I had the good fortune last week to be part of the Glenbrook team attending the FinTechStage Inclusion Forum in Jakarta. Happily, among the attendees were two women I have known for several years: Maha Bahou of the Central Bank of Jordan and Carolina Trivelli of Pagos Digitales Peruanos.

Peru and Jordan are two of several countries around the world that are aggressively moving to establish market-wide digital payments platforms designed to increase financial inclusion.

We were in Jakarta in connection with Glenbrook’s work with the Bill & Melinda Gates Foundation’s Financial Services for the Poor group – and in particular the foundation’s Level One Project, a vision and a blueprint for how such national systems might best work.  I’m pleased to report that both the Jordan and the Peru platforms embody many of the key design principles of Level One.

That’s good news.  But what I want to emphasize is how strong leadership shaped the development of these systems.  Maha and Carolina, each in her own way, were highly effective generals of their armies.  They drove their projects ahead, dealing with untold complexities, multiple constituents, conflicting priorities, and ambiguous business models.  And they succeeded.  I think it is safe to say that neither “JoMoPay” in Jordan nor “BIM” in Peru would be where they are today without the leadership of these women.

Maha Bahou and JoMoPay

In Jordan, Maha was a career central bank officer running the payments division when, in 2013, she became increasingly aware of financial exclusion and its consequences for the lives of poor people in Jordan. This concern dramatically escalated as Jordan began to experience a flood of refugees, many from Syria.  Maha brought her concerns, and her initial thoughts on a digital payments platform accessible to all, to the management of the central bank and then later to the “national payments council”, a group including the major commercial banks in Jordan.

I wish I could have been there to hear those early discussions.  I’ve heard Maha speak many times since then, and have been impressed by the breadth of her vision, her ability to intelligently marshal arguments in support of her points, and the passion of her delivery.  I’m not surprised to hear that the bank and council approved – relatively quickly – her plans to develop and operate JoMoPay in the safe environment of the central bank.

Maha put together a working group of interested banks and other participants, and consulted to them throughout the project.  But there is no question that the central bank was in charge; the solution was not built by consensus.  This approach had the advantage, of course, of enabling faster action, but it had the risk of alienating players (particularly the banks) whose long-term participation would be necessary for the success of the project.  Maha successfully “threaded the needle” through an ongoing, and no doubt exhausting, process of consultation and convincing.

What did they build?  A real-time, credit-push switch that connects all institutions holding transaction accounts for customers.  This includes both banks and licensed non-banks. There is no notion in Jordan that the non-banks issue “eMoney” (as opposed to “real money”). As a result transfers can freely flow between and among all institutions.

Maha started in 2013, with 40 institutions participating in the working group.  The first pilot went live in April 2014 with two institutions connected.  The full launch began in October 2016 with six institutions; more are coming on board steadily.  The switch is also connected to other payments services providers, to the national ATM switch, and to various processors.

JoMoPay has several features that merit notice.  One is a focus on fraud management capabilities at the “hub”.  This reduces the need for duplicated investment at the “edge” (by banks and other providers). The banks retain the compliance obligation but can use a utility for many fraud detection tasks. Interestingly, one enabling component here is a requirement that “on us” transactions be routed through the switch.  The second feature is a system wide brand – “JoMoPay” – so that payers and payees have a common vocabulary, regardless of their financial institution.

JoMoPay went live with multiple use cases supported – not only P2P (the typical starting point for such systems) but also merchant payments, bill payments (including all government fees and tax payments, school payments, and medical payments), business-to-business payments, and eCommerce payments.  I’m particularly interested in this, as around the world there is a demonstrable problem with dormant or infrequently used mobile wallets: people receive a G2P payment or a personal transfer, and them immediately “cash out” as they can’t spend the money anywhere.  JoMoPay tackles that problem at the outset.

When Maha talks about the challenges of getting JoMoPay launched, the primary issues were interoperability (at all levels) and the interconnected topics of issuer economics and agent sharing.  This is, arguably, the toughest problem in getting payments systems for financial inclusion going: you need institutions to invest and to commit to participate, but you need low prices (and the easy access to agents) to serve the poor.  Maha convinced participating institutions of the merits of low fees to achieve financial inclusion. She matched that with a subsidization of the switch fees for the early years of the initiative.

Volume is low in these early months, but there are encouraging signs of growth.  Significantly, Maha just led the effort to transfer control of the system from the Central Bank to Jo-PACC (Jordan Payments & Clearing Company), to ensure that ongoing stewardship of the system is in the hands of the participating banks and later, the non-bank providers as well.

I’ll be interested to watch the evolution of the system. I’m convinced it wouldn’t have happened as it did, or as quickly as it did, without Maha and the support of the Central Bank Governor and Deputy Governor who provided political capital this make this happen.  I’m not alone in that view. In 2016, the King Abdullah of Jordan gave Maha an Award for Excellence in leadership.

Carolina Trivelli and Peru’s BIM

Peru had a different starting point.  The government took strong and early steps, not only in financial inclusion, but on broadly defined social inclusion – establishing a cabinet-level department, the Ministry of Development and Social Inclusion, in 2011. Carolina Trivelli, an economist and researcher, was instrumental in the creation of the Ministry and its strategy (“Incluir para Crecer” – “Include to Grow”) and became the first Minister. She was active and visible on many fronts during her three years at the Ministry. When I visited her in Lima in 2014, I witnessed two separate occasions when a stranger approached her on the street to thank her for her service to the country!

In 2013, the government issued a new law defining eMoney issuance, allowing both banks and licensed non-banks as issuers, and calling for interoperability among participating institutions.  Policy makers left it to the financial community to figure out how to do this. The banks decided on a new entity, which ultimately became Pagos Digitales Peruanos (PDP).  Carolina was tapped to run this in 2014, a complete “newbie” in payments, but someone with a passion for the cause of financial inclusion.

Carolina had the opposite situation to the one that Maha had faced in Jordan.  Instead of a central bank designing the system, she needed instead to build a system from the ground up – by consensus from the participating institutions – 35 at last count.  As one can imagine, there were endless issues to think through – from the technical architecture, to ownership and governance structures, to use case support, economics, and brand.   I spoke from time to time with Carolina during this “build” phase – and it was clear that it was at times difficult (to put it mildly).  But her perseverance (and that of the bankers working with her) and her persuasive capabilities paid off.  BIM piloted in August 2015 and launched in February 2016, with initially 9 institutions connected and 28 connected now.

One of the unusual choices made by the Peruvian group was the handling of customer accounts.  As the law required banks to have separate eMoney accounts for customers (a banked customer can transfer money from their “real” bank account into their “eMoney” account), all institutions needed to find a way to support wallets, as well as interoperability.  An RFP process resulted in one vendor (Ericsson) being chosen to provide wallet services for issuers as well the “switch”.  This meant that from a technical point of view, transfers among wallets are similar to “on-us” transactions: a simplifying solution for the beginning of the service.  It also enabled a common experience for consumers across providers – the user interface/USSD screens are common for all BIM wallets.  (The agreement with Ericsson does specify that an issuer may opt to use another wallet, and still interconnect on the platform).

What were the toughest parts in bringing the service to market?  Carolina mentioned several: persuading financial institutions to use a common brand (“BIM”), getting agreement on a common fee structure (low!) to consumers until the service reaches break-even, convincing the telecom regulator to allow the MNO’s to negotiate with PDP as a single institution rather than individually with each financial institution (for USSD access fees), and, not the least, the issues of how to write operating rules cooperatively with that many institutions participating.

BIM’s biggest ongoing challenge has been agent interoperability, the economics surrounding that, and the management of “cash-in” and “cash-out” functions.  Although Carolina has left the active management of PDP (she remains the chair of the board), she continues to work on this issue, among others.  The latest initiative is the establishment of what she refers to as “BIMers” (“beemers”); individuals who work sort of like mobile ATM’s, in partnership with a fixed-location agent.  Think of it as the “Uber of cash-in/cash-out”.

Looking Ahead

Both JoMoPay and BIM are in their infancy, facing the challenge of getting consumers signed up and then ensuring that consumers use their wallets.  The latter, as both Maha and Carolina well understand, requires enabling merchant acceptance – making money “spendable”.  In both countries, there are multiple efforts underway to achieve this.

Only time, of course, will tell the story of the eventual success (or not) of these services.  But I’m clear that the very fast track of these programs – from concept to reality – can be attributed to the characters, capabilities and convictions of their leaders. I understand there is a “great man” theory in history – that certain highly influential individuals, due to either their personal charisma, intelligence, wisdom, or political skill, have been able to make a decisive impact on history.  Here we have two “great women” who have clearly made a difference in their countries.


Post image for Demonetization Roulette: India’s unusual approach to creating a cashless economy

On November 8, 2016, India cancelled 86% of its currency in circulation with a four-hour notice and the move pushed India into a severe currency shortage. In a country where 98% of all consumer payments are in cash, this prolonged currency shortage carries risks: economic destabilization in the short term and irrevocable damages to the vibrant informal sector in the long run. Policy analysts describe the situation as the greatest gamble undertaken by modern India.

The initial motivation behind the move was to weed out fake currency in circulation and illicit funds, called black money in India, stored in the form of cash. But within weeks, the demonetization pitch changed from eradicating black money and fake currency to accelerating India’s journey towards a cashless economy. After all, if you don’t have access to cash, it’s likely that you will at least consider using an alternative.

In addition to enacting several policies to ease the currency shortage, the Government of India has implemented several measures to encourage consumers and merchants to adopt digital payment methods. These measures include:

Not the First

India is not the first country to demonetize its currency in order to combat black economy and fake currency. However, using demonetization to create a cashless economy is unprecedented.

Of course, demonetization is not the only thing the Indian government is doing to encourage the digitization of payments. Starting in 2006, the government has taken several pioneering steps to encourage digital payments. These include:

  • Launching Jan Dhan Yojana, a national program to provide every household with basic banking services
  • Creating a new class of chartered banks, called “Payments Banks”, that can accept deposits but are restricted from offering loans
  • Designing Aadhaar, a biometric national identity system which has completed a massive task of enrolling 1.1 billion people, and enabling Aadhaar to be used by the payments industry in a variety of ways to make payments seamless, secure, inclusive and cost effective
  • Introducing the Unified Payments Interface (UPI), a set of API’s to the core payments platforms within the NPCI (National Payments Corporation of India). UPI is particularly aimed at accelerating retail electronic payments with advanced features including a single interface to access any bank, access to credit-push immediate payments, a merchant “request to pay” capability, and support for virtual payment addresses.

It is quite evident that the Indian government is investing heavily not only in building out a digital payment infrastructure but is also willing to push its citizens to use it – this is the unusual aspect.

It is interesting to note that historically, governments play a direct role in managing systemically important payment systems such as financial market infrastructure, RTGS’s (real-time gross settlement systems), and, in some countries, check clearing systems and/or ACH’s (automated clearing houses). However, governments tend to let the private sector tackle payments systems that are meant to support small value retail digital payments. International card networks such as VISA or Mastercard, online payment services such as PayPal or mobile payment services such as Apple Pay or M-Pesa are all examples of the private sector “leading the show”.

Governments Manage Cash, Why Not Payments?

The one exception to this?  Governments provide cash, one of the most popular payments system used in retail transactions. They do this by paying for the creation and management of cash.  Although cash is introduced to the economy through private sector banks, once it is out in the economy it can circulate without banks. This is dramatically the case in countries, such as India, where there are many more unbanked than banked people.

So why do governments coldly hand over the responsibility to the private sector the moment these retail payments change in form from cash to eMoney? As Glenbrook’s Partner Carol Coye Benson observes: “Governments pay for cash, the payments system that people use. If we want to move people away from cash, why are we suddenly determined that this has to be done on a commercially viable basis?” Another problem with reliance on the private sector for digital payment solutions is that private firms may not feel the necessity to serve everyone, and as profit-maximizing entities they are bound to be selective in designing products for only profitable segments.

While unusual, India is not alone in its journey towards a cashless society. There is an emerging trend of governments becoming active sponsors of their countries’ retail payment infrastructure. Last year, Bank of Thailand launched PromptPay, a real-time instant payments service that allows fund transfer using a National ID number or mobile phone number without needing to provide a bank account number. Similarly, the Central Bank of Jordan launched JoMoPay, the country’s mobile payment platform to encourage interoperable mobile payments in the economy. Ecuador even launched the world’s first public digital cash system called efectivo.

Some may not feel comfortable with governments dominating the retail payments domain for fear of lack of innovation, destabilizing market forces or upsetting the balance of economic interest of all stakeholders. But consider that these concerns don’t bother us when governments are involved in the delivery of essential services such as health, education and clean drinking water. Perhaps, the time has come for us to deliberate whether the most basic financial and payment services that are not affordably available in the market today are indeed public goods? Should it be the government’s responsibility to deliver it in the free market without a profit motive?

The world is watching India and its dramatic attempts to tackle financial services problems through active government involvement.  Will the gamble pay off?  2017 will be a fascinating year for watching.

{ 1 comment }

Post image for Episode 49 – How to Get, and Stay, Smart in Payments

Want to know what it takes to stay smart in payments? Take a listen to Russ Jones, the Partner in Charge of Glenbrook’s Payments Boot Camp program. Russ gives a look behind the scenes, talks over the boot camp’s evolution, and how it stays forward looking in what’s become a fast changing industry. Over 13,000 payments professionals have experienced the Payments Boot Camp Russ talks about in this Payments on Fire podcast.


Payments on Fire 49 Russ Jones George: Welcome to another Payments on Fire podcast. I’m George Peabody with Glenbrook Partners. It’s my pleasure today to have one of my Glenbrook partners with me – Russ Jones. Hey, Russ. Russ: Hey, George. How are you? George: I’m doing great. Thanks for being here today. For those of you who don’t know Russ, let me give a quick introduction. He’s been with Glenbrook for twelve years. Russ, longer than that? Russ: Fifteen now. George: Fifteen. Russ is, of course, one of the leading consultants we have, but he’s also the partner in charge of Glenbrook’s education program, and that’s why we’re speaking with him today, to take a look behind the scenes, if you will, to talk over the evolution of the boot camp program and our insight workshops, how it’s kept relevant, and forward looking in what’s become, in the last five years or more, a pretty fast changing industry. Russ, let’s start with what the boot camp is and how it got started. Russ: These payment boot camps, as we call them, they’re two-day workshops that are designed to help people get smart about how the payments industry works, and I don’t mean the card industry, I mean the payments industry very, very, very broadly. It really comes out of our, sort of, consulting work. When we first formed Glenbrook, we did not think we were going to be in the payments education business, but what we found out was every time we’d work with a client, you know, smart people, tons of energy, and wouldn’t it be great if everyone who worked for them understood how the industry worked. The context there, of course, is that there’s tons of people in the payments industry, and they don’t always have a deep background in payment fundamentals – they’re software developers, they’re risk specialists, they’re business strategy people, marketing people. Our clients were asking us to help them educate their employees and get them smart really fast about how the payments industry worked. So we set out, over ten years ago, doing this, and over that time we’ve had 13,000 people who have come through one of our workshops. It’s worked out pretty well. George: That number keeps going up. That’s great. Russ: It does. George: How has the boot camp changed over the years? Russ: Well, it’s changed a lot. It’s changed a lot as we have gotten a little smarter about how to do it, to be quite honest about it. We didn’t start out as educators, so we had to sort of learn about how to make an engaging learning environment. We thought we knew the topics, if you would, but there’s a difference between knowing the topics and knowing how to talk about things. We’ve really had to hone our chops over the years in the way we structure things, the way we sequence things, our use of case studies, the way we insert videos into the experience, polling devices into the experience, and of course we’ve seen topics come and go. Things that are intriguing to people one year are well understood the next year and are just commonplace the year after that. To some degree, the agenda we have in these workshops kind of acts as a little bit of a barometer, if you will, to watch how the industry changes over the years. George: So that is really reflected in the structure of the two-day boot camp, where the first day, and I have to say that I’ve had the pleasure and the privilege of teaching this boot camp sometimes with you, Russ, where the first day is really around what Glenbrook thinks about payments, if you will, the set of lenses we use to think about payments, and then across all kinds of payments. The second day really tends to be more focused on what’s happening currently, and that material has to get updated all the time. Russ: It’s continually revised on a month-to-month basis, we’re updating the material to reflect what’s topical in the industry, what’s going on. You were asking, George, how this has evolved over time, and when we started, we thought it was important to just explain how the core payments systems worked, and what we realized, after doing it for a while, is people want to understand the context, they want to understand the theory, not just how the checking system works, but why the checking system works that way, not just what is a chargeback, but why do chargebacks exist, what’s the underlying theory behind it. So we, over time, evolved the workshop. On the first day, which is the real fundamentals day, we started out talking about key concepts in payments, in payments systems, and we don’t talk specifically about any payments system. We believe these are the concepts that cut across all payments systems, and if you get the concept, you can see how they’re applied in the core payments systems, and then you can see how they’re applied in new payments systems that you might be reading about on TechCrunch next week. So we do that, and I think that’s a very good foundational thing for everyone. The two other things I think are really sort of the hallmark of how Glenbrook thinks about payments is we always want to help the participants look at the payments industry through the eyes of all the stakeholders. So we lead people through sort of a 360 degree view of all the issues that are in play in the industry, how do consumers think about them, how do businesses think about them, whether they’re merchants, billers, enterprises, what drives a bank to act like a bank, what drives a processor, what drives a network to act like a network, why does one consumer choose one payment method and another consumer chooses something else. So it’s really foundational to get in the heads of all the stakeholders, so that when you come along and look at something like in app payments, for example, that we talk about on the second day, we can just put it through the lens of processor, network, bank, merchant, consumer, give it that sort of thing. George: And we do much the same thing when we start talking about innovation as well. Russ: Yeah, absolutely. The other prism we used to help people sort of see and understand how the industry works is we have developed this idea of payment domains (so you think of bill pay as a payment domain, P2P as a payment domain, B2B as a payment domain), and every time something new comes along, one of the ways you can understand it is to think about the needs and the requirements of users of payments systems that are in these different domains. So how does tokenization play in the point of sale domain, how does it play in the bill pay domain, how does it play in the income domain, in the P2P domain? Any by putting it through that prism, it really helps people understand the difference between the payment systems and the payment domains. As an example, George, we hear all the time of people talking about P2P payment systems… George: I think I know where you’re going. Russ: Yeah, there are no P2P payment systems. There are payment systems that find themselves positioned and optimized for the P2P domain. George: So that would be Venmo, as an example, or the new one that’s coming with Zelle. Russ: Yeah, that’s exactly right. So you think about Zelle as an open-loop payment system, and in the same way, the card system, the ACH system, the checking system as an open-loop system. In the case of Venmo, getting traction in the P2P domain, but now, being repositioned to the remote commerce domain. George: Why is that important? Russ: Well, it’s important because the rules vary to some degree by domain, and vendors vary by domains, the usage patterns vary by domain. How you prefer to do something and why you do something in a bill pay context is different than what you do at the point of sale. So we really like to sort of get the filter in front of everybody’s eyes and let them see the industry through these different domains. George: So my experience with the boot camp is that two days fly by and we have to cover a lot of material at a pretty high level. I know that you’ve developed another program that follows the public boot camps called our Insight Workshop Series to try to go a little deeper. Do you want to talk about the Insight Workshops? Russ: Sure. To put the Insight Workshops into context, let me just flush out; in a two-day payments boot camp that we would do, we cover a lot of materials; it’s very comprehensive, it’s extraordinarily wide, and to do that, you can’t go really deep on any one thing because there’s only so many hours in the day. So what we do is, we then take, in the two-day boot camps, the first day is all focused on fundamentals – getting everybody on the same page about how things work, why they work that way, liability economics, terminology, et cetera, et cetera. The second day of the workshop, we sort of put the industry in motion and talk about how it’s changing, where it’s changing, we look at how it’s changing around the world, how it’s changing in the US market, and we really address topical issues on the second day. As an example we do, in today’s payment market in the US, people are sort of excited and focused on faster payment systems; the idea that you’re going to be moving money in real time between bank accounts. So that’s a topic that we address on the second day of the payments workshop. In the context of everything that’s going on in the industry, that’s a 30 minute discussion; for some companies, it’s their reason for existing. In the context of the industry, it’s not the whole second day of the workshop, it’s just a little sliver. For topics that are really dynamic, that have a lot of implications, and are changing quite a bit, we go super deep on these Insight Workshops. We have a workshop coming up in New York next month – a two-day payments workshop, and we’re going to compliment that on the third day with a full 8-hour workshop on the fast payment systems in the US, and look at faster payment systems around the world, do some exercises in how they’re developed, how they’re designed, and really dig deep into that one topic. So we’ll take that 30-minute module on the second day, and for people who are interested, we’ll really dive deep into it on that third day. That’s what we call the Insight Workshops. We do Insight Workshops on faster payments, on digital payments, payments innovation, data in payments, which is extraordinarily topical in today’s world… George: Sure is. Russ: …and B2B payments, global payments, and block chain. George: Cool. My experience with the boot camps is that they are often really interactive. I know that you encourage lots of questions, there’s often a lot of discussion, a lot of back and forth amongst the folks who attend, both our public and our private boot camp series. What do you do or have you built in to try to encourage interactivity? Russ: To some degree, interactivity is natural because people are so curious and have so many questions about things, but to really facilitate that and get everybody comfortable, we have a lot of exercises, some are small group exercises, where participants get to work in teams, we also do individual exercises, we use interactive polling devices, so that the group at large can give feedback on things and sort of share their own experiences and perception about how things work, and the classic example there that really gets people going is we put up a polling question: “how do you pay for groceries at the supermarket?”, and boy, the answers are always fascinating. People who do one thing, they’re always flabbergasted that other people do something else. So it’s always a great opportunity for people to explore and ask one another why they’re choosing and using one method versus another in a grocery store. George: We’re lucky, as we travel around the country and do the workshops in various locations and to different age groups; it’s fascinating how that varies. Russ: That’s exactly right. George: So, I have a very simple story, which actually repeats itself in the workshops I’ve participated in, which is, I just love when I see veterans who have been in credit or debit, for example, they’ve been in there for 10, 12, 15 years, and I love it when I see them sort of do their slap on their forehead and go “oh, that’s how that works”. I just love seeing that because what we cover in this huge, broad industry, really shows how the cogs interconnect, so I love that. You’ve been doing this a lot longer than I have, do you have a favorite boot camp story? Russ: Not one story per say, but I would observe that the participants in the workshops, they’re on two levels, whether they realize it or not. They’re there as professionals trying to get their arms around this crazy industry, and they’re also there as individuals trying to relate to the things they observe in their personal life and the interworking’s of payment systems. It’s very common, I’ve seen, that when we’re explaining why something works that way, and somebody’s eyes will light up, and they’ll shout out “is that why when I do blah, blah, blah, y, y, y, happens?”. That’s a pretty typical experience that people have, they connect their own personal experience with how payments work with the theory behind why it works the way it does. The other subtlety to that, I would say, is tons of interaction. The interaction during the workshop is always professional in nature, the interaction at the breaks and at lunch time, it oftentimes gets to be more personal. We’ll spend a lot of time talking about card acceptance and the whole acquiring value chain, and the differences between a payments facilitator and a gateway and a non-bank acquirer and look at difference models and the nuances behind that, and people will have a lot of questions and a lot of interaction, and then at lunch time, it’ll be “you know, my cousin is setting up a business, and he’s trying to figure out if he should use Braintree or Stratton”. It becomes very personal on one level. George: That’s cool. We’re all consumers, so we bring our individual experience to the party. Russ: And the same things happens with people who send money internationally. We go through the mechanics of dynamic currency conversion and multi-currency pricing and international wires, and someone always wants to go a little bit deeper there and talk about the tradeoffs they made, the experience they had when they were selecting how to send money to their cousin in Malaysia. George: Yeah, cool. Russ, thanks so much for talking with me today about the payments boot camps and the Insight Workshops and how we’ve gotten to where we are and where we’re headed with it. Thanks a lot. Russ: Ok. George: We can talk about this one all day, I know we enjoy it. Russ: Ok, George. It was great chatting with you. George: Alright. Thanks, Russ.


Post image for Demystifying India’s Digital Payment Infrastructure

There is a growing curiosity about India’s payments systems. These systems, and their role in the “India stack”, have been the subject of many articles speculating their importance in shaping India’s future.

Despite this attention, there is still considerable confusion about what these initiatives are, and how they interact with each other. This led me to write this piece, a simple explanation of the basic pieces of India’s digital payment infrastructure. A follow-on piece will analyze the Government of India’s unique approach in developing this payments infrastructure, focusing on the recent demonetization of major currency bills in the country.

India Stack [Source: ispirit]

Aadhaar – National Identity Platform

There are a multiple key initiatives that combine to make India a leader in payments. First is Aadhaar, India’s 12-digit national identity number with biometric information. A lot of countries today have national IDs with biometric information but what makes Aadhaar unique is its federated architecture. The Aadhaar database can be queried by any entity that needs to verify an Aadhaar number and biometric information against the information available in the database through the Aadhaar Auth API. No personal or biometric information is shared with the parties; the query will only respond with a “Yes” if there’s a match between the information sent and the central Aadhaar database. This feature has enormous potential to drive “presence-less” and “paper-less” authentication of transactions in multiple industries particularly in banking and payments, across public and private sectors.

Aadhaar is like a new fuel that is accelerating the usability and performance of India’s payment systems.

Building the Cashless Layer of India Stack

India has developed a set of highly advanced retail payment systems over the past decade, all under the auspices of the National Payments Corporation of India (NPCI), the umbrella organization promoted by the Reserve Bank of India and major banks. NPCI is responsible for building and managing these payment systems and is the most important player in the ecosystem.

Today, NPCI is managing four important payment schemes:

  1. National Financial Switch (NFS) – the largest network of ATMs in India, which also functions as the switch for many other payment schemes including IMPS.
  1. Immediate Payments Service (IMPS) – an interoperable push payment scheme that allows banks and wallet providers across India to transfer funds in real-time 24×7. An immediate funds transfer system, IMPS transactions can be carried out using ATM, mobile, and web interfaces. IMPS is an important payment system as it is used as a foundation for building several other payments services including Unified Payments Interface (UPI), and the recently launched interoperable Bharat QR Code.
  1. Unified Payments Interface (UPI) – an interoperable mobile push payment service that works real-time, 24×7 across banks in India. UPI is built on the IMPS platform, and comes with some really interesting features:- Payees can send ‘request to pay’ notifications to payers- Customers can link ‘virtual payment addresses’ (e.g. payshiv@abcbank) to their bank account that they can get paid without having to disclose their account number.These features are expected to make digital payments seamless and increase small-value merchant transactions. UPI is made available via a set of APIs, which banks and Fintech companies can use to build mobile applications. NPCI also built its own UPI App called BHIM (Bharat Interface for Money) which participating banks can use. The standardized APIs allow customers to make UPI transactions from their bank account using any UPI-based app.  This is quite remarkable: you can use “Bank A’s” app to access your account at “Bank B”!
  1. Aadhaar based payment systems – the NPCI, working with the Unique Identification Authority of India (UIDAI), created the Aadhaar Payments Bridge (APB) to channel Government to Person (G2P) payments directly into beneficiaries’ bank accounts using the Aadhaar number as the payment address. APB uses National Automated Clearing House (NACH) to affect the fund transfer. There’s no need to know the beneficiaries’ account number. Additionally, the Aadhaar-enabled Payment System (AePS) allows customers to use their biometric information to authenticate and perform cash-in and cash-out transactions at any bank agent who has a biometrically-enabled POS device. These schemes require customers to link their bank account to their Aadhaar number. The “Bank’s Issuer Identification# to Aadhaar#” mapping information is held in a Mapper Unit managed by NPCI. The NPCI Mapper Unit is also the engine that allows customers to use their Aadhaar number as the payment address (instead of account numbers) while making IMPS or UPI transactions. Recently, Aadhaar Payment App was launched using AePS which allows consumers to pay merchants by entering their Aadhaar# and authenticating with their biometric information. Merchants have to download the App and connect their smart phone to a biometric reader.

The impact of these initiatives increases as the number of Indians with a mobile phone and bank account continues to grow swiftly, and the benefits will percolate to the “bottom of the pyramid”.

You’ll be surprised to know that a smart phone is not mandatory to enjoy many of the above-mentioned services. NPCI’s National Unified USSD Platform (NUUP) allows any feature phone user to dial *99# regardless of their mobile carrier or bank to make IMPS enabled transactions.

India’s Payment Systems and Services


These payment systems and services are not standalone setups but rather layers of infrastructure laid one over the other. NFS is used to provide IMPS. UPI is built over IMPS. When layered with Aadhaar (using the Mapper Unit), Aadhaar based payment systems are created. The use of layers in an infrastructure stack—as opposed to a value chain based approach—is what makes India’s payment ecosystem quite incredible!

There are other, less tangible but all-important ingredients that have contributed to the India stack’s success. The first is strong government commitment to the program.  The second is the trust that the government enjoys among its citizens. Indian citizens are quite willing to share their biometric information with the government, a situation hard to imagine in most developed countries. Last, the government has endorsed and evangelized this payments infrastructure and continues to play a very important role in fostering quick, widespread adoption and usage.

Do you have more questions about India’s systems? Let me know. I’ll follow up this post with one addressing the Indian government’s unique approach of supporting the country’s payment infrastructure.


Post image for MRC Las Vegas 2017:  It’s Not Just About Transaction Risk

This past week, over 1400 payments professionals convened in Las Vegas for the annual Merchant Risk Council (MRC) conference, an event that I’ve had the pleasure of attending for over a decade.  While merchant fraud detection and risk management continue to be the core theme of the conference, traditional payment service providers had a strong showing at the event, helping cultivate an environment including nearly every payments and fraud-related area that could ever interest a merchant.

Change is most definitely in the air as many new companies continue to enter the fraud prevention marketplace, existing providers expand their strategy, and traditional payment service providers work to offer more value beyond standard payment processing.   While there were tons of topics discussed throughout the week, we saw several prevailing themes:

Machine Learning Continues to be Red Hot

Back in November, my colleague, Russ Jones, wrote about Artificial Intelligence in Payments, stating that “it has never been a hotter topic than it is right now” and from the showing at this year’s MRC, it would be difficult to disagree. Whether you call it “machine learning”, call it “A.I.”, or go back to specific techniques that have been used for years, such as neural networks, machine learning was front and center at this year’s event.

The story, however, is one of old vs. new, as well as apples vs. oranges. Newer fraud prevention providers, including the likes of Signifyd, Forter, Riskified, Feedzai, Sift Science, NuData Security and Datavisor bring machine learning to the forefront of their solution. At the same time, established risk management platform players, such as ACI ReD, Kount and Cybersource tout machine learning capabilities that supplement their multi-dimensional systems.

One thing is for sure:  not all machine learning is the same.  For some providers, machine learning is part of their DNA, while others simply use it to augment the performance of other risk technologies. And, to be frank, many flog it because it’s a topical marketing buzzword, regardless of whether it’s integral to their solution or not.

This complex and fragmented market makes one other thing clear:  many merchants are confused about the different machine learning solutions that are out there.  Merchants will need to dig deep to understand the value that machine learning brings and how every provider’s implementation differs.

Guaranteed Providers Try to Find their Sweet Spot

In January, I wrote about the current wave of fraud prevention providers who offer a simple guarantee: they will take all risk and liability for chargebacks, fine and fees when they don’t identify a fraudulent transaction.  Forter, Signifyd, Clearsale, Riskified, Vesta, Radial and Appruvd are among the providers who offer this promise.  But as this market continues to mature, providers in this space have also realized that they need to tweak their strategy, value proposition, and pricing models.

I spoke with a number of providers who are supplementing their guaranteed service offering with non-guaranteed services, in order to appeal to a broader group of merchants.  Reaching merchants who may not be sold on the guaranteed value proposition could help expand these providers’ addressable markets, but also puts them squarely in competition with established non-guaranteed players in a market that is already flooded with fraud prevention solutions.

Several providers also spoke to me about implementing new pricing models, where their pricing would be structured such that it would never exceed a merchant’s current total cost of fraud operations, while still offering a fraud guarantee.  This type of pricing structure could be attractive to merchants who cannot take the hit on the 1%-plus fees that guaranteed providers often charge, but also challenges providers and merchants to determine accurate costs of fraud operations, which can be difficult to determine or agree upon.

Lastly, there was a clear sense among guaranteed providers that they are taking a “guaranteed works for everyone” approach – even very low risk merchants.  There is a case to be made that low-risk merchants can greatly benefit from guaranteed fraud solutions since they could quickly do away with significant operational costs or the management of multiple fraud technologies. Handing over all fraud operations to a vendor who offers a guarantee could potentially reduce overall costs while providing CFOs with an absolute, predictable cost of fraud management.

Payment Service Providers Fight to Get a Greater Share of the Market

One of the great things about MRC is that its scope isn’t just limited to fraud. Major players in the payment processing and acquiring space are typically well-represented.  This year was no different and payment service providers did their best to show a fraud-minded crowd that they were more than just about switching card transactions.

Cybersource, for example, strongly pushed its enterprise tokenization service, while firmly reminding merchants that sensitive data is stored in rock-solid Visa-run data centers.  Sister company Cardinal Commerce had a strong presence in what was essentially its coming out party since its acquisition by Visa, in an important year where we will most likely see the advent of 3DSecure 2.0 and stronger authentication requirements dictated by the European Union’s PSD2.

One of the most interesting announcements of the show was First Data’s acquisition of Acculynk, the online PIN and PINless debit processor.  While Acculynk has been around for quite some time now, it’s PIN-based online debit system hasn’t exactly hit mainstream.  Perhaps First Data feel that they have the sales power and greater platform to make it successful, but I’m sure that they also saw value in Acculynk’s debit gateway product, which can neatly bolt on to First Data’s existing set of platforms.

Fraud Just Doesn’t Occur at the Payment Transaction

For decades now, e-commerce fraud solutions have had an intense focus on payments transaction fraud.  However, merchants have seen massive growth in account-related fraud, including login fraud, account takeover, false account creation, account abuse, and collusion.  Many are thirsty for solutions that help them address these complex problems.  It’s easy to see how account fraud can lead to payments fraud, with illegitimate purchases coming from a legitimate account or by using a good account to make purchases with stolen card data.  Nothing good comes out of letting bad actors into a system.

At this year’s conference, there was a renewed focus on account-related fraud, both in topics presented by attendees and in solutions offered by service providers.   We saw Western Union speak about out-of-band authentication methods used to mitigate social engineering attacks, as well as trends related to account takeover fraud. TSYS and Featurespace also joined up to talk about the challenges associated with social engineering risk, while Ria Financial spoke about the importance of reducing risk during customer onboarding to mitigate transactional fraud.   Etsy spoke about machine learning-based approaches used to mitigate account abuse in its global marketplace.

On the provider front, Sift Science teamed up with Patreon to speak about account takeover fraud, conveniently on the heels of Sift introducing a new account takeover product to complement their existing suite of fraud and abuse tools.  And long-time purveyors of device identification technologies, iovation, heavily pitched identity management and device-based authentication solutions alongside their newly-acquired LaunchKey multifactor authentication product.

MRC Goes Global

If you missed MRC Las Vegas this year or want a more international taste of what’s going on in the world of risk and fraud, MRC hosts its annual European conference in London on April 24, followed by a European Platinum meeting in September.  Its US roadshow will pick up again with its fall Platinum Meeting in San Diego this October.

And if you need help understanding the ever-evolving fraud prevention market, Glenbrook has assisted many merchants and service providers navigate this complex landscape.   Please reach out to explore how we may be able to help you.



Post image for Episode 48 – APIs, ACH, and Faster Money – Dwolla

Sometimes a change in direction is the way forward. Network aspirant Dwolla has recently pivoted its work toward the product and development teams inside financial institutions. Instead of being a system operator, Dwolla now offers a broad set of APIs designed for those FIs to take advantage of the ACH’s overnight and Same Day ACH services. Dwolla’s shift also comes as the company and the US anticipates the impact of new immediate funds transfer systems Zelle, The Clearing House, and likely others.

Take a listen to this conversation with Jordan Lampe, Dwolla’s Director of Communications and Policy Affairs, and Glenbrook’s George Peabody as they discuss the Federal Reserve Faster Payments Payments Task Force Steering Committee, use cases for Same Day ACH, and more.



Post image for Payments in Real Time

As the U.S. payments industry is preparing to enter another exciting phase as immediate funds transfer options come online, I’m thinking back to my interaction in the Fall of 2013 with the inquisitive team at Planet Money. Perplexed about why it took so long for the monies from their Kickstarter fundraising campaign to make the electronic journey to their bank account, the team dug into this issue and created one of their podcasts called The Invisible Plumbing of our Economy.

All told, it took five days for the funds to reach them. Keen to understand why the transfer was so slow, Planet Money reached out to a few payments experts to try and make sense of it.  Naturally I had hoped to communicate the complexity and competitiveness of the U.S. banking and payment systems, the fact that our low-cost ACH was designed in the 1970s and the daunting economics of upgrading or implementing a system that reaches thousands of financial institutions serving some 300 million consumers. Alas, in the end, I think my most effective explanation for this admittedly outdated situation was, simply, “The ACH keeps bankers’ hours.”

It’s taken another three and a half years but in 2017, new payment systems are coming on line that will totally transform how many payments are made. Zelle and the new Real Time Payments rail from The Clearing House are joining contenders like PayPal.

Just for fun, let’s imagine that the Planet Money transaction was being kicked off today and see how different the experience would be:

  • End to end time – Rather than 5 days, the transfer should take no longer than a few seconds to register in the receiving account.
  • Batches – The transfer would be a single, credit transfer instruction and wouldn’t have to wait until the next payment batch is scheduled.
  • Business hours – These will be all day, every day.
  • Business days — Every day is a business day for real time payments, including weekends and holidays.
  • Funds availability – Funds will be available to be withdrawn immediately by the receiver, no more waiting for good funds. Funds will also be taken out of the sender’s account immediately before the transfer is made.
  • Confirmation – The Planet Money team would also get an email or text confirmation that the funds are available in their account. No more guessing. The sender would also be notified when the transfer is complete.

In this sense, payments will work a lot like email – always available and instant. Well, okay, it’s not quite like email just yet:

  • Transfers initiated in the Zelle, Real Time Payments, or PayPal rails don’t interoperate in the same way AOL does with Gmail (or ATT with Verizon), and
  • These transfers don’t work internationally (unless you’re a PayPal user sending to another PayPal user and even then a few caveats apply).

I’ll dive more deeply into these issues this week—and what they mean for consumers and businesses—with great panelists from ACI, Fiserv, NACHA (yes, Same Day ACH is in the mix as well) and SunTrust Bank at the Technology Association of Georgia FinTech 2017 event in Atlanta on 9 February. I hope you can join the discussion!


Post image for Payments 2017 – One Month In

Business evolution—whether it’s automotive, bioscience, or in the payments industry—proceeds along a predictable path of incremental improvements and optimization. Until it doesn’t and a step function takes effect.

Last year was sleepy compared to what we can expect during the next eleven months. 2016 was characterized by the more familiar path, through themes set in motion in prior years. EMV. Bitcoin and blockchain. The “pays” from Apple, Google, Samsung, and leading merchants. In 2016, these elements grew and evolved along predictable lines. Yes, they’ve made an impact but none represent anything resembling a tectonic shift.

Now that 2017 is underway, it’s clearer that prospects for 2017 include increasing tectonic activity that will be rough or smooth depending upon which side of the tectonic plate you are standing on.

Let’s examine the shifts we know about. If you’re all about politics, skip to the end.

Immediate Funds Transfer, Finally

2017 will see the addition of several sets of payment rails to the US. It’s been decades since new bank-based payment systems have been introduced so this is significant. The Clearing House will turn up its Real Time Payments (RTP) system for account-to-account push payments. Zelle, the consumer-facing brand of Early Warning’s P2P payment system, will begin its marketing effort to convert the word Zelle into a verb. And while not new rails, even NACHA’s Same Day ACH service will be in the mix, competing for business.

This is a global phenomenon with over 20 countries at various stages of deployment, from planning to full production. In the EU, SEPA (Single European Payment Area) rule makers have released the specification for SEPA Inst, an immediate funds transfer, push payment system scheduled for a 2018 deployment. With the global axis tilting toward this credit push model, these new payment rails will pull share from their predecessors.

In the U.S., system economics will get clearer in 2017 as these schemes compete for volume across P2P, bill pay, income payments, and other use cases. We will continue to track these changes closely because new payment systems are so rare and potentially so disruptive.

One area we will be watching is the security of these immediate funds transfer systems compared to pull-based systems. The UK’s Faster Payments scheme experienced higher fraud rates than expected until bank authentication was strengthened. No surprise there; new payment systems of any kind are catnip for hackers and what could be more appealing than a new system that pushes money in near real-time?

Online Security

Bad as it was in 2016 (remember the SWIFT breaches?), the crisis that is internet security will worsen in 2017. While defensive barriers and intrusion detection improve, the attackers enjoy the broad availability of personally identifiable information (PII), an ever-expanding set of attack surfaces, and the realities of human nature that make phishing so effective and security maintenance so difficult. Because of the broad availability of personally identifiable information, the hackers can have more current information than the accountholder. Account takeover will get more severe.

Effective payment defenses are being erected but there’s no hockey stick increase in their usage for this year. Issuer tokenization of payment card data is hugely effective but its use will remain well below 15% of CNP transactions. It is going to be 18 months before we start to see 3D Secure 2.0 (3DS2)—the more risk-based approach to merchant and issuer payment authorization messaging—move into broad production. That means issuers and merchants must continue to rely on defenses built internally or by others to manage fraud.

The Internet of Things (IoT) will expand even faster in 2017 but its security will continue to be deplorable. Manufacturers are focused on low cost and functionality. Buyers pay for the same attributes and are not paying for security features like secure elements or even basic crypto processing. That leaves whole fleets of IoT devices susceptible to botnet recruitment. Many IoT devices can barely be upgraded with new software to improve security, all while many are or will be payments-capable. This may only be solved by regulation unless all IoT players up their security game.

How Far do the “Pays” Go?

While their creators expanded the geographic coverage of these services, Apple Pay, Android Pay and Samsung Pay saw modest growth in 2016, still accounting for low single digit volumes at the point of sale. 2017 should see that steady, modest growth continue (changes Glenbrook is tracking closely). Two things must happen. First, consumers have to understand that these mobile payments methods are more secure rather than less. But no one really looks forward to educating consumers on new, improved security methods because it raises questions in everyone’s mind about the current system. Second, these “platform” Pays have to benefit consumers with loyalty points, rewards, and couponing. And that’s tough.

At Glenbrook, we believe the “pays” coming from large merchants that are able to combine both payment convenience and incentives in one package have more magic to offer. If you can get your discount, loyalty points, an improved buying and checkout experience from an app provided by a favorite merchant, you’re going to use it. Starbucks is proof. 2017 will be the year we see how successful other merchants—particularly retailers like Target who don’t sell hot, somewhat addictive products—fare with their in-store apps.

Blockchains Move into the Real World, Slowly

If 2016 was the year of the pivot from bitcoin to blockchain, 2017 will be the year when a handful of blockchain-based applications prove themselves, or not, in limited production. Use cases requiring the fewest participants and simpler data sharing requirements may well succeed from a technical point of view. Exposure of these use cases to the stubborn facts of economics (is a blockchain cheaper than a traditional database?) and rule making (can all participants benefit from the same set of rules?) will be the next hurdle for blockchain implementations.

Ripple is an example. While its technology is in place, the company has recognized the need to develop common rules for its participants. It has formed the Global Payments Steering Group with an interbank group composed of Bank of America Merrill Lynch, Santander, UniCredit, Standard Chartered, Westpac Banking Corporation, Royal Bank of Canada and CIBC to steer that rule making process for cross-border transactions. Once up and running under those rules, this will be a visible test case for blockchain payments.

Payments by Ear, and Voice

My partner Russ Jones has been calling this one for years. We expect the use of audio interfaces to blossom in 2017. The Amazon Echo, Cortana, Siri, and Android are teaching us to speak to our devices and now they’re getting better at both listening and doing useful work. Amazon’s Alexa has a “skill” to let Capital One accountholders make inquiries and payments. Before long, a Starbucks order-ahead skill will be added to Alexa. We’ll be watching for many more audio implementations this year.

AI and Machine Learning Everywhere

While these technologies have a certain “shiny new toy” glamor about them, there’s little doubt that 2017 will see an acceleration of machine learning and artificial intelligence applied to payments and commerce. We’ve already seen machine learning systems optimized for transaction risk management from firms like Feedzai and Sift Science. But even at the level of consumer interactions, AI-based bots are lowering the cost of customer service as well as guiding consumers through commerce flows. Last year’s bots were not all successful. And don’t expect your next bot encounter to pass the Turing test; it won’t “exhibit intelligent behavior equivalent to, or indistinguishable from, that of a human.” But it just might speed you through buying a new pair of shoes, including asking for the payment method of your choice.

International Inspiration?

Watching the international payments landscape finds nations and regions making profound decisions around money. India’s demonetization program and the EU’s PSD2 (Revised Payment Service Directive) are two.

The EU is retiring the 500 euro note out of concern for its potential role in illicit activities. This past November, India made 90% of its notes in circulation invalid to make money laundering, counterfeiting, and corruption more difficult.

Both regions are innovating beyond cash. India is linking via APIs its payment system building blocks – mobile, the Aadhaar identity management system, and financial institutions. Europe’s PSD2 directive is opening third party access to both bank account information and payment initiation services.

Could moves like this take place in the U.S.? Could the private sector do something along these lines with RTP and Zelle?  While there’s zero likelihood of a national effort backed by rulemaking, competition is already making some U.S. financial institutions to open and promote their API marketplaces. CBW in the wholesale banking area and BBVA with its API_Market are two examples.

Politics, Payments, Uncertainty, and Change

The foregoing shifts will take place against the background of global political and governmental changes. Here in the U.S. the big elephant in today’s payments room is Uncertainty. Tomorrow’s elephant will likely be named Change. The fast pace at which the new U.S. administration and Congress are executing, and evolving, their agenda suggests there are substantial shifts ahead.

Here are some of the key questions we’ll be asking during the rest of 2017:

  • What will happen to the Dodd-Frank legislation? With the broad Dodd-Frank bill up for revision, what will be the impact on the Durbin amendment’s debit interchange rate cap? Who will benefit from those changes: large or smaller financial institutions? How will the merchant community react to a presumed return of higher debit interchange costs and other fees? In 2016, regulations were introduced to revise or up-end Dodd-Frank. Given the power shift in Washington, DC, a favorable reception to those bills is now more likely than not.
  • Will the Consumer Finance Protection Bureau (CFPB) continue to exist in its current form? Will the CFPB’s governance model be changed, perhaps to a commission structure, or will the bureau be altered entirely? Born via Dodd-Frank, the CFPB, despite its increasing maturity, may have a very different future.
  • Similar questions abound elsewhere in the world. Looking at the UK and the EU, what will be the impact on payments, banking and privacy regulations of the long Brexit process, EU PSD2 regulations, Privacy Shield, etc.

After one month, we can already say that the rest of 2017 is going to shake up the payments industry more than last year. Hang on tight. Embrace the change.

The Glenbrook team is constantly evaluating the strategic impact of these and other trends. We look forward to engaging with you through our strategy consulting, our boot camp programs, our market scan services, and through your feedback here. Or just through a conversation. We welcome your thoughts!


Post image for Guaranteed Fraud Prevention Solutions:  Maybe Some Things in Life Are Guaranteed?

I’ve had the pleasure of working in the e-commerce fraud prevention space since the late nineties and, just as e-commerce has significantly evolved over the better part of two decades, the way merchants battle fraud has changed substantially.  Fraudsters have kept merchants on their toes and the industry has responded. We now have a host of new tools, technologies and techniques to assist merchants with a growing fraud problem that always seems to be one step ahead of what the “good guys” can keep up with.

One thing that has remained largely the same, however, is the business model associated with e-commerce fraud prevention.  For the most part, service providers have charged merchants a per-transaction or flat-license fee to use their tools, whether they be comprehensive fraud platforms offered by providers like Accertify, Kount or Cybersource, or specialized fraud technologies offered by the likes of iovation, ThreatMetrix or Quova.   In this model, service providers don’t have direct “skin in the game” in regards to a merchant’s key fraud metrics, such as chargeback, false positive and manual review rates.  However, they are motived to evolve and innovate their services in order to retain customers and grow market share.

The Guaranteed Model

But over the past several years, we have seen a significant departure from the per-transaction model that incumbent fraud prevention providers have traditionally offered.  A host of new providers have entered the market with guaranteed fraud prevention solutions that offer a very simple and tempting value proposition:  If a fraud chargeback occurs, the provider will cover all costs associated with fraud, leaving the merchant with zero fraud liability.  At face value, this seems like a no-brainer for merchants, but, as we’ll explore in more detail, a fraud guarantee often comes with cost and complexities that many may not be ready to swallow.

If we take a look back, we’ll find the concept of an e-commerce fraud guarantee isn’t a new one.  PayPal, for example, has offered its “Seller Protection” model to physical goods merchants for many years.  Companies like Vesta have offered merchants in the telephony space indemnification from chargebacks for over a decade.  And at one point, even traditional insurance companies entered the market with policies to protect online merchants against large fraud losses, an option that most merchants found to be too expensive and riddled with complexities. What was missing from the market were generally-available, guaranteed solutions that could be used by any e-commerce retailer, regardless of what they sold or what payment types they accepted.  This is the gap that this new class of guaranteed service providers has filled.

But with a promise to eliminate the cost of fraud chargebacks, why aren’t all merchants flocking to these guaranteed solutions?   There are two key reasons:  cost and control.   The guarantee offered by these providers comes with a price premium that usually costs a merchant between 1% and 4% of the transaction value, in additional to payment processing costs.  Obviously, this equates to a significantly higher per-transaction fraud screening cost, potentially costing a merchant many dollars to screen even a good transaction, versus pennies per transaction in the historical models.  In addition, guaranteed service providers typically must assume ultimate control over the fraud strategy and decision process, which is something many merchants aren’t comfortable with.  Some merchants believe that only they can understand their business well enough to control fraud while ensuring that good customers are never insulted.  The notion of giving up control is something that many of these merchants simply will not entertain.

A Full ROI Analysis

The higher cost associated with guaranteed services, however, shouldn’t be looked at in a vacuum, but taken as part of a full ROI analysis.  When merchants look at total potential chargeback and operational savings, many will find that the guaranteed service proposition is attractive.  For example, merchants have the ability to greatly reduce operational costs by eliminating the need for fraud analysts and modelers, reducing the size of manual review teams and streamlining backend operations that process and fight fraud chargebacks.  Coupled with the elimination of chargeback losses, fees and fines, merchants may find that a 2% to 3% fraud screening cost still provides a healthy ROI when compared to managing all fraud support functions in-house.

Although many merchants may, at first glance, still have “sticker shock” over these costs, guaranteed service providers have demonstrated that they can be flexible with pricing, depending on the merchant’s industry, the types of goods sold and the perceived risk.  As part of their pricing assessment, providers may ask for historical chargeback data and example transaction data sets in order to ensure that they can manage fraud risk while offering the best possible price.  The bottom line is that this new type of model only works when there is a win/win for both the merchant and the provider.

And while cost may be the most compelling driver for some merchants, many also consider three key questions, regardless of the type of solution they are evaluating:

  • Do I wish to outsource all fraud functions or keep them in-house?
  • What is the cost of change?
  • What impact will this have on my customers?

Time will Tell

The answer to these questions, of course, will vary greatly from merchant to merchant.  And while the landscape of fraud prevention solutions that exists today is vast, the industry continues to evolve, offering many solutions that address a broad range of risk challenges.

So, will the guaranteed model become the de facto outsourced model when fighting fraud?  Time can only tell, but many in the industry are excited about the prospect of what these providers have to offer.  For example, in the past three years alone, equity investments in guaranteed service providers have exceeded $225 million.   But the cycle for merchants to change providers is often long, so it will most likely take some time before we fully understand how many merchants choose these new services and how effective they are in the long run.

We’d love to hear your thoughts about how this exciting sector is evolving!  I’m going to be in Atlanta on February 9th at the TAG Fintech 2017 event. I’d love to meet you there to discuss these and other concerns. I hope to see you there!

And if you need help understanding the ever-evolving fraud prevention market, Glenbrook has helped many merchants and service providers navigate this complex landscape.   Please reach out to see how we may be able to help you.


Post image for Episode 47 – Blockchains and Moving Money on the Internet – Circle Internet Finance

Turning money movement into a core capability of the internet is the guiding principle of Circle Internet Financial. Not an easy task. While technical issues abound, regulatory and business hurdles pose larger challenges.

Join Payments on Fire host George Peabody and Circle’s co-founders Jeremy Allaire and Sean Neville for this discussion on Circle’s geographic expansion, its recent shift in bitcoin support, and its development of Spark, a blockchain-based open source smart contract platform optimized to share and store payments meta-data including exchange rates, KYC details, identity, etc.


Post image for Episode 46 – 3D Secure, Visa, and CardinalCommerce

One of last year’s most anticipated advances in fraud management was the final release of EMVCo’s 3D Secure 2.0 protocol specification. Designed to take a risk-based approach to authorization and lower the checkout friction of its predecessor, 3DS2 will be a new tool in the growing anti-fraud arsenal.

One of its supporters and a service provider that’s been closely tied to 3D Secure is CardinalCommerce. Cardinal, now a new addition to Visa’s arsenal with its recent acquisition, has been working with the risk-based approach for quite awhile. Take a listen to Visa’s Mark Nelson and Mike Keresman and Tim Sherwin of CardinalCommerce in this discussion about 3DS2, card network mandates, Cardinal’s acquisition by Visa, and when the market will see 3DS2 solutions.


Post image for Episode 45 – False Declines and Ethoca’s Role

In e-commerce and mobile commerce the problem of false declines is significant, especially during the holidays. Issuers decline transactions that online merchants approve. And vice versa. In other words, the necessary process of sorting out fraud from good transactions catches good transactions with the bad. This poor decision making means merchants lose the sale and the issuer its transaction fees.

In this Payments on Fire podcast, Glenbrook‘s George Peabody discusses the false decline issue with Ethoca’s CMO Keith Briscoe as well as the company’s program to encourage more merchants and issuers to take advantage of its shared data service.


Last week in Geneva, the ITU wrapped up a two-year project – the “Focus Group on Digital Financial Services and Financial Inclusion”. Several hundred organizations and people participated in the Focus Group, which produced research papers and policy recommendations on a wide variety of topics. The papers are available on the Focus Group website.

Glenbrook’s Carol Coye Benson and Allen Weinberg were active members of the group: Carol ran the “Ecosystem Working Group” and Allen led a group of people on in-depth research and exploration of topics relating to merchant acceptance of payments in emerging economies. Glenbrook partner Elizabeth McQuerry was at the closing session, participating on a panel discussion of “New Frontiers in Regulation.”

Hear Carol’s perspective on the effort.


Post image for Episode 44 – On Privacy, IoT, and Security – Online Trust Alliance

Multiple organizations have emerged to address different aspects of security, privacy, and identity. In this Payments on Fire Podcast, Glenbrook‘s George Peabody speaks with Craig Spiezle, Executive Director of the Online Trust Alliance, an organization bringing together privacy and security best practices for a range of industries, including payments. Take a listen to this conversation about the security challenges ahead, especially around the Internet of Things.


Post image for Artificial Intelligence in Payments

We have started development on this year’s Innovation in Payments workshop, and I wanted to share our current thinking on a new topic we’re including for the first time –– the use of artificial intelligence technologies in the payments industry.

AI technologies have been around for a while in the payments industry –– think about the neural networks used for dynamic risk scoring –– but it has never been hotter as a topic than it is right now. This is largely due to the huge amounts of venture financing that is flowing into AI, the emphasis that Google and others are putting on AI as the next market battleground, and the tangible results that have been shown to date.

The investments are significant. According to CB Insights, over 200 companies raised $1.5 billion of equity funding in the first half of 2016. Most of that is going into self-driving cars, enhanced medical diagnosis, and intelligent assistants. But some of those investment dollars are also flowing into machine learning startups dedicated to applying AI techniques to the world of finance.

But before we get too far into the use of AI in the payments industry, let’s circle back and explore what people are talking about when they use the term “artificial intelligence”. There are many definitions that people use, but the one that seems to resonate best with how AI technologies are used in the payments industry speaks to the ability of algorithms to learn and adjust based upon changes across the payments ecosystem. This is possible, in part, because of the feedback loop inherent in payments. Bad transactions at the issuer level are reported back to the network, as specified by the operating rules, where they can feed the risk scoring algorithms. Bad transactions at the merchant level, for example, get reported back to the merchant in the form of chargebacks.


AI specialist tend to break the discipline into a number of well-established domains such as natural language processing, vision recognition, robotics, and decision making. I haven’t seen the payment robots, yet, but there are plentiful examples of payment and commerce-related applications in the other domains.

The domain of natural language processing is the home of automatic speech recognition (e.g., Apple Siri), text-to-speech conversion (e.g., Audible playback of books), and automated language translation (e.g., Google Translate) among other areas of specialization. In the world of commerce, Amazon’s Alexa is now able to recognize audible commands to buy products from Amazon and its partners. More payment-oriented still, Apple has extended Siri to support a vocabulary for initiating P2P payments through voice commands. Square Cash, Venmo, and others are using this capability today.

Vision recognition as a domain is the home of object recognition, facial recognition, event detection, and motion tracking. Of these specialization, facial recognition seems to have the best fit in the payments industry. Jack Ma, CEO of Alibaba, recently demonstrated “smile to pay” which is essentially the use of facial recognition as a second authentication factor to unlock payment credentials and initiate a payment. Mastercard is working on a similar concept that it calls “Mastercard Identity Check”. Google is also developing a POS payment capability that uses facial recognition. In the popular press, the use of facial recognition in payment authentication is often categorized to as a “selfie pay” innovation. I love that.

Decision making is by far the most mature of the AI domains, with every day areas of specialization like product recommendations (e.g., Netflix Recommendations), scheduling optimization (e.g., airlines), and route planning (e.g., Google Maps). In the world of commerce and payments, there are areas of specialization in card fraud detection, card portfolio optimization, offer personalization, and money laundering detection.  

The use of AI technologies in automated card fraud detection is important for a number of reasons, not the least of which is the sheer magnitude of the amounts of money moving through the card system. And while global card fraud absorbed by issuers, acquirers, and merchants reached $21.84 billion in 2015, according to The Nilson Report, it only represented 7 basis points of losses in total.

Card issuers have long used the FICO Falcon Fraud Platform for automated risk scoring of every card authorization request against a pool of billions of card transactions. On the merchant side, machine learning is increasingly being used alongside address verification, device IDs, and experiential databases to mitigate the impact of online fraud. Companies such as Sift Science and Feedzai have brought a pure machine learning approach to the established field of online risk management. The traditional providers such as CyberSource and ACI ReD Shield have also added machine learning technology to their suite of risk management tools. Stripe recently introduced a machine learning technology it calls “Stripe Radar” to augment its traditional approach to risk management.  

At a macro-level, AI-based innovation is flourishing in the payments industry. Beyond the specific examples mentioned, there is a growing segment of the industry focused on offer optimization. There is also early thinking being done on the use of machine learning to dynamically determine the optimal routing path for transaction authorization. Interesting stuff.

To learn more about the use of Artificial Intelligence in the Payments Industry, I invite you to attend Glenbrook’s upcoming Innovation in Payments workshop being held December 8th in Palo Alto. This is a special Glenbrook Insight Workshop being held after our final Payments Boot Camp of the year. If you are interested in attending both, there is special discounted pricing available when you bundle both workshops together. I hope to see you there.


Clicky Web Analytics