Payments is never boring these days, and that holds especially true as a new decade looms, new regulations are kicking in and merchants, card brands and payment services providers race to build more secure and efficient customer experiences.
All those changes can be a lot to take in. But in a new PYMNTS Masterclass discussion, Rob Eleveld, CEO of global identity verification provider Ekata, tells Karen Webster that much of what’s going on now — and much of what will be required for success in the early part of the 2020s — comes down to better data for machine learning models and the use of pre-authorization risk screening for online card transactions.
“Consumer expectations are for more speed,” Eleveld said, describing one of the main trends driving payments changes. That’s not all, of course — regulatory efforts, including Europe’s revised Payment Service Directive (PSD2), are designed to encourage more innovation and disruption in the space. In fact, how businesses respond to that regulatory effort in the coming few months could impact their operations — and more importantly, revenue — for years to come.
That’s largely because of the part of PSD2 known as Strong Customer Authentication, or SCA. As PYMNTS readers no doubt know, SCA stands as one of the most comprehensive global efforts to bring more security to online payments and eCommerce — but what about the potential for adding friction that can alienate consumers from the merchants, financial institutions and payment service providers. SCA mandates that some 300 million consumers will need to confirm their identities for most of their online purchases using two of the following: who they are (e.g., a fingerprint), what they have (e.g., a phone) and what they know (e.g., a password).
SCA was scheduled to kick off on Sept. 14, but authorities pushed back the deadline by 18 months. At the time, it was estimated that perhaps 75 percent of European Union merchants weren’t ready for SCA. Regardless of when, the race is afoot for merchants and the other main players in payments — including, card brands and payment service providers (PSPs) — to get right under the SCA rules. That means crafting a payment authorization process that promotes more secure transactions without leading to more false positives or added customer friction.
SCA Express Lane
While the issuers, not the merchants, have the final say over whether or not to flag a transaction based on a lack of authentication, there are still some ways transactions can go through without SCA. Carve-outs, as they are commonly called, can and should serve as a motivating factor for merchants trying to get right with SCA — but, more broadly, help to bring their payment flows into the 2020s.
Merchants that fail on that front run the risk of losing business to competitors who can clean up their transaction flow and use those carve-outs to reduce customer friction. Think of those carve-outs as an express lane for payments, a reward for having a relatively high level of fraud-free transactions and low chargeback rates. Vital to securing those carve-outs are transaction risk analysis models, or TRAs. Those models can help merchants construct more secure and efficient payment processes — largely by filtering out bad transactions and quickly approving more good transactions to earn a better merchant ID rating, thus enabling less customer friction, and over the long term quicker transactions.
“Bigger merchants are building their own TRAs,” Eleveld told Webster. What is the big motivation for that? Control. “More and more merchants will want to control their own destiny on this, and more PSPs,” he said, adding small merchants, however, are more likely to rely on TRAs crafted by the payment services providers.
Machine learning is vital to gaining more payment power under SCA — and good data is vital to machine learning. That’s a challenge for businesses that have historically stored data in disparate ways — data that is not necessarily formatted in a way that is ready to feed those machine learning models. Getting that data “model-ready” now stands as one the most important projects in payments, at least according to Eleveld, and the companies that can achieve that in the shortest amount of time are likely to have a significant advantage going into the new decade.
“If your data is not clean or consistent,” he said, listing some of the main potential problems merchants do and will face, “if your call-outs to your providers time out, if your internal system is inconsistent or fails … it’s all a function of clean data.”
Role of Pre-Authorization
But it’s not only the data that matters.
So does a streamlined transaction flow, which in turn can lead to more SCA-related advantages and carve-out potential — to say nothing of the overall broader payment benefits of an improved customer experience. And that’s where, according to Eleveld, pre-authorization risk screening can and will play a bigger role.
A robust and accurate pre-authorization checkout and fraud vetting process can reduce operational costs for merchants. That’s because it will reduce the reliance on the manual review of transactions, which is labor-intensive, expensive and slows the process down. Over time, a good pre-authorization process can save money for businesses in other ways, such as decreased step-up authentications and payment processing fees. “I think the world will move to pre-auth, full stop,” Eleveld said. “I don’t think it will happen overnight. But for the ones who do it first and best, there is a big business opportunity. And they will win in the long term.”
But, for now, it’s more about navigating the sharp learning curve, getting right with SCA and related payment initiatives, and prepping the ground for success in the 2020s. “Everyone’s cutting their teeth on exactly the right fix,” Eleveld noted.