast fonts and you have just lost a payment.
  5. Learning Disorders / Mental Acuity Challenges – How do current payment technologies handle dyslexia? Or short-term memory loss? Or the onset of dementia? The use of the PIN is about as ubiquitous as the cards they authenticate, yet even this is out of reach for some. But who says the ‘PIN’ has to be numbers, can’t it just as easily be a picture of loved ones, or some other individual preference?

Clearly I am only scratching the surface here, and while there is no solution that will ever make everyone happy, there is a LOT more that can be done to make life easier for those with disabilities. Mobile devices are not perfect, but they represent a  considerable advantage over current payment technologies in terms of adapting preferences to an individual.

All we need is the attention this deserves.


[Note: A very special thank you to Dr. John Gill who was very generous with his time and his guidance. Please see for more on this subject.]