We spoke to Genevieve Mattheus, a payments expert and Head of Implementations and Testing for Paymentology, a global card issuer and payments processor operating in 49 countries, as the firm continues to grow and adapt to challenges across timezones. 

PaymentExpert: Firstly, are you able to tell our audience more about Paymentology? 

Genevieve Mattheus: Paymentology empowers banks across the world to deliver a first-class customer experience by providing unrivalled access to real-time card spend data.

We do this by managing the full payment processing lifecycle of a card; be it debit, credit or prepaid. Beyond the usual settlement, approve/decline and run-of-the-mill processing activity, it helps banks become customer centric and open new revenue streams through rich data provision.

In short, through Cloud-based infrastructure, global reach, and industry-leading APIs, we can enable banks, digital banks and fintechs to rapidly issue and process cards, anywhere in the world, at scale.

What impact do you believe two factor authentication will have on the payment journey in the UK? 

The new two-factor authentication regulation will affect e-commerce,  as e-commerce transactions rely on authentication. Any changes to regulations of that practice may risk transactions being abandoned by consumers if the new architecture becomes cumbersome and time consuming.

Two-factor authentication must be kept simple, and cardholders should be able to authenticate themselves quickly and easily. If not, there could be an increase in abandoned transactions, which in turn will lead to revenue loss, higher costs, cardholder complaints, loss of reputation for issuers, and may even lead to cardholders using other payment methods or changing issuers.

The key is to make e-commerce transactions as frictionless as possible from an authentication perspective by way of richer data exchange.

In the long run, the benefits span: reducing the processing of fraudulent transactions and online fraud, increasing cardholders’ confidence to perform eCommerce transactions with convenient and secure services, reducing the number of disputes cardholders lodge and issuers need to process, and last but not least, ensuring compliance with international regulations such as PCI-DSS and PSD2.

How important will new authentication rules be in bolstering security within UK payments? 

New authentication rules will be important in bolstering security within UK payments. They’re designed to make online payments more secure and limit fraud, as online retailers will need customers to verify themselves by two-factor authentication. 

Higher value online purchases or purchases that are not in accordance with a customer’s normal spending habit or usual device will also require a customer to complete a form of two-factor authentication as these will be deemed more risky purchases.

What steps do you believe companies can take to minimise the impact of new authentication rules? 

New rules mean more checks via various mechanisms for certain payments. For example, a cardholder may be sent a one-time code by their bank to verify a payment, or they may be asked to login to a banking app to prove their identity, where they never had to before. So there’s work to be done to facilitate this change.

There are many steps that can be taken to minimise the impact of the new authentication rules.

For example, working to ensure that in-app authentication within banking apps is really well designed. This will make payments more frictionless and deliver a faster, smoother experience for the consumer.

Equally, improving and incorporating ACS solutions for EMV 3DS (2) would make a big difference. This would allow banks to offer easier authentication requirements as the software is designed to minimise friction and deliver a seamless experience at the point of spend, via a frictionless flow or biometrics request. 

Banks could also consider incorporating SCA for low value transactions as currently SCA is only required for online purchases above £25. Banks could also attempt preventing two-factor authentication when unnecessary and in situations where customers especially dislike being inconvenienced. For example, when considering SCA for low value transactions, banks should also pay attention to: the value of the transaction, if a payment is a recurring payment, trusted beneficiary of payments. 

They could also allow cardholders themselves to select specific merchants for trusted beneficiary payments and banks in turn, could allow purchases from that specific merchant to be processed without SCA.

In that same vein, implementing transaction risk analysis (TRA) to allow transactions with trusted merchants that use acquiring banks and have low fraud rates, to bypass SCA depending on the value of the purchase could make a difference. For example: transactions performed between merchants and acquirers with a very low fraud rate of around 0.01% should be able to skip SCA on purchases under €500, as the likelihood of fraud occurring in those cases is slim to none. If the fraud rate is under 0.06% then a slightly lessened €250 online purchase limit should be possible with no SCA involved. A rate under 0.13% could mean purchases less than €100 are exempt from SCA.

How crucial can cloud based payments be when it comes to improving the payment journey? 

Leveraging cloud infrastructure for payment processing can vastly improve the payment journey. By moving to a cloud-based payments platform, businesses are able to offer more flexible payment options, while still achieving PCI compliance as most cloud-based payment platforms have robust security measures.

But the biggest advantage comes in enhancing the customer experience by improving a customer’s payment journey and making the payments experience as seamless as possible. Another key benefit is the increased flexibility that would be offered, making it easy for customers to use technology, and simultaneously passing on better user management. Cloud-based platforms also allow payments to be made using the internet or from a mobile device. This, when coupled with data integration, will make it easier to maintain friction-free payment processing, and will help increase the speed to introduce new products.

Put simply, cloud-based payments platforms are easier to scale, quickly, and with fewer cost than their alternatives.

With a new generation of technology and Cloud-based solutions like Paymentology offers,  banks can expand quickly and modernise their payments products without incurring high upfront costs. With Paymentology, banks can: integrate into the platform via feature rich APIs, link new digital products into their core banking platforms, and make Cloud-based payments services available to their customers, easily.

If banks want to enhance their customers’ payment experience it’s crucial for them to consider cloud-based payment processing. Crucial, both for them to scale their businesses, and to rival new payment challengers.

Simpler processes will make it easier to automate reducing costs throughout every area of a bank’s operations. Digitalisation will enable more open and transparent adherence to banking regulations and help banks stay compliant. By operating across a connected platform, banks can use technology for data analytics, learn from the full complement of customer and company data, and use that data to adapt to change, avoid threats and fulfil new regulatory requirements as they occur.