Tag: instant payments

Super-complaints but no super-solutions

9th January 2017by Consult Hyperion2 Comments

I love the BBC’s Money Box programme with Paul Lewis and I listen to it every week. A recent episode included what, I’m afraid, has become an all-too-familiar story.

Paul Lewis hears from a listener who built up savings of £180,000 over more than ten years in business, only to have it all stolen from her account in 24 hours by online scammers. Should her bank have noticed and stepped in?

From BBC Radio 4 – Money Box, Cheaper energy when it rains

The essence of the story is that the customer fell for a scam. She had a phone call from someone purporting to be from BT and the upshot of it was that she allowed fraudsters access to her Santander business account whereupon they immediately began to transfer all of the money out to a variety of other accounts. When she discovered that she had been the victim of fraud she asked the bank for the money back and they said no.

From her perspective, I can see why she feels aggrieved. She feels that the bank’s antifraud mechanisms should have resulted in a phone call or email and text message or something when these completely unusual transactions took place. After all, 33 transfers in 24 hours from an account that is normally used only for direct debits and standing orders would hardly need Watson to flag up a warning. From the bank’s perspective, I can see why they feel they are not responsible since she authenticated all of the fraudulent transfers by entering the 2FA codes they texted her (they hadn’t read my blog on why SMS isn’t security).

Whether the bank is at fault or not for this specific scam the banks, collectively, will have to do something about the instant payment fraud problem in general. These frauds have become a very serious problem and I can understand why consumer groups are upset about what they see as a lack of action from the banks.

The Payment Systems Regulator’s (PSR) response to the Which? super-complaint on bank transfer scams ‘has let the banks off the hook’.

From Super-complaint response lets banks off the hook – December – 2016 – Which? News

It isn’t only phone calls. There’s a huge amount of e-mail fraud going on as well. In essence, fraudsters intercept legitimate requests to transfer money from one account to another using the Faster Payments Service (FPS) and they change the details so that the payer sends the money to an account under the control of the fraudsters rather than the intended destination. So, typically, the fraudsters will get into the email of a solicitor and when that solicitor sends an email to one of their clients requesting money for a house purchase to be transferred into the solicitors account, the fraudsters replace the legitimate account details with details of another account that they control. I wrote about this ages ago and put forward the obvious solution, which is to stop using e-mail for important transactions, but nobody paid any attention, and the problem continued to grow.

A particular problem, of course, is that you identify a payee by giving a sort code number that identifies the bank branch and an account number to receive the funds. I defy anybody to carry around the six digit sort code and nine digit account number of their correspondents in their heads or to be able to spot their solicitors real payment details from some fake payee details when reading an email. If you are expecting to send the money to $dgwbirch (you can try this by the way, it’s my Square Cash name) and then get an email asking you to send instead to $davidovichbirchski then you might be a little suspicious, but if you get an e-mail using to switch from sort code 12-34-56 to 34-56-78 its less obviously a fraud.

Now, for someone like me who is reasonably savvy about the operations of the UK domestic interbank payment networks, instant payment fraud isn’t a problem. Whenever I have to set up a new payee for instant payments, I always send an initial payment of a fiver and wait for confirmation that it has arrived before a transfer any larger amount. But a great many people, and a great many people who are intelligent and sophisticated customers, do not. They enter the incorrect payee details and hit send. The impact of this is significant as the number of frauds continues to increase.

Hannah Nixon, managing director of the PSR, said: ‘Tens of thousands of people have, combined, lost hundreds of millions of pounds to these scams”.

From Super-complaint response lets banks off the hook – December – 2016 – Which? News

Indeed they have. But if I tell my bank to send £10,000 to the Nat West in Barnsley by mistake – whether I was scammed or typed in the wrong sort code or was using an out-of-date account reference or whatever – and I go through all of the security hoops to do so, why is it my bank’s fault that the money went to the wrong place? It is not obvious at all that it is my bank that should be compensating me for my mistake. If scammer gets me to send my house deposit to the wrong account, then my claim is against the scammers or the destination bank if it was negligent in some way (e.g., if it didn’t do KYC) isn’t it?

I agree with the BBC and everyone else that something needs to be done. On this Money Box episode, Hannah Nixon (the UK’s Payment Systems Regulator) mentioned one specific countermeasure that is to be implemented by 2018, which is payee verification, but I wonder if the solution isn’t to put an overlay on top of FPS for retail and SME customers to use. As I wrote earlier in the year,

if someone put a scheme on top of FPS so that they did the payee verification for you and included chargeback rights for a small fee then that might be very attractive to a great many people.

In other news, MasterCard are apparently launching a bid for VocaLink.

From Are the banks telling you that you may as well use bitcoin? | Consult Hyperion

This isn’t just about bank accounts and instant payments, of course. If it was, I wouldn’t be blogging about it. I hate to say it, but the problem and the solution are all about identity. She couldn’t tell it was BT, and bank couldn’t tell it was her (and she wouldn’t have been able to tell it was the bank). Fraudsters are ruthless about exploiting the gaps in identification, authentication and authorisation infrastructure and as far as I can tell, right now there are only gaps and no actual infrastructure. A system based on the gold standard of gas bills is, I am sorry to say, no longer fit for purpose.

Police later discovered Ghani and Mahmood carried out the fraud after stealing three utility bills from Mr To’s mailbox.

From Stockport identity fraud victim’s £500k home put on market – BBC News

“Having forged his signature, they then transferred the deeds to his house into Ghani’s name”. Yes, I know I know, I’m sure the blockchain will put a stop to this, but in the meantime… should a homewoner whose house is stolen in this way be entitled to compensation from the utility company for sending the bills? Or from the whoever it is that transferred the deeds based on a forged signature? If I can steal your house just by getting information from utility bills and forging your signature, society wouldn’t expect you to be the one to lose out and I understand this, would it? Surely if I am able to login to the solicitors email server and then send emails masquerading as them, it’s the solicitor that is being negligent not the bank!

Just whose fault is it when someone gets scammed in an environment that has no effective identity infrastructure?

MasterCard and VocaLink is a big deal

1st August 2016by Consult Hyperion5 Comments

I’m sure by now you’ve all read about MasterCard’s acquisition of VocaLink. If not, you can listen to me talking to David Yates, the CEO of VocaLink, about it on the latest podcast in our Tomorrow’s Transactions series, either via iTunes or directly via our web site. It’s very interesting, in my opinion, to hear David’s rationale for the deal and his very positive view of the future that has VocaLink experience in instant payments married to MasterCard’s global presence. And for more on this deal, Karen Webster over at Pymnts spoke to MasterCard’s Chief Product Officer to look into the “why VocaLink and why now” behind the acquisition and wrote a nice piece about it.

With VocaLink’s Zapp proposition, Miebach explained, a consumer can go to a merchant’s checkout, use their mobile device to access their trusted bank’s mobile app, and see a variety of payment options including Zapp’s pay-by-bank offering.

From Mastercard Talks VocaLink Acquisition | PYMNTS.com

Personally, I think this initial analysis didn’t touch on a couple of issues that are relevant to understanding the deal. First of all, the reason why VocaLink was worth so much to MasterCard rather than anyone else (and thanks to the collapsing Pound was a bargain for them) is that Visa dominates the UK debit market and the push future for “instant payments” at retail presents a debit-like proposition to consumers. Zil Bareisis made this point over at the Celent blog.

Visa controls 97% of the debit card market in the UK. I would imagine that a Zapp-like solution would have more of an immediate impact on debit card transactions rather than credit card spend.

From The Future of Zapp and Other Musings on MasterCard and VocaLink

Secondly, if a push payment debit-like in-app and in-browser alternative to the traditional debit card which did not run through the card network but through the Faster Payment Service (FPS) is attractive enough for consumers to want to use then merchants will have to accept it and potentially pay more than they do for existing debit cards (which they will do, because the push product will have more attractive rules and rights) and that will give scope for MasterCard to offer rewards of one kind and another.

Somehow this takeover didn’t make the news headlines, but mark my words it was one of the most significant events in the evolution of the UK payments industry since Reg Varney got a tenner out of that first ATM in Enfield half a century ago. It’s a significant milestone on the road to #cardmaggedon, and it’s not only me who thinks this. Using mobile phones to make instant payments is going to impact the use of traditional plastic cards and plastic card products. Not just because the card will vanish into the phones but because the products themselves will be reinvented for the new age.

As ANZ rolls out Android Pay to its customers, the Australian bank’s chief executive Shayne Elliott has predicted that mobile payments could displace plastic cards in well under a decade.

From ANZ chief predicts mobile will kill off cards in less than a decade – BayPay Members Blogs

This is exactly what Anthony Jenkins said (when he was head of Barclaycard, before he was the CEO of Barclays) when he said, as memory serves, that mobile phones would get rid of cards long before they get rid of cash. But I think the change is more profound than he was thinking about back in the day.

The mobile phone isn’t just going to get rid of the 1940s embossing and 1950s card and the 1960s network and the 1970s magnetic stripe and the 1980s chip and the 1990s online card-not-present use and the 2000s 3D secure and keep only the 2010s network tokenisation in devices but it is going get rid of the whole bundling of PAN-based payment with credit and fraud management and merchant guarantee. The push for push, as they say (or, at least, I say) is inexorable.

Card market reform means non-card opportunities

3rd June 2016by Consult Hyperion

I’m in Frankfurt for the annual PayComm MEETS Europe, my chance to catch up with practitioners from the continental card markets. It’s really hard to keep up with all of the change in the market, driven primarily because of the regulation rather than new technology. The pace of regulatory change seems relentless. A few years ago, I took part in an panel discussion about payments and regulation and innovation in Brussels. I remember it quite well because of my excellent fellow panelists and because of the nature of the discussions that followed. The panelists and topics, not that they are terribly relevant to the rest of this post, were:

Dave Birch, Consult Hyperion: Conditions of consumers acceptance of e- and m-payments
Roy Vella, Mobile services advisor: Potential of mobile technology in the area of payments
Alice Enders, Enders Analysis: Monetising digital content: electronic and mobile payments as means to reach the consumer
Katarzyna Lasota Heller, EDiMA (European Digital Media Association): Online retailers view on consumer expectations towards e- and m-payments
Stacy Feuer, US Federal Trade Commission. US regulatory perspective
[From e-Commerce – Digital Agenda Assembly 2012]

In those discussions, I put forward a suggestion taking from Norbert Bielfeld’s superb December 2011 Working Paper “SEPA or payments innovation: a policy and business dilemma” [PDF] for a five year “legislative holiday” around payments to let the effects of the Payment Services Directive (PSD) and so forth settle down, so nothing would change until around now. That never happened, of course, and the Commission pressed forward with a regulatory agenda, one significant part of which was the reform of the card payment market in Europe. Now, setting to one side that I have always favoured a competition agenda and regard interchange caps as inappropriate and counterproductive price-fixing, these reforms are beginning to impact the market.

How? Well, I remember that when he was speaking at this event last year, Peter Jones from PSE gave an excellent presentation on the impact of the new European card regulations on the different players in the payments game. You won’t be surprised to hear that I agree with his fundamental conclusion that the regulations represent a victory for merchants over banks and demonstrate the importance of having a concerted and coordinated lobby. He went on to say, and I hope my scribbled notes on this are accurate, that the commission don’t fully understand the impact of the changes that they have made. (I might be tempted to add that I’m not sure that any of us really do because of the chaotic nature of the changes.) These changes will inevitably have some unexpected consequences and it is part of the fun in the industry at the moment trying to guess what these consequences might be. I had not, for example, realised at that time that the reform of licensing on a pan-European basis means that Amex and Diners will have to restructure their franchise models.

I won’t take you through a detailed analysis of the changes that occurred last year and the final set of changes to come into place this month except to say that they will trigger have started to change the structure of the European cards industry. This is not inherently bad for everyone, of course. Chaos is a ladder, as they say, and Peter’s presentation alluded to opportunities that might arise from the enormous changes that will take place. Peter for example, said that he could see to pan-European “common carrier” real-time networks evolving from the impending separation of brand and processing for the international card schemes and suggested that with good strategies the debit portion could emerge into a pan-European immediate settlement system.

However, this year I want to focus on two of his conclusions that I think were both correct and of tremendous importance. I think that they might not have been recognised as such by some stakeholders who were focusing on the reorganisation of the card business rather than the larger context. These conclusions are entirely congruent with the strategic perspectives that we shared with our clients and, as I down to PayComm 2016, I think it’s worth opening them up for discussion again.

As we have long advised our clients, a working push payment infrastructure (ie, smart devices and an immediate settlement network) means that a lot of day-to-day payments will shift to the infrastructure).

From Push payments are a win-win (and a lose) | Consult Hyperion

The first is that the heavy regulation of interchange-based card products will mean energy, investment and imagination being directed into non-card credit products, a driver that I have referred to before as the “push to push”. It is hardly a surprising prediction that banks and others will want to develop businesses that offer higher margins. As the margins on the card business are regulated down the ability to offer rewards, cutback, loyalty and other services is necessarily restricted. If mobile-centric account to account payment services can deliver better functionality and more attractive propositions to customers then the merchants will have to take them and pay more than for card products.

The second is that the payment services directive provisions on open access to payment accounts that we have discussed several times before on the blog will mean that (unless they are totally insane) banks will compete to offer what our Australian cousins call “overlay services” in order to compete with non-bank overlay services. Such value added service providers will use the account information service provider (AISP) APIs and the payment initiation service provider (PISP) APIs to deliver services to their customers. Now this has a number of strategic problems for banks to wrestle with. Banks are naturally concerned about third-party access to accounts relegating them to the role of commoditised, utility pipes for money because “over the top” players such as Facebook, Apple, Google and the other usual suspects will form a layer between the banks and their customers. But of course some banks might move aggressively to form the layer between other banks and their customers by providing better API services to those over the top players or they might decide to specialise in particular areas of the business and make themselves more attractive to customers in those niche is.

During the excellent PayComm workshop on instant payments, led by Andy Makkinje from Equens, a couple of people touched on the impact of these two trends (i.e., the push to push together with API access for PSPs) together. A working instant payment infrastructure, that is opened up because of the API access to banks, is very likely to become the dominant retail payment system, certainly for e-commerce (which is where all of the card fraud is in Europe). It will be the simplest, cheapest and most pervasive solution to the payments problem, and it’s nearly here. If you look around Europe the trend is unstoppable. The reform of the card market may well be the end of the card market as we know it.

Access

19th May 2016by Consult Hyperion2 Comments

The U.K.’s Faster Payments Service (FPS) has been very successful. The ability to send money from one account to another account instantly is actually quite transformational, but I still think that the full impact has yet to be felt. As we move into 2018 and the world of the newly-published Open Banking Standard, PSD2 and APIs then we will see instant payments built in to the applications that support our everyday lives. This morning when I caught the bus to work the cost of the bus ticket was charged to one of my credit cards, which meant that the bus company had to store my card information and that I had to remember the three digit code on the back of the card to complete the purchase. In the future, I will tell the bus company I want a ticket and put my thumb on the home button of my iPhone and that will be that. The money will be sent from my bank account to the bus company’s bank account with no delays, intermediaries or additional friction. As I said before, there will be a push for push.

Since it is such a big deal, it is of course important who has access to the instant payments networks. The government is very keen to see more competition in the retail payments space and for this reason it wants to facilitate access to core payment systems, such as FPS. The opening up of access has already started. You might remember that last year, access was opened up to a new kind of aggregated access layer under the “New Access Model”.

The New Access Model, first published in December 2014, sets out proposals to enable technology vendors to offer technical access to Payment Service Providers (PSPs) by adding to their existing accounting platform technology, or providing a managed solution to either a single or multiple PSPs.

From New access market for Faster Payments gains traction | Faster Payments

This new model gave technology companies with experience in payments the ability to create systems to connect directly to FPS and then offer this connection to other players. These new offerings, including VocaLink’s PayPort service, are a terrific step forward and they make it very easy for new entrants to get up and running. Earlier this year, in fact, PayPort made access for new entrants even easier through their partnership with Raphael’s Bank.

As a member of the Faster Payments Scheme, Raphaels Bank will be able to provide other payment service providers with access to the UK’s core payments infrastructure through VocaLink’s PayPort service.

From VocaLink Connect – VocaLink partners with Raphaels Bank on Faster Payments

So now, new entrants who sign for agency access with Raphaels can use PayPort to launch their services. But access may well be opened up even further. There are plenty of non-bank players out there who want to have access to the infrastructure and the UK’s Emerging Payments Association recently presented a report to arguing that, under the appropriate licence conditions, non-banks should be allowed access to instant payments infrastructure through the use of a new kind of limited pre-funded settlement account at the Bank of England. In essence, a Facebook or a Google would be allowed accounts that they would load up with a few million quid in the morning and then use throughout the day. Under this kind of option you would be able to send money from your bank account to a friend on Facebook messenger in a jiffy. Facebook and other tech players could use PayPort to connect to FPS, giving them integration and all the services they need at the drop of hat.

Tech firms are in talks with the Bank of England to secure settlement accounts, a privilege only currently on offer the banks. The accounts would help give the finance technology (fintech) firms access to the payments system, the infrastructure which currently underlies much of Britain’s financial services industry.

From Fintech firms want to open accounts at the Bank of England – Telegraph

Why am I highlighting this? Well, the interpersonal services that deliver instant payments at the moment (such as PayM, which has more than three million registered users) are just a toe in the water! Imagine what some of these new tech players will be to do with those services when they integrate them with social media, mobile apps, retail platforms, public services and other organisations and businesses. I’m looking forward to some real innovation in this space and opening up access under the right conditions will energise the whole sector and I’m going to be writing some more about this tomorrow.

Are the banks telling you that you may as well use bitcoin?

27th April 2016by Consult Hyperion2 Comments

Back on “frictionless payments” again. The bitcoin dream of instant (well, sort-of-instant) value transfer from anyone to anyone else with no third party that might be able to censor the transaction in the middle inevitably leads to what we used to call, in the first flush of digital bearer instrument debate, the “Grandma presses the wrong button and loses the house” problem that I touched on earlier this week. Or, to rephrase using the current examples, if the customer uses two-factor authentication to instruct the bank to send money to a crook is that the bank’s fault? Is it really a customer’s fault , for example, if their solicitor uses insecure e-mail to communicate with them instead of secure WhatsApp? There’s a spate of such frauds in the UK right now.

Mr Doyle instructed his bank to pay the money into this account. The couple then enjoyed their Easter weekend, little knowing their money had been stolen and their lives were about to be derailed. The truth emerged only the following Wednesday when TCS confirmed it did not have the money, and it became clear that the payment had been made to unrelated account operated by fraudsters.

From Property sellers warned not to email solicitors: ‘We lost £204,000’

The report then goes on to say that “the whereabouts of the money remain unknown” but this cannot be entirely true. Since the money had to be paid into a UK bank account and since UK banks perform stringent Know-Your-Customer checks before giving people bank accounts, the whereabouts of the money are very likely known, if not by the account holder (who could then be arrested) by whoever the account holder gave the login to (who could then be arrested). So it should be easy to get the money back… well, maybe…

Mrs Parkinson, a self-employed secretary and bookkeeper, was told that the remaining money could not be returned because the stranger who had the cash was “not able or willing to return the funds”.

From ‘I transferred £1,700 into the wrong account and I can’t get it back’

Payment UK recently released a report about payee identification that proposes to add another step to inter-bank transfers so that after you enter the bank account details of the recipient (which you shouldn’t be doing of course – a big part of the solution is to stop requiring customers to enter sort codes and account numbers) the system will send you back the name of the receipt and ask you to confirm. There’s a long way to go with this though, because there are privacy and other issues. Is it any of my business what the name on your account is? Nevertheless, fixing the problem is on the agenda.

The UK banks also have a new code of conduct for instant payments so that if you accidentally send money to wrong account then the banks will ask nicely to get it back, but if the person you sent it to doesn’t want to send it back, you basically have to go to court (and pay the banks’ lawyers somewhere between £80-£200 per hour).

the ombudsman ruled in favour of the banks, reiterating that MBNA and Santander had done all they could.

From ‘I transferred £1,700 into the wrong account and I can’t get it back’

If the bank can’t get your money back for you when you made a mistake, then you may as well have used bitcoin. Right? That’s what they appear to be telling you! This is why I will pay for the lovely antique map case I just saw using a credit card and not the faster payment service (FPS), which would have been quicker and cheaper for the me, the merchant and the bank. Of course, if someone put a scheme on top of FPS so that they did the payee verification for you and included chargeback rights for a small fee then that might be very attractive to a great many people.

In other news, MasterCard are apparently launching a bid for VocaLink.

Retailer pressures for direct-to-account payments

22nd December 2015by Consult Hyperion4 Comments

Back in the October edition of “Digital Transactions” there was a nice column by George Warfal from our friends at Edgar Dunn called “The Next Way to Pay” in which he says that “merchants are re-purposing their rewards cards as payment cards using the automated clearing house and gaining per transaction savings”. He goes on to say that this mode of operation presents a challenge to the current card network model, and I’m sure he’s right. In fact, if you take a look at the latest figures from the US ACH, you can see an explosion in the account-to-account (P2P) payments which, I think, is related to growth in mobile app-instructed transfers.

As you can see, all categories of ACH transfer are growing, with the exception of the check-replacement volumes that continue to fall (including at POS), as you might expect. I expect this trend to be even more marked in Europe, where the arrival of PSD2 means that retailer direct access to payment accounts will be one of the defining trends of the next era of payment evolution.

Under PSD2 banks and other payment service providers (PSPs) must give so-called payment initiation service providers (PISPs) access to their customers’ accounts so as to facilitate transactions ordered at the customers’ request.
[From Expert predicts innovation in payments market after PSD2 reforms are finalised]

I wrote an article exploring this for the Electronic Payments Law & Policy newsletter, arguing that while banks have been rather nervous about the effects of the access-to-account provisions of PSD2, it is time for them to adopt a more positive strategy, disrupting themselves before others do so. One suggestion, therefore, might well be for the banks to create their own access-to-account payment service, a sort of next generation debit product.

The recent EUR21.2 billion deal agreed between Visa Inc and European banks over the sale of Visa Europe has led to increased calls for the banking industry to put the windfall to use to create a competing product to tackle the duopoly enjoyed by Visa and MasterCard.
[From Finextra: Finextra news: Visa/MasterCard EU dominance adds impetus to calls for bank-backed competitor]

Now, Visa and MasterCard are rather good at what they do, so it would really take something special to be better at it than them. It might, in some observers’ calculation, be better to focus on delivering products into new channels where Visa and MasterCard have to work harder, such as mobile and online. Creating a direct-to-account service, with appropriate security and consumer protection, delivered through the EBA Digital Customer Service Interface (DCSI) as an API for retailers and other service providers to use, could deliver a worthwhile new payment product that (rather crucially) keeps the information relating to the transaction under bank control.

The European Payments Council has released proposals for the design of a pan-European instant credit transfer scheme, with the aim of bringing real-time money transfers across the Sinlge Euro Payments Area (Sepa) by November 2017.
[From Finextra: Finextra news: EPC publishes proposals for pan-European instant payments scheme]

This is pretty interesting. API access to a pan-European instant payments networks would mean a really important new “push platform” for product and service innovation in the payment space. If George is correct about the pressure from retailers to move to direct to account solutions, then I can see that there will be plenty of new opportunities for services in that environment: banks can offer real-time, API-centric, value-added payment services that offer specific functionality for retailers.

Instant payments should be a platform not a product

27th July 2015by Consult Hyperion2 Comments

Writing in the Journal of Payments Strategy and Systems, Steve Ledford (Senior Vice President for Product and Strategy at The Clearing House) makes a very important point about the future of payment systems. Steve is commenting on the global transition to immediate payments infrastructure (such as the Faster Payments Service, FPS, in the UK) in the context of the US discussions in response to the Federal Reserve consultation on the topic which Consult Hyperion, amongst a great many others, responded to. The Federal reserve, as you will recall, called for “a safe, ubiquitous, faster payments capability” and The Clearing House is one of the organisations that has responded to this call by announcing that it will create a national real-time payment system. Surely, you might think, it can’t be that much effort to create a low-cost real-time payment and settlement service in an era of laser beams, transistors and the thingternet. Well, yes and no.

[Gene Neyer, SVP Fundtech says] “The marginal cost of making payments is low. Much of the cost [today] involves risk management, exception handling, and research.” Faster payments are actually cheaper, but this is not to say they are risk-free
[From Faster Payments Could Help Speed Economic Recovery | Bank Innovation]

This a fair point. In the US, there are concerns about the impact on fraud of shifting to instant payments, particularly because the US favours evolving current infrastructure rather than building a new national infrastructure as was done in the UK.

Banks must therefore architect a solution to evolve ACH while the ship is moving. This is a much better approach than that taken by the UK of mandating faster payments… (one bank was losing 30M GBP a WEEK from fraud when launched).
[From Call to Action – Submit Response to Fed | Finventures]

Steve makes a number of observations on the need for security in such an infrastructure. He makes a number of very practical suggestions to satisfy that need for better security and suggests that tokenisation, credit-only transactions, imposition of robust access security, real-time anti-fraud/anti-money laundering/sanctions screening and network activity management might be a key elements in constructing an infrastructure capable of meeting the goals for real-time (or near real time) settlement. I’m sure he is correct about all of these, and they are all topics that I’ll return to in the future.

He then goes on to make what I think is a crucial point about the next phase of evolution. He says that instant payments are particularly well-suited to provide value beyond fast money movement because of their fundamental feature of real-time communication between senders, receivers and the relevant institutions. In other words, a perspective that sees money as just another kind of messaging. I rather like this because the ability to send remittance advice, invoices and other related documents along with payments means more efficient systems can be built on top of those payment networks.

I can’t help thinking about the case study of Venmo in this context. One of the reasons why it gained traction was that it interacted with social networks in a way that appealed .Venmo shifted $1.6 billion last year and are growing at an amazing rate. In fabulously interesting and entertaining discussion about twenty-somethings use of Venmo in the US, I noticed a curmudgeonly intercession from someone a bit like me:

this is a particularly american affliction, since other countries’ banks actually have functioning online payment systems
[From Read what happens when a bunch of over-30s find out how Millennials handle their money – Quartz]

This misses the point, and led me to wonder: why doesn’t Barclay’s create the bastard child of Venmo and PingIt and add the social networking capability to PingIt by using the hello-1965 alphanumeric remittance advice field to store a Snapchat-style pointer to a message posted by the sender, a message that will vanish in a day. Steve talks a little about this in his paper (using pointers to richer information – I seem to remember that FPS had a similar plan to develop some kind of data repository and then add pointers into that repository into payment message but I don’t know where that is now).

U.K. decision-makers chose to build a new system to achieve their objective of faster payments rather than speeding up existing payment systems. A decision to separate the settlement stage from the authorization and clearing stages of the payment process and to allow banks to continue to settle three times daily via the Bank of England made it possible to build and implement the U.K. FPS so cost effectively. With this simplification, the cost of constructing a new payment network did not differ very much from the cost of enhancing an existing system.
[From Costs and Benefits of Building Faster Payment Systems: The U.K. Experience and Implications for the United States – Boston Fed]

This is an entirely accurate summary, but I would add that there was a slight downside to this very conservative approach: by building the system using existing technology, costs were minimised but the ability to add new services was limited. IIn retrospect, by the way, and with the wisdom of hindsight, I think we can safely say that this capability should have been built into FPS in the first place, as it will be eventually.

Discussions are underway to migrate to the ISO 20022 standard.
[From UK Faster Payments]

Steve concludes by saying that moving money around in real time will be the baseline capability of the next generation of systems and that making the payment systems a platform for innovation spreads benefits beyond the participants, something that we at Consult Hyperion strongly agree with. As Steve says “payment systems should aspire to be adaptable enough to support the ever evolving needs of the future”. To my mind this is a recognition of the necessary “amazonisation” of payments, rebuilding around API-centric architectures. In Europe, the banks are being forced down this path by regulator: it’s a great time for them to start planning a response centred on seizing the opportunities!