Deep Dive: Making Smarter Payments Safer

As data becomes more accessible, businesses and banks — as well as fraudsters — are looking to learn as much as possible about consumers. These developments have caused several markets to adopt strict regulations on the handling and exchange of information. The following Smarter Payments Deep Dive that examines how digital payments are improving customers’ experiences and the regulations that protect their data.

Banks and businesses handling personal information face a delicate balancing act as global systems embrace smarter payments. They must deliver services that customers and clients demand while securing their personal data.

Data is crucial and — fortunately, for banks and businesses in the smarter payments space — plentiful. By some accounts, more than 90 percent of existing data was created after 2014.

For payments to become smarter, senders and receivers must be able to receive data attached to payments and react to its insights. Businesses and FIs can analyze this transaction data to determine customers’ preferences and personalize services.

But the rising availability of data also presents challenges in how it is used. Several high-profile companies that rely heavily on data have been subjected to unflattering investigations into their handling of users’ information. Facebook, for example, has faced controversy since consumers learned that it allowed Cambridge Analytica to harvest information from approximately 87 million profiles without consent during the 2016 presidential election.

Concerns about who is accessing data, and why, persist as it becomes easier to obtain. In this month’s Deep Dive, PYMNTS examines how data can improve customers’ experiences, and how regulations can keep their data safe.

More Data, More Innovation

Some of the benefits can be seen in the U.K. financial services sector as consumers embrace digital technology for the banking and retail industry. One recent report found consumers’ changing habits could help expand the smarter payments ecosystem.

Adoption of digital payment technologies is poised to grow significantly among U.K. consumers in the coming years. The report indicates that the total value of mobile banking app transactions is likely to reach £3.4 billion per week by 2020, up from £1.7 billion per week in 2014.

What’s more, the U.K. market is seeing an uptick in faster and real-time payments transactions. The market completed roughly 1.3 billion faster payments transactions between 2015 and 2016, and recent estimates project that number will reach approximately 2.3 billion payments by 2026.

If these trends continue, the U.K. financial system could find several “digital payment trails” based on those transactions. And as more consumers use faster payments systems, these schemes will play greater roles in financial services.

Data can also be collected in a two-sided market mechanism. In this model, an online platform acts as an intermediary by collecting consumers’ data while selling advertising opportunities to marketers. This is the case on platforms like Facebook and Google, which enable users to access their platform and allow advertisers to buy ad campaigns.

Smarter Data Protection

Regulators across markets realize the data risks that consumers face, and rules and regulations are in place to ensure that data is handled sensitively. These rules are also designed to give banks and third-party platforms access to the tools they need to innovate and deliver new products and services.

The European Union’s General Data Protection Regulation (GDPR) went into effect earlier this year, and it encourages consumers to exercise greater control over their personal data. GDPR requires data to be processed transparently, collected for specific and legitimate purposes, securely processed and guarded against unauthorized use or accidental loss. Data that identifies specific people must also be stored only for as long as necessary, depending on the original purpose behind its collection.

Other data-focused regulations also went into effect this year. Under the second European Payment Services Directive (PSD2) that went into effect in January 2018, payment services providers (PSPs) are required to offer access to customers’ payment data, as long as customers have consented. PSD2 allows new providers to access the same data already available to existing PSPs, to encourage innovation and foster competition.

The U.K.’s open banking initiative allows customers of its nine largest banks and building societies — the U.K. equivalent of credit unions — to provide third-party providers with secure access to certain data. This resulted in the creation of several API specifications and data standards that regulate how financial data will be shared. The goal is to provide consumers with greater control over both their personal data and personal finances.

Consumers are increasingly embracing and adopting digital technology, and the potential for data abuse and misuse is likely to rise. More regulations like PSD2 and GDPR will appear as data is generated by everyday financial transactions. Proactively developing a strategy to handle consumer data is the smartest approach that FIs can take to secure data in the smarter payments era.