A Race to Secure Customers
Banks and PSPs are rethinking strategies to defend against fraud and new competition.
The banking landscape has changed. Between 2014 and 2015, consumer log-ins to internet banking increased by 10%, while there was 6% decline in branch transactions. The revised Payment Services Directive (PSD2) is bringing about significant modifications to the payments landscape and it will affect all players and ultimately improve user experience without exception.
The new regulation issued by the European Commission has high expectations. It aims to put the customer and their security at the centre of the electronic payments process. However, many financial institutions will need to invest heavily in system and process upgrades to be able to adhere to this modernised approach.
In a 2015 press release, Commissioner Jonathan Hill, responsible for Financial Stability, Financial Services and Capital Markets Union, said: “European consumers want to know that their payments are safe when they shop or make a payment online. The new Payment Services Directive will ensure that electronic payments in Europe become more secure and more convenient for European shoppers. This legislation is a step towards a digital single market; it will benefit consumers and businesses, and help the economy grow.”
Legacy technology and practises mean that for many, a huge investment is required to make the necessary upgrades, risking existing revenue streams and brand reputation. In addition, traditional financial institutions are further exposed to the threat of the new competitors less hindered by existing technology.
For newer market entrants, with less cumbersome systems, PSD2 presents an opportunity to gain more ground on less nimble traditional players. For the larger financial institutions, turning to the fast moving technology vendor community for support, will enable them to react more quickly, bringing legacy systems up to speed.
Technology partnerships instantly can help close the generation gap for many financial institutions, with zero disruption to day-to-day activities. A smooth identity verification (ID&V) process is an essential part of successful customer interaction online and PSD2 recognises and promotes this. The ID&V process should take place in a manner that inspires trust with minimal consumer disruption.
As most ID&V processes rely on the compliance of the consumer it is vital not to overlook the importance of ease and familiarity in the process. New processes in response to PSD2 need to be future-proof and be combined easily with other authentication technologies like biometrics.
The directive aims to bring faster and easier transactions and increased security. It widens consumer choice and lowers transaction fees. In addition to encouraging slicker and more secure consumer experiences, PSD2 has another extremely worthy cause – opening up the complex European market.
PSD2 introduces Access-to-Accounts, which gives Third Party Providers (TPPs), direct access to consumers’ accounts. This also means that consumers’ card details don’t need to be shared online when making purchases.
Banks will have to give TPPs direct access to consumer accounts and need to get to grips with APIs. They will also need to ensure that they have the appropriate security measures in place to prevent fraud and also to respect consumer confidentiality. 88% of banks agree that security and data protection is a big concern with PSD2.
In a recent survey, 88% of banks see the challenge of overcoming their legacy systems, and the high cost of implementation as a barrier against their digitization. Banks also face a technological challenge, a question of performance. Only 14% of banks were confident that on ‘day one’ they would have APIs in place to support open access. But banks don’t need to tackle these challenges alone. For example, a customisable, modular client-hosted platform or SaaS solution, which allows consumers to verify themselves via recognisable and friendly interfaces, could be installed rapidly without the need to change these legacy systems by myPINpad.