Technology is often about finding the right connections, and taking the new and linking it with something familiar. This month, startups such as Modo took on relationships between banking systems and emerging payment systems. Meanwhile, DadeSystems tackled user authentication with single sign-on (SSO) technology that allows their clients’ staff to use their existing credentials to log into the company’s mobile app. Here is the latest news from startup-land in August.
For decades, banks have been honing their systems to seamlessly manage payments while also handling titanic amounts of volume – but they face a challenge when it comes to working with emerging forms of payments.
“It’s hard to get those systems now to interact with things that are very different,” Modo CEO Bruce Parker told PYMNTS. To that end, Deutsche Bank recently took a stake in the firm to expand its existing digital business-to-business (B2B) and business-to-consumer (B2C) payments business.
For starters, the way that newer payment methods identify customers might be different than traditional banking systems. Instead of using routing and account information under NACHA-style interaction in the U.S., they might use email addresses or mobile phone numbers. In addition, a writing bank may have a presumption that another bank has done some work from a know-your-customer (KYC) perspective when someone writes a check. That task, however, is not so simple in a gig economy or marketplace world.
“Everything about all that infrastructure assumes we’re talking from a bank to a bank,” Parker said. “Now all of a sudden, you’re talking from a bank to not a bank.”
At the same time, beneficiary choice might be between a check and an automated clearing house (ACH) transfer. The expectation today, however, is to be able to pay someone with email, and verify who they are and where they live. Based on that information, the idea is to offer a choice between systems such as PayPal, Zelle, Venmo, Alipay or WeChat Pay.
That said, bank accounts are still part of the payments process with emerging methods. If a someone wants to send payment through a digital wallet, they need to have a balance – and in order to have a balance, they need to deposit funds into a digital wallet from a bank account. Moving money into a mobile wallet and paying for purchases involves separate steps that need to be completed. Data and operational process loads need to be created or invented to enable these transactions.
As an alternative to single sign-on, DadeSystems also offers an administration tool to its clients. Through that arrangement, companies can send their employees a secure link to their email accounts that allows them to sign up for the app and complete the configuration process. Employees can access the app on a variety of devices, from iPhones and iPads to Android phones and tablets.
In addition, DadeSystems takes measures to protect sensitive information stored on an employee’s phone. When an employee takes a picture of a check, for example, that sensitive data is not stored on their device. Instead, the data is pulled down to the device in real time and displayed for the employee's use. To enable that transfer, the information is encrypted back and forth via an application programming interface (API), and employers can manage access to their data.
“They have full control over who has access,” DadeSystems’ CTO Doug Hathaway told PYMNTS.com in an interview. “They can manage their own users.”
This setup gives companies more control. They can take away a user’s access to check data by simply deactivating that employee’s account. The app also limits current employees’ access, so they can only see the information they have collected. On the back end of the application, DadeSystems offers varying levels of access for staff, such as those in the accounts receivable department who might need access to more information.
To further enhance security, DadeSystems' app is vanilla when a user downloads it from the app store: It doesn’t call back anywhere or have any endpoints. Instead, the software is only configured when a user completes the sign-up process, so the app knows where to call home or which APIs to use.