FinTech Firms Tackle PCI Burdens With Hosted Checkout

tablet online checkout

PCI compliance is top of mind for many organizations, with a burden and commitment from the chief financial officer (CFO) suite that is not nominal — and quite capital intensive. FinTech firms, however, are looking to lessen that work through their offerings: Modo, in one case, has a Modal component to its /Checkout product.

“We allow a merchant to come in and offload their PCI requirements” by hosting the capture of sensitive data, Modo Chief Product Officer Ryan Lee told PYMNTS in an interview. The capture can include just the payment card information or personally identifiable information (PII) as well.

The offering comes at a time when security breaches are now sort of public fodder, Lee says, since the massive Target breach — and more recent reports that payment details were compromised at Chipotle. “This is top of mind for larger enterprise organizations,” observed Lee, who said the diversity of payment methods Modo offers sets the company apart from other organizations.

Lee also noted that the company isn’t locked into a specific domicile or method. It is able to provide traditional credit card processing across global lines and can also offer alternative payment methods — which can be a challenge to integrate as they don’t look like a card. PayPal’s identifying information is an email address, for example, and Lee also cited Alipay as an alternative payment method.

As the company speaks with organizations that are looking to tap into its product, Lee said Modo is finding that security is top of mind for them. In terms of security requirements, Lee said it is not taken lightly when the company says it has bank-grade security or certification. The company goes through a grueling security audit each year, for instance. And, when merchants want to integrate the Modal offering, the company offers a modern application programming interface (API).

To help introduce the Modal product to merchants, Modo highlights key features on its website. The company, for instance, tokenizes everything. When it comes to introducing the technology, Lee said the value of the demo is priceless. It can show a dashboard and a side-by-side of the actual checkout capturing data and tokenizing it as well as the developer code that gets returned along with responses from various payment methods.

With the product, one of the hypotheses Modo needed to vet was whether merchants would be willing to allow it to do a hosted checkout. The company found that larger organizations are embracing service providers — and there’s a firm that, for example, does track and trace for major retail brands. While there might have been a greater impetus on maintaining control because of security implications, today merchants don’t want to hold the liability to capture the information and host it.  Instead, they are looking to an expert — someone who has their head in the space such as a FinTech firm.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.