Payments, room for a reset?

Control, Alt, Delete. It is still a wonder that almost forty years on from the first release of Windows, we are still expected to press a combination of these three keys, requiring two hands, in order to initiate an action. And not only are we expected to do it, we do it willingly, because it is the one thing we know will get us out of a sticky situation. There was a definite logic in using this sequence, but, as the IBM engineer who invented it – David Bradley – said “I may have invented it, but Bill Gates made it famous.”

What does all this have to do with payments? Well, in payments we also do things that are not entirely intuitive but which, through force of habit – and, most importantly, a strong network effect – we have come to accept as normal: memorise a four-digit number, input that into a black box, (it had to be black to be taken seriously….), and walk out with anything from a cup of coffee to a Rolex (or more).

It’s the instore payment experience that lasted for years. It has been complemented – but not supplanted – by contactless and mobile (Apple Pay, Google Pay) payments. One of the reasons that contactless and mobile payments have been successful is that they improve on the previous customer experience, reducing friction at the cost of an acceptable trade-off in security. Balancing these two factors will continue to drive payments innovation, though security is likely to become increasingly prominent.

Digital Identity – Who are you?

The PIN code, upheld by a broad and widely adopted legal structure has held up well since its adoption in the 1980s and 1990s in response to the alarming rates of fraud associated with cards and signatures. It assumes that if you know the number, then you are entitled to authorise the transaction. But it says nothing about who you really are. Although the cryptography protecting PIN codes remains robust and hacking is rare, there is an increasing need to identify the person making the transaction more robustly and to combine ‘something only I am’ – a biometric marker – with ‘something only I have’ – like a mobile phone. Expect better multi factor authentication that goes beyond SMS or email check codes to include biometric factors like palm vein, increased reliance on mobile as the default rather than the alternative, form factor and more sophisticated behavioural analysis, both for instore and online payments.

Obviously, AI and Machine Learning will play their part here both in predicting threats and in mitigating them and expect to see more use of Zero Trust architecture which does just what it says it does: assumes everyone has nefarious intentions and so authentication and verification becomes a continuous process.

In France, several of the leading banks have agreed to use their ability to identify clients securely and – with their customers’ agreement – to share their data with ecommerce sites, which among other benefits could reduce the need for strong authentication at payment.

In short, the need for better security will impinge on efforts to ameliorate the customer experience.

Is there room to disrupt?

In most developed economies it is impossible to understate the importance of the two global payment schemes, Visa and MasterCard in spreading usage of digital payments. Domestic schemes are of course important, as are local QR code based payments in some markets, but paradoxically for incumbents much of the innovation in usage has been driven by these schemes. It is easy to forget that when we pay with our phone using Apple Pay, the payment acceptance, authorisation and merchant settlement relies entirely on existing payment rails established by these two schemes, (though since extended to include some domestic and other schemes like American Express). Arguably, it is the fact that using a phone is so akin to paying with a plastic card is what made adoption so rapid. Once the consumer got used to showing their phone instead of a card, (not a given, but since their phone had already become an appendage anyway, not revolutionary either), there was little change to the rest of the ecosystem.

So there is much interest in how to disrupt the established way of doing things. Account-to-account payments, (sometimes using a QR code as an identifier), that bypass schemes and transfer money directly from the payer to the payee are definitely a trend and in some markets like Sweden and Poland have gained real traction, particularly for low-value transactions. But disrupting the existing ecosystem is not going to be easy. Changing the customer experience will require tangible benefits for the consumer who today is fairly satisfied with their payment experience. Add to that the consumer benefits of paying by card, (insurance, fraud protection…) and scheme payments will be a hard act to follow. Ultimately, the economics of it will likely be the deciding factor. If account to account payments (bypassing the schemes) can be economically cheaper for merchants and – critically – for consumers, then a market for these will develop.

What about the government?

An area generating a lot of noise is central bank digital currencies (CBDC). Forget about crypto payments and blockchain, not because they don’t have a place, but, for the same reasons outlined above their ability to radically alter how we pay is limited. (That’s true in the normal course of events, though events are currently anything but normal, so perhaps crypto use may develop faster than might otherwise be expected).

The players who really can change how we pay are at government level which is why CBDC may well take off faster than might ordinarily be expected. The mechanics of CDBCs vary, but as an instrument of government monetary policy, once implemented, and provided they have the requisite political backing, adoption could be faster than for other forms of payment. Reassuringly, work in this area in countries such as Canada, the UK and at the European Central Bank has concentrated on the user experience, recognizing rightly that this cannot be ignored if a CDBC is to be successful.

What does it all mean?

The payments industry has in the past been notoriously slow-moving. But acceleration – albeit from a low base – is in the air. New business cases are emerging, driven by fraud prevention and increased segmentation, with payment a differentiating element and the customer experience now a primary consideration. The next 12 to 18 months is likely to see movement in a number of areas that will set the scene for how we pay in the years to come.