As the European Commission moves closer towards its ambitions of creating a single European payments market, one proposal put forward in Article 58 of the upcoming Payment Services Directive (PSD2) could have a far-reaching effect on the way payments are transacted across the 28-member bloc.
The article includes a provision to regulate third party (so-called “third party payment
PSD2: A ‘bull by the horns’ approach to open access
service providers”) access to payment account information, including the amount of funds in the account – writes Nikolaus D. Bayer, Managing Director, IRIS Analytics.
The objective is to standardise and regulate access to financial information so that payment transactions can be made directly without passing through card schemes or other intermediate service providers. Large retailers may even consider becoming third party payment service providers themselves, allowing them to take payments directly from a customer’s bank account.
The attraction of the opportunity to reduce payment transaction costs for merchants and their customers is obvious. The implications for the traditional four-party payment system, not to mention for the adequate protection of consumer data, however are significant.
Of course the regulator has not overlooked this, and in response third parties will be subject to checks to ensure that they handle consumers’ data with appropriate care. That said, the question remains as to whether consumers will be happy giving third parties access to their information. And what does this mean for banks, which could be held liable – and face additional reputational risks – if the data is misused?
In spite of the potentially radical shake-up, the apparent cloud over open access to payment information might offer Europe’s banks a substantial silver lining. We have set out a few of the opportunities we think might get overlooked in the rush to lobby for a change in the proposals below:
- Introduction of new payment processes provides an ideal opportunity for banks to bolster their defences. Not only would this increase their effectiveness at preventing fraud it would also strengthen the trust of customers toward their banks. In spite of the damage to other parts of the banking industry by the recession, banks have maintained their reputation for trust and reliability in payments. Much more so than the likes of Google, Apple, Facebook and PayPal that have expressed ambitions to move into the payments arena. Leveraging their legacy of brand and trust, banks should seize an opportunity, which could put them back at the heart of a new era of payments.
- There is also the potential for banks to introduce new services. Banks could for example verify the identity of customers making transactions, while at the same time checking they have sufficient funds for the transaction. A move that would not only reduce merchant vulnerability to fraud but would also benefit customers who will no longer need to give access to their personal information to third parties. The Google Wallet is already offering this, demonstrating the need for banks to respond to the challenge of some of the new payment market entrants.
- Banks that confront the challenge of PSD2 with a ‘bull by the horns’ mentality could steal the march on their competitors by offering new, innovative services. An example might be a single sign-on service (such as OpenID Connect), allowing users to connect to multiple online accounts – even including LinkedIn and Gmail, through one account – all verified by their bank for security. Not only would this make browsing easier and safer it could also help to improve customer loyalty. If combined with real-time transaction monitoring, such as that provided by IRIS Analytics, there should also be no increase in fraud or a loss in protection of customer data.
Crucially, taking a “bull by the horns” view instead of a “bull in the china shop” reaction to the new regulation might mean there are more than secondary benefits at stake. For example why share profits with the card schemes or PayPal, when they can be bypassed? The additional revenue generated by ‘direct to customer’ transactions could help cover the costs of any investment in new infrastructure required when regulations come into force.
At the same time reliance on third party data security measures is massively reduced, cutting out the scary current reality of data breaches such as that of Target in the US. An attack that resulted in the theft of 70 million items of data including details of Target shoppers’ addresses and phone numbers, and the theft of 40 million debit and credit card details.
With no PAN data stored with merchants, possibly leaving only single transaction records with retailers, allowing greater oversight of their customers’ transactions, banks reputational risk could also be dramatically reduced.
Of course with PSD2 still in discussion it’s too early to see what the direct impact will be on Europe’s payment industry. One thing that we can be certain of however is the Commission’s sustained commitment to creating a single European payment market. In which case as banks grapple to retain their place in the ring in the face of new, innovative competitors, perhaps the bullfight for the banks looks more promising than first thought?
The post PSD2: A ‘bull by the horns’ approach to open access appeared first on Payments Cards & Mobile.
