Last week in Geneva, the ITU wrapped up a two-year project – the “Focus Group on Digital Financial Services and Financial Inclusion”. Several hundred organizations and people participated in the Focus Group, which produced research papers and policy recommendations on a wide variety of topics. The papers are available on the Focus Group website.

Glenbrook’s Carol Coye Benson and Allen Weinberg were active members of the group: Carol ran the “Ecosystem Working Group” and Allen led a group of people on in-depth research and exploration of topics relating to merchant acceptance of payments in emerging economies. Glenbrook partner Elizabeth McQuerry was at the closing session, participating on a panel discussion of “New Frontiers in Regulation.”

Hear Carol’s perspective on the effort.


Post image for Episode 44 – On Privacy, IoT, and Security – Online Trust Alliance

Multiple organizations have emerged to address different aspects of security, privacy, and identity. In this Payments on Fire Podcast, Glenbrook‘s George Peabody speaks with Craig Spiezle, Executive Director of the Online Trust Alliance, an organization bringing together privacy and security best practices for a range of industries, including payments. Take a listen to this conversation about the security challenges ahead, especially around the Internet of Things.


Post image for Artificial Intelligence in Payments

We have started development on this year’s Innovation in Payments workshop, and I wanted to share our current thinking on a new topic we’re including for the first time –– the use of artificial intelligence technologies in the payments industry.

AI technologies have been around for a while in the payments industry –– think about the neural networks used for dynamic risk scoring –– but it has never been hotter as a topic than it is right now. This is largely due to the huge amounts of venture financing that is flowing into AI, the emphasis that Google and others are putting on AI as the next market battleground, and the tangible results that have been shown to date.

The investments are significant. According to CB Insights, over 200 companies raised $1.5 billion of equity funding in the first half of 2016. Most of that is going into self-driving cars, enhanced medical diagnosis, and intelligent assistants. But some of those investment dollars are also flowing into machine learning startups dedicated to applying AI techniques to the world of finance.

But before we get too far into the use of AI in the payments industry, let’s circle back and explore what people are talking about when they use the term “artificial intelligence”. There are many definitions that people use, but the one that seems to resonate best with how AI technologies are used in the payments industry speaks to the ability of algorithms to learn and adjust based upon changes across the payments ecosystem. This is possible, in part, because of the feedback loop inherent in payments. Bad transactions at the issuer level are reported back to the network, as specified by the operating rules, where they can feed the risk scoring algorithms. Bad transactions at the merchant level, for example, get reported back to the merchant in the form of chargebacks.


AI specialist tend to break the discipline into a number of well-established domains such as natural language processing, vision recognition, robotics, and decision making. I haven’t seen the payment robots, yet, but there are plentiful examples of payment and commerce-related applications in the other domains.

The domain of natural language processing is the home of automatic speech recognition (e.g., Apple Siri), text-to-speech conversion (e.g., Audible playback of books), and automated language translation (e.g., Google Translate) among other areas of specialization. In the world of commerce, Amazon’s Alexa is now able to recognize audible commands to buy products from Amazon and its partners. More payment-oriented still, Apple has extended Siri to support a vocabulary for initiating P2P payments through voice commands. Square Cash, Venmo, and others are using this capability today.

Vision recognition as a domain is the home of object recognition, facial recognition, event detection, and motion tracking. Of these specialization, facial recognition seems to have the best fit in the payments industry. Jack Ma, CEO of Alibaba, recently demonstrated “smile to pay” which is essentially the use of facial recognition as a second authentication factor to unlock payment credentials and initiate a payment. Mastercard is working on a similar concept that it calls “Mastercard Identity Check”. Google is also developing a POS payment capability that uses facial recognition. In the popular press, the use of facial recognition in payment authentication is often categorized to as a “selfie pay” innovation. I love that.

Decision making is by far the most mature of the AI domains, with every day areas of specialization like product recommendations (e.g., Netflix Recommendations), scheduling optimization (e.g., airlines), and route planning (e.g., Google Maps). In the world of commerce and payments, there are areas of specialization in card fraud detection, card portfolio optimization, offer personalization, and money laundering detection.  

The use of AI technologies in automated card fraud detection is important for a number of reasons, not the least of which is the sheer magnitude of the amounts of money moving through the card system. And while global card fraud absorbed by issuers, acquirers, and merchants reached $21.84 billion in 2015, according to The Nilson Report, it only represented 7 basis points of losses in total.

Card issuers have long used the FICO Falcon Fraud Platform for automated risk scoring of every card authorization request against a pool of billions of card transactions. On the merchant side, machine learning is increasingly being used alongside address verification, device IDs, and experiential databases to mitigate the impact of online fraud. Companies such as Sift Science and Feedzai have brought a pure machine learning approach to the established field of online risk management. The traditional providers such as CyberSource and ACI ReD Shield have also added machine learning technology to their suite of risk management tools. Stripe recently introduced a machine learning technology it calls “Stripe Radar” to augment its traditional approach to risk management.  

At a macro-level, AI-based innovation is flourishing in the payments industry. Beyond the specific examples mentioned, there is a growing segment of the industry focused on offer optimization. There is also early thinking being done on the use of machine learning to dynamically determine the optimal routing path for transaction authorization. Interesting stuff.

To learn more about the use of Artificial Intelligence in the Payments Industry, I invite you to attend Glenbrook’s upcoming Innovation in Payments workshop being held December 8th in Palo Alto. This is a special Glenbrook Insight Workshop being held after our final Payments Boot Camp of the year. If you are interested in attending both, there is special discounted pricing available when you bundle both workshops together. I hope to see you there.


Post image for “I know Scott!”

Our co-founder, partner and friend, Scott Loftesness, is formally retiring from Glenbrook today.  I can’t begin to say how much I will miss him – as a colleague, as a mentor, and as an endless source of ideas and insights.  Glenbrook is today what it is largely because of Scott’s vision for the firm: a place for peers to meet, interested in collaboration; a platform for Glenbrook partners to do the work that interests them; a means to bring our collective knowledge to bear on clients’ needs. Above all else, Scott has a fierce determination to understand the workings of our industry.  This passion led Scott to create and nurture our Glenbrook Payments News site: an incredible accomplishment and a valuable source of news and knowledge for payments professionals throughout the industry.


Among his many admirable qualities, Scott has always had a razor focus on what is important – a natural genius, you might say, for sorting out the wheat from the chaff.  We’ve always enjoyed that, and been guided by it:  I remember when, in about 2005, he turned to us and said “you know, I think we should start thinking about mobile again….”

Scott, best wishes for the years ahead.  I know you will continue to follow the industry and I hope you will always let us know about the next big topic we should focus on.  In your (relative) leisure in the years to come, I’m sure your passion for photography will stand you well.  I have some of your pieces on my living room walls, and I certainly hope I can add to my collection in the coming years.

Many people have been encouraged by Scott over the years.  I can’t tell you how many times, when I have mentioned to people that I am with Glenbrook, that I have heard: “Glenbrook – that’s where Scott Loftesness is, right?  I know Scott!”  Sometimes these were people who had worked closely with Scott, but often they were people who had just met with him once, but felt a deep connection. So I will also join the chorus, and say “I know Scott!” – and I’m glad I do.

Do you know Scott? Add your comments below.



Post image for Money20/20 Wrap-up

We’ve seen a lot of innovation in payment initiation over the last few years. Apple Pay, Android Pay, Walmart Pay and their like have filled Payments News headline stories. But this year, at Money20/20, consumer-facing innovation downshifted to a lower gear. And that’s a good thing.

Getting Down to Work

“Mobile” news cooled because the competitive models have been established: platform/OS, bank-led, and merchant-based wallets. Now, it’s time for the marketplace to determine the outcome. While mobile wallets are arguably more convenient than EMV cards, the hard work of adding financial incentives like coupons, discounts, and other commerce-driving functions is still underway. Merchant-based apps have the edge here. We have a lot to watch over the next few years as these models mature and best practices emerge.

That’s not to say that this year’s Money20/20 was without announcements and discussions that will shape the industry.

FIDO Alliance and EMVCo Partnership

Building technology to secure payment card data while maintaining card system interoperability is the province of EMVCo. The organization continues to evolve its card data protection toolkit by expanding the use of dynamic data and card number tokenization. Great tools that help. A lot. But limiting access to accounts that control that card data is also necessary and that’s the domain of stronger authentication, code for “killing the password” through biometrics. So, it’s significant that EMVCo is now working with the FIDO Alliance on authentication in card payments.

FIDO, the organization dedicated to replacing the password model with open, interoperable, biometric-based authentication, will work on a standard method for mobile wallet providers and payment app developers in support of the Consumer Device Cardholder Verification Method (CDCVM). To optimize the user experience, they will work on biometric authentication flows that speed the transaction through “user verification caching.” The work will be included in the Web Authentication specification already under development by the Word Wide Web Consortium.

Faster Payments Heats Up

Glenbrook’s Elizabeth McQuerry led a panel, and the 300+ attendees, through the use and business cases for NACHA’s Same Day ACH service and The Clearing House’s real-time payments switch. In that roomful of payments insiders, the clear consensus was that the business case for these two systems will be made by B2B payments.

Card networks are vying heavily to be the rails for P2P payments as seen by their participation in the formal launch of Zelle, the consumer branding for Early Warning’s payments service formerly known as clearXchange. Visa Direct was a major focus at Money 2020. Stitching together the clearXchange switch with the “push to card” capabilities of Visa Direct and MasterCard Send, Zelle has the potential to blunt Venmo’s growth provided the user experience is excellent and branding is adequate. A whole lot of “viral” will be needed. Between the two, the cost of P2P payments incurred by participating financial institutions has gotten more reasonable but it’s still a cost. The push toward faster payments by banks in the U.S. now has three main camps – cards, Zelle, and The Clearing House.

Integrations and Partnerships

The cloud and apps have made it easier to assemble complementary capabilities and deliver them to where users can access them. PayPal’s reach into Facebook Messenger, announced on Monday, is an example. Messenger users can make purchases with their PayPal credentials and receive receipts and other messages via the Messenger interface. You go where the users are.

Other integrations of note include Android Pay’s support for Visa Checkout and Mastercard’s Masterpass. Integration enablements steps include Synchrony’s Plug-in that facilitates a retailer’s inclusion of e-gift cards into the retailer’s app.

Blockchain Evolution

Blockchain focused firms were at Money 20/20 but the most visible was Chain, the Visa-backed blockchain service developer that open sourced its blockchain creation and management code this week. Chain’s blockchain supports the creation of new asset classes and the issuance of those assets all on the same blockchain. Recording transactions within a one second window, Chain’s approach relies on both its code and the right behavior of its users to maintain trust. Business law and contracts, as well as regulation, will frame usage as much as the code. Chain’s own business model will include key management services based on host security modules, the HSM devices that manage PIN cryptography today.

In a nutshell, this year’s Money20/20 was about payments rails and their interconnections. Interconnections were also the theme for the Glenbrook team. With scores of meetings, it was great to catch up with so many clients and friends in our dynamic, fascinating industry. We look forward to seeing you there next year, if not much sooner!


Post image for Two Paths for Faster

The always-interesting Federal Reserve Bank Chicago Payments Symposium just closed, and predictably, a lot of the discussion (and argument!) was around “faster” – the evolving progress of the United States towards improvements in our payments systems. I was particularly interested in hearing other people’s views on the outlook for this in our country.

I came away with two conflicting pictures in my crystal ball – either one of which could, I think, come to pass.

Picture One

A set of 10-20 faster payments “solutions” (systems, networks, products), all used by some reasonably large number of consumers and/or enterprises, which magically interoperate or exchange transactions among themselves in some fashion.  This is the “let a thousand flowers bloom” approach.  It is also the impression I got from talking to many people who are involved in the impressive, multi-year, 300+ person Federal Reserve Bank Faster Payments Task Force.

This group of people has been industriously working through a detailed process to come up with criteria for a faster system; evaluate a group of proposals from solution providers against these criteria; and explore what type of standards, governance bodies, or rule sets would be needed to make interoperability work.

The good news here is the thoroughness of the work, and the consensus value in having 300+ enterprises (yes, not multiple people from the same enterprise….) collaborate on this process.  The bad news is that this group has no real authority – no power, you might say.  So I think a reasonable person can question whether or not it can create a governance structure with rules which a diverse group of enterprises will agree to be bound by.  After all, in many cases such rules would run sharply into the problem of “network fantasies” which Glenbrook has written about in the past.  So I am troubled both by the difficulty of moving from theory to practicality, and, frankly, by the time this would take to do – even if it could happen.

Picture Two

The other option focuses on the coexistence of two concrete yet separate implementation efforts.  One, of course, is The Clearing House’s new real-time payments system, reportedly nearing readiness for technical testing, and expected to launch at some point in 2017.  This will be open to all banks in the U.S., and is roughly modeled on the U.K.’s hugely popular Faster Payments system.  The second implementation is the more organic process of connecting existing debit networks (definitely Visa and MasterCard, but the regional networks as well) to “front end” consumer payments ordering systems: think of both clearXchange (now owned by Early Warning) and PayPal as being in that category: look at recent news releases on deals between PayPal and the debit networks, and ditto for Early Warning.  The debit networks, of course, are using their “pull” pipes to “push” payments: essentially taking a real-time authorization message (used for cards) and repurposing it as a payments notice: instead of asking the authorization question “is there enough money?” they are sending a “push” message: “you’ve got money”.

In this second scenario, it is pretty easy to imagine that the debit-network solution, with a variety of front-ends, could dominate the consumer, P2P business, and also be used for a large variety of small consumer-to-business payments (gardener, nanny, plumber, etc.)  The Clearing House’s new system would then most likely become the dominant solution for B2B payments.  Bill payment is the “jump ball” – I could see this gravitating towards either system.

So the good news here is that this is going into place very quickly – the debit network capabilities are already there and the TCH solution is coming to market very soon.  The bad news, I’d argue, is that, in my humble opinion, it is quite unlikely that these two systems – the TCH system and the “network of (debit) networks” – would interoperate.  But maybe that’s not necessary.  I would argue that if this “picture” succeeds, the chances for the other picture – and all the other myriad systems – is pretty bleak.

What do you think?  We’re curious as to your opinions – please comment on this post, or, if you are going Money2020, go to the Faster Payments panel which is being moderated by our partner Elizabeth McQuerry.



{ 1 comment }

Post image for EP43: Making Money Fly over Borders – ISO 20022, the IPFA, and Faster International Payments

Faster payments, B2B payments, international remittances, cross-currency, and cross-border payments. These are hot topics and major challenges the payments industry must address. Central to all is the ability to represent, in an interoperable fashion, the information that surrounds the payment itself. What’s this payment for? Who is it for? Where’s it going? These are information gaps that bedevil B2B payments and all of the above. Extensible standards in general and ISO 20022 in particular are the answer.

The International Payments Framework Association (IPFA) is dedicated to expanding the utility of ISO 20022 through rule building around the usage of this data representation method. Standardized business messages are huge and that’s what the standard and the IPFA are all about. In this podcast, the IPFA’s CEO, Glenbrook’s own Elizabeth McQuerry, addresses ISO 20022 itself, the IPFA’s role, and updates to accommodate international faster payments. Cross-border money may finally fly.


Post image for Millennials and Money – Are they Maligned or Misunderstood?

Contrary to popular belief, the millennial generation is not lazy, entitled or narcissistic.  They are a robust group of entrepreneurial, socially astute and media savvy consumers.  They make discerning decisions about their money and are thoughtful about the companies they trust.

Last week I chaired a conference titled:  Millennials and Money.  We discussed similarities and differences between the baby boomer and millennial generations, we talked about what millennials want and don’t want from financial services, and tossed around as many statistics as humanly possible.

I walked away with a few “Aha’s” as well as a greater appreciation for the long lasting impact they will have on the payments ecosystem.  I believe that millennials are helping financial services companies rethink HOW to offer products and services – WHAT to offer, and WHERE to offer them.  Ultimately all users will benefit.


The Unique Millennial Experience

Currently between the ages of 18-34, Millennials have had a set of unique experiences that will reshape expectations for companies that want to do business with them, from clothing designers to car manufacturers, from shopping and payment apps to saving and investing options.

Yes, they face more headwinds than the previous baby boom generation, but it doesn’t mean they don’t want or need financial services products for the same purposes.  They just look at the world a bit differently because they are:

  • The largest demographic group in history with over 75MM people (US Census Bureau, Pew Research), representing 25% of the US population*
  • 43% are non-white, making them the MOST DIVERSIFIED ethnic group in history (US Census, Pew)
  • And by 2020, they will represent 50% of the workforce, despite having entered it after the worst recession in US history
  • They are burdened with $1.3 trillion in student debt
  • And though, having postponed home ownership and marriage, are now moving into the most expansive economic period of their lives – representing approximately $1.7 trillion in buying power (CEB Global)
  • According to Gallup, they also spend more on rent/mortgage (40% vs. 29%) and leisure activities (33% vs. 22%) compared to all other groups

We all know that millennials have “grown up” with technology and that approximately 85% own a smart phone. We fondly call the entire millennial group digitally native.  I would suggest, however, that there are two groups within the millennial segment, and that there is a divide between those that truly grew up with technology broadly in their lives to those that learned to use it as they moved into young adulthood.

After all, the iPhone wasn’t even invented until 2007.

And now, millennial entrepreneurs, or “millennipreneurs” (coined by a 2016 Global Entrepreneur Report from BNP Paribas) have launched about twice as many businesses as baby boomers.** I, for one, am happy to have the millennial generation lead the way towards innovative solutions that bring me value, whether it’s done by leveraging new technology or reinterpreting stale business models.

Perhaps more importantly to those of us in the world of payments:

  • In 2015: 52% used a banking app and 72% used it several times per week
  • 43% of millennials have used non-bank borrowing compared to 20% for the general population, and
  • By 2020, 40% of 1099 incomes will be from millennials

Also just in from MFour Mobile Research’s Millennial Insights Project:

  • 61% PREFER to bank with mobile apps
  • Only 18% of millennials prefer to bank in person; however 64% said they visited a bank within the past month
  • Almost 83% used a mobile banking app during the past month
  • The groups most likely to make mobile banking their first choice were Hispanics (71.1%), and millennials with incomes of $75,000 or more (65.5%)

What I learned last week was that financial services companies, traditional and non-traditional, are all working hard to meet millennials where they are – online and within the context of social/digital channels.  In fact, did you know that 5 out of 6 millennials connect with companies via social media? Or that 95% trust their friends and peers more than corporate advertising?

Resonant Themes

We talked a fair amount about trust and trustworthiness and about being authentic which really translates to being transparent – about your product, about fees, about your people and your company.  Common themes at the conference can be summed up with several quotes from speakers and attendees:

  • “Bet on Trust”
  • “Meet them where they are”
  • “They live in networks, not corridors”
  • “They want to make sure they are making the right decisions”
  • “Building a brand is more than a product”
  • “Millennials may have initial distrust with banks, but once proven, will give you their business”
  • “In exchange for personal information, they expect value”

Product Ideas for Millennials

Both incumbent financial services firms and start up entities at the conference were delivering new products, using new channels and focusing on creative ways to capture this large and self-reliant group of adults. Here are some examples:

  • A Fortune 500 firm developed partnerships with Viber and WeChat to integrate money transfers in a new context (“meet them where they are”);
  • A top 10 issuer talked about when to use “gamification” techniques, as well as how de-stressing decisions about money is so important to the millennial customer (“helping them make the right decisions”);
  • A community banker shared the dual importance of mobile technology for everyday business and on-site customer care for those bigger transactions (“Meet them where they are”, “help them make the right decisions at the time they need help”)
  • Several cited Venmo as a social sharing ecosystem to emulate (“they live in networks”)
  • One B2B company quickly realized their clients’ customers were the 1099 / “gig” economy workers and introduced a loyalty program (“building trust keeps them in the fold”)
  • A start-up investing firm integrates cause marketing as part of its product offering and also donates a % of company revenues (“building a brand is more than a product”)
  • Another start-up investing firm started off with a “pay what you believe is fair” approach, stating that over 90% of customers paid a fee in that first year (“bet on trust”)
  • And lastly, we heard from a personal financial manager (PFM) outfit that positions itself as the FitBit for financial health because its resonates with millenials (“exchange of personal information for value”).

Here at Glenbrook, I am working with another start-up company founded by Millennials for Millennials – using intuitive design and data science to deliver credit cards to consumers who might not ordinarily receive one.

This is an exciting time to be in financial services.  New technology is providing a variety of ways to innovate financial platforms, mobilize money and democratize payments.  And the millennial experience is paving a new way forward and inspiring the rest of us to push the boundaries of what has been into what can be.

So, are Millennials misunderstood? Not to me.


*Other studies state 33% of the population, but all agree this is a large and an important generation

**Fortune Article February 20, 2016 “Millennipreneurs” Are Starting More Business, Targeting Higher Profits

{ 1 comment }

Post image for EP42: Payments Data with Russ Jones

As the breadth of transaction data expands, even the definition of payment data is getting stretched. Payment data, when combined with other sources, is becoming a valuable tool for both commerce and security. If we know your first name, we can figure out if you’re male or female 92%+ of the time. If your email address is at AOL, you’re probably over 50. What you might buy can be inferred from the websites you visit. And that’s just the start of data’s role in payments.

Take a dip into the payment data pool in this podcast with Glenbrook’s Russ Jones. Russ discusses artificial intelligence, privacy, and the spread of Bluetooth beacons. For a deeper dive into the topic, join Russ at the Payments Data Insight Workshop on October 13 in Palo Alto because data’s influence in payments continues to expand.



Photo: Scott Loftesness


A few weeks ago I joined my client Raj Jain, CEO of RS Software, for my third visit to India. RS Software is headquartered in Kolkata which was our first stop for the annual general meeting of shareholders. After that, we visited Mumbai and Bangalore – along the way we met with many of the key individuals helping drive the now rapid change that’s unfolding for payments in India.

My last visit was in January of 2015 –– just the week before President Obama made his second visit to India and early on during the administration of Prime Minister Modi. The sense of change was in the air – a definite uptick in energy, excitement, and renewed optimism about India’s future.

On my first visit to India six years ago, I spent much of my flight reading Nandan Nilekani’s then new book “Imagining India: The Idea of a Renewed Nation.” For me, this book was a great introduction and, since that time, it’s become clear that many of Nilekani’s ideas in that book are now seeing the light of day.

The first example I remember from the book was his push for what he called “Single resident I.D.” The goal of this idea was to provide each resident of India with a unique identification number that could ultimately be used to help solve trust and identification issues in a common way and provide a foundation for “know your customer” responsibility.

Discussion around this idea led to the formation of the Unique Identification Authority of India which was the vehicle that addressed the issues of technology, enrollment, rules for usage, etc. The unique numbers became called Aadhaar numbers –– since the first one was issued in 2010, over 1 billion Aadhaar numbers have now been issued to Indians.  Each of these numbers is coupled with biometric authentication details captured at the time of enrollment. As with any such national identity scheme, the program was controversial but ultimately survived and Aadhaar now provides the foundation layer for what has come to be called the “India Stack” – and helped set up the opportunity for the next idea to be implemented. Starting in 2010 with no legacy, the team had an opportunity to think digital/cloud from day zero, and Aadhaar was conceived and implemented as an open, online ID from the beginning.

Another one of Nilekani’s ideas, the electronic payment of government benefits to citizens, began implementation last year. This new approach, known as Direct Benefit Transfer, eliminated the middlemen who were dipping into the funds intended for citizens. In parallel, Jan Dhan Yojana, a program launched by Modi early in his tenure, enabled all households with a bank account and accompanying RuPay debit cards to access their funds. Having the bank account is the key to enabling government payments to flow directly to citizens. The results have been stunning – with over 230 million new bank accounts opened in a little over a year.

Shortly after I was in India last year, momentum started building around simplifying domestic payments in the country. About five years before, India had invested in the development of IMPS – Immediate Payment Service – a real-time interbank electronic funds transfer system. With the growth in mobile and smartphones, usage has grown dramatically and now exceeds debit cards in usage.

IMPS was developed and managed by the National Payments Corporation of India (NPCI), a unique umbrella organization for all retail payment systems founded by a number of the banks in India with the support of the Reserve Bank of India. In February 2015, NPCI announced a new initiative – Unified Payment Interface – to address current market needs. In particular, a key goal of UPI was to provide mobile users with a way to send and receive money using a single identifier – either the Aadhaar number, mobile number, or bank assigned virtual address. UPI would decouple the service from any requirement on users to provide bank details for sending/receiving money.

NPCI went through a formal global tender process resulting in the selection of RS Software to build UPI. This was an important step for RS Software as it represented the first payments project undertaken by the company in India. Although headquartered in Kolkata, the company has for twenty-five years served as an outsourced development partner to global leaders in the  payments industry in the U.S. and Europe. RS Software delivered UPI successfully and has also assisted some India banks in their implementation of UPI. UPI, as it removes friction from consumer payments, is expected to grow quickly following its recent launch by NPCI and many of the major Indian banks. The company also won another opportunity with NPCI to build the Bharat Bill Payment System for India (BBPS) which will be launching next month. Together, UPI and BBPS form a foundation layer for India’s digital payments infrastructure.

When I look back on this brief history, I’m struck by several things, starting with the foundation layer that was laid with Aadhaar and, ultimately, smartphone based biometric authentication. The national effort required to first complete the work of designing, building, and then enrolling the population has been substantial. I cannot envision anything similar happening in most of the developed countries that I know.

Second is the importance of industry collaboration to make efficient progress on agreeing on standards, deciding what to build, and everything that goes along with delivering that in a market of India’s size. The Reserve Bank of India, a particularly strong regulator in my experience, very much played important roles in this evolution – working with both NPCI and the banks.

Finally, the overlay of mobile and how mobile technology is changing everything. Mobile enabled payments are different from the card payments world I grew up in. Sure, we have Apple Pay, Android Pay and others which “mobile-enable” more efficient and secure mobile payments. But if you’re open to a new approach that doesn’t have to support a legacy world of card payments, new things are possible – indeed very likely. The combination of IMPS and UPI means that all of those newly opened bank accounts are going to have easy access to mobile real-time payments.  Another example is the likely shedding of the traditional card-based requirement for merchants to have point-of-sale acceptance devices and, indeed, acquirers. The new mobile payments approaches we’re seeing emerging rapidly in India require neither.

Equipped with the Aadhaar identity, new banks accounts and the rapidly increasing presence of smartphones, India is on the cusp of rapid and accelerating change.  In the world of payments, I find this story out of India pretty incredible!

Note: In a discussion like this about the evolution of payments in India, I must recognize a few key individuals from the private sector in India who have invested their time to help make this evolution possible. In particular, Dr. Pramod Varma, the former co-founder/CTO of Yantra, who has been a leader in defining the entire India Stack platform and Sanjay Jain, a former Google Product Manager. Alongside them are about 15 other technology professionals – including my good friend Sanjay Swamy – who gave their time to help architect and convince the government and regulators to accept and deploy this important new architecture for India.

{ 1 comment }


One of the payments obsessions here at Glenbrook is understanding the ways in which mobile payment and digital financial services are taking hold around the world. Once effectively limited to the early success of M-PESA and P2P payment in Kenya, today there are a number of services underway. M-PESA itself, in around a decade, has evolved to offer bill payment, savings options, small loans and is also working on merchant payments.­­

The models that such services are based on vary considerably. Kenya is a classic example of mobile carriers like Safaricom stepping into the void left by banks that were not providing affordable financial services to the vast majority of the population. While all of the M-PESA services involve a bank in one way or another (for example, the value loaded on mobile wallets is on deposit at a commercial bank), the services are driven by the mobile carrier as a service offering to their customer base.

More recently banks like Equity are challenging M-PESA for a piece of this growing market. Equity’s Eazzy 247 is notably carrier agnostic and therefore available to anyone who has a mobile phone, not just Safaricom customers. As well, the Kenya Bankers Association is developing a real time switch that will allow all banks to offer the immediacy of payment via M-PESA.

Two years ago, in this post, we shared the developments underway among the 15 countries in the Southern African Development Community (SADC). At that time, the SADC payments initiative had created a settlement system for high-value payments among banks and were preparing to extend the functionality to low value or retail payments. SADC is different than other initiatives because all payments in the SADC scheme are cross-border – the objective is to improve the efficiency and reduce the risk of the growing number of cross-border transfers that occur in the closely-knit region.

In addition to the fifteen country framework, also notable about the SADC project is that it is an interoperable scheme, using a common payment standard (ISO 20022) to transact between providers. Even more notable is the more recent move to include non bank payment providers such as authorized mobile money operators in the SADC scheme.

While Europe introduced the concept of “payments institutions” in 2009, having banks and non banks interacting in the same scheme has not gained traction elsewhere. Mexico allows authorized non banks to access its payments system but very few have chosen to participate. More recently, Brazil created a similar category but the development is too new there to measure how widely used it will be.

At a recent meeting for the SADC initiative, several banks and non banks elected to participate in a pilot or proof of concept of cross-border retail payments focused on the mobile channel. Here mobile money operators will have the opportunity to easily transact with mobile money operators in other SADC countries. Similarly, banks will be able to exchange mobile initiated payments with banks in other SADC countries.

The truly novel aspect will be the opportunity for banks and non-banks to transact with each other in the multilateral scheme. This opens up the possibility of wallet to account as well as account to wallet payments. While this may already occur in a handful of bilateral arrangements between banks and mobile money operators, the SADC framework offers the opportunity to scale this regionally.

It has taken two years for the SADC project to reach the point where the SADC scheme, regional regulators and participants are aligned and ready to launch a proof of concept. This is an ambitious endeavor that will be watched by many observers.

The interest in the project and the need for lower cost cross-border transfers has also started a discussion about introducing additional settlement currencies into the regional settlement system. Today the system, called SIRESS, only settles in Rand which is used in only 4 of the 15 countries.

Getting to the proof of concept is effectively a new starting point but this is only the starting point for what can be achieved. What we will be looking for out of the SADC mobile payments efforts:

  • Can banks and non banks truly cooperate?
  • Will end users be primarily consumers for family remittances or can the transfers also be attractive to small businesses who have high volumes of cross-border trade?
  • Will we see the number of payments decline that are transferred by bus or other courier type arrangements?
  • Will this type of collaboration lead to more transparency and lower prices for consumers? South Africa has the most expensive transfers among leading economies, according to the World Bank.
  • Can the concept be successful in currencies other than Rand?
  • How would multiple currency settlement work among the countries?
  • Is the regional regulatory and policy environment sufficiently harmonized such that it is effectively seamless to transfer from one country to another?
  • Can the introduction of affordable remittances be a gateway to improved financial inclusion among the SADC countries?
  • Will we see the SADC model being adopted by other regions?

We plan to report back on these topics. In the interim, we’d love to hear your thoughts on SADC and other noteworthy developments in the mobile payment space.





Post image for Merchants Just Want to Sell Stuff

Anyone who’s been in a Glenbrook Payments Boot Camp session with me has heard me emphatically stress that merchants “just want to sell stuff – they don’t want to be in the payments business”.

Of course many larger and more sophisticated merchants have figured out how to use payments strategically to increase sales – think private label credit, friction-reducing checkout, cross-border tender types, etc., – and/or to lower operating costs, but most of this is lost on the smaller Tier 3 and Tier 4 merchants. Those merchant tiers encompass the “mom and pop” stores – single store boutiques, dry cleaners, cafes and such, up to merchants with a few locations – generally generating up to a few million card transactions per year.

So where am I going with all of this? I was recently catching up with a former colleague of mine who is now head of sales at a major acquirer, discussing security solutions targeted at these Tier 3 and 4 / SMB merchants. I was lamenting what I consider to be a sad state of affairs in these segments, that relatively simple card security solutions have been in the market for years, but are not getting routinely deployed.

More specifically, I’m referring to what is known as “P2PE” – Point-to-Point Encryption solutions that essentially encrypt card data as it enters a point-of-sale device via a mag-stripe swipe or dip of the EMV chip and passes it securely to their card processor where it can be decrypted and sent to the card networks for processing. The overall goal, of course, is to get “radioactive” card data out of the merchant’s environment, protecting what is sometimes known as “data in flight”.

It’s worth pointing out that the PCI Data Security Council, the organization that sets industry-wide standards for card-related security, mandates that “data at rest” be encrypted in some fashion, but does not mandate point-to-point encryption. Instead, it does provide guidance on various other ways to protect data as it’s being transmitted from the point of sale to the merchant’s processor.  That said, the organization has provided “P2PE Solution Requirements and Testing Procedures” as well as associated FAQs[1].

In my opinion, P2PE is the closest thing to a silver bullet that we have to protecting mag-stripe and EMV transactions at Tier 3 and Tier 4 merchants right now, and it will be for a number of years until we have a critical mass of tokenized Apple Pay/Android Pay/Samsung Pay/Fill-in-the-Blank Pay transactions at physical POS (note that even the EMV specs don’t specify encrypting card data out the back end of the terminal).

Yes, this isn’t a trivial problem and with security every detail matters. If keeping merchant equipment out of PCI scope is the goal, then where encryption takes place and the path that data takes—back through the POS system or direct to the processor in the semi-integrated manner—makes a difference. Protection has to be in place at the application layer and over the communications link. But this is all settled science. There’s no mystery here.

So my problem is not that we don’t have the technology to protect these merchants with an affordable solution; my problem is that as an industry, we aren’t doing it. Instead, we are assaulting these poor SMBs with incomprehensible concepts such as “PCI compliance”, “mandated industry security standards” and the need to be “PCI certified”.  Why?  Shouldn’t the industry just build P2PE-type solutions into every point-of-sale device”?

And by the way, I should mention that it is now standard practice for most acquirers to charge their merchants monthly or annual “PCI Compliance Fees” that do NOT include installing P2PE on their terminals.  Oh yeah, and if the merchant is deemed to not be PCI-compliant, the merchant is usually hit with, you guessed it, a “PCI Non-Compliance Fee”.  And most acquirers charging PCI Compliance and Non-Compliance fees also sell security insurance to many SMBs to protect against potential fines and penalties stemming from data breaches that P2PE and tokenization could have mitigated in the first place.

Just to be clear, I’m not saying that P2PE and tokenization are sufficient to totally obviate SMBs having to think about card security. Merchants still need to be cognizant of how they handle physical cards, what they print on receipts, reports that may contain full account data, ensuring their terminals haven’t been tampered with, etc.  What I am saying is that the greatest risks can be largely mitigated relatively painlessly and cost-effectively.

To be fair, some acquirers do routinely install P2PE into their devices without explicit charges for it. They just build the cost into their pricing and/or include it into an add-on service such as data breach insurance. Although I really have to wonder about those acquirers that are happy to sell the SMBs data breach insurance without even requiring P2PE. I can only assume that they make more money paying off a claim here and there versus the cost of implementing P2PE.

But why are most acquirers not routinely implementing P2PE solutions as a matter of course? First, there is a cost to it – they need to modify, test, and certify their terminal apps as well as implement secure encryption key management practices (like they already do anyway with PIN pads). In addition, there are often technology licensing costs. And, in fact, many acquirers feel that the small merchants won’t pay them an explicit fee to cover these costs. But of course, it is now an industry standard to charge either PCI compliance or non-compliance fees that the merchants do pay. I have no idea how common this is, but I actually had an acquirer for a non-profit I volunteer for tell me that Visa and MasterCard required them to charge us those fees.

I don’t realistically believe that shining a spotlight on this issue will make much of a difference in the marketplace, but I do want to acknowledge those acquirers that are “doing the right thing”. I hesitate to mention those that I know of lest I forget some. But please feel free to acknowledge those that are in the comments section below. And as always, I’d truly appreciate your thoughts and perspectives.


{ 1 comment }

Post image for Marwan Forzley, Align Commerce, and the Evolution of Blockchain Business

Bitcoin’s reliability and transaction-level security has inspired today’s explosion of blockchain pilots, companies, and consortia. But the bitcoin rails already have solid commercial applications. Circle Internet Finance has focused on person to person payments. Align Commerce has focused on international B2B payments for smaller businesses. With growth, both have blended bitcoin rails with more traditional methods to accomplish fast, cost effective transfers.

Join Marwan Forzley, CEO of Align Commerce, and Glenbrook‘s George Peabody for a conversation about how Align moves money and the state of bitcoin and blockchain development. There may be no such thing as an international wire but this approach gets pretty close.


Post image for Inside the Visa / PayPal Partnership

After a great deal of speculation, Visa and PayPal (or is it PayPal and Visa?) have announced a partnership where the two companies will “collaborate to accelerate the adoption of digital payments.” The announcement, which was actually more detailed than most partnership announcements, speaks of putting the two companies “on a new path” for the benefit of consumers and merchants.

visapaypalIt’s always interesting to look at the motivation behind these sorts of partnerships, drill down into the benefits to each party, and explore the potential ramifications. Let’s walk through the deal points, see what they said, and then offer an interpretation.

Deal Point #1 – Funding Source Steering

Enhanced Consumer Choice and Improved Experience for Visa Cardholders: PayPal will make it easier for new and existing customers to choose to pay with their Visa cards and ensure a more seamless experience: Visa cards will be presented as a clear and equal payment option during enrollment and subsequent payments, with an easy ability for consumers to set as their preferred payment method; Visa digital card images will be incorporated into payment flows; PayPal will not encourage Visa cardholders to link to a bank account via ACH; PayPal will also support and work with issuers to identify consumers who choose to migrate existing ACH payment flows to their Visa cards.

Elimination of ACH steering primarily benefits Visa

Visa benefits from increased purchase volume that will come primarily from Visa cardholders that prefer to use their Visa cards but were too inconvenienced to change the funding source on a transaction-by-transaction basis. Visa purchase volume goes up; ACH purchase volume goes down. PayPal users, who are also Visa cardholders, will enjoy a cleaner user experience with less purchase friction. In spite of its stated strategic importance, Visa will have less urgency to establish Visa Checkout as an alternative to PayPal. This aspect of the partnership also scores points with Visa issuers for having converted non-revenue producing PayPal ACH transactions into revenue producing PayPal debit card transactions.

For PayPal, the company loses the economic advantage of ACH funded transactions for Visa debit card-carrying users in the U.S., but this is offset somewhat by a reduction in ACH NSF reversals. Placing Visa on equal footing with other payment methods will also likely impact the extension of PayPal Credit in the U.S., which is a net win for Visa’s issuing partners. And, while minor in nature, a partnership with Visa also mitigates the competitive threat from Visa Checkout.

Deal Point #2 – Tokenization at POS

PayPal will Join the Visa Digital Enablement Program (VDEP) to Expand Point of Sale Acceptance: PayPal will join VDEP, a commercial framework for Visa partners to access Visa’s token services and other digital capabilities in the United States. This will enhance transaction security and expand acceptance for PayPal’s digital wallet to all physical retail locations where Visa contactless transactions are enabled. Consistent with VDEP, issuers will be able to choose whether to participate and retailers can expect to pay fees that are consistent with other contactless transactions they accept today.

Participation in the Visa tokenization program primarily benefits PayPal

By joining the Visa Digital Enablement Program, PayPal gains access to Visa tokens that can be used at the point of sale anywhere Visa contactless transactions are enabled, presumably through the PayPal app running on Android (with open access to the NFC radio.) Maybe we call this “PayPal Pay”. PayPal would have no economic angle on these transactions, as they would be processed through the merchant’s existing acquirer. The merchant would, in fact, have no relationship with PayPal. This is similar to Apple Pay and Android Pay, where neither company has a contractual relationship with the merchant and earns no revenue from merchants.

PayPal’s motivation here is likely to be increased utility of the PayPal app in the everyday life of the PayPal user, which is a stated corporate goal. Beyond the stated use at the POS, tokenized Visa payment credentials would also likely be used on all Visa-branded funding transactions for PayPal and Venmo. There is a real possibility that, long term, 3D Secure V2.0 (now being finalized by EMVco) might be used to shift some of the fraud liability away from PayPal and its merchants and to Visa issuers.

For Visa, it benefits indirectly by the further propagation of tokenization out into the industry and the accompanying reduction in the data breach footprint. This is also a big selling point for all the Visa issuers.

Deal Point #3 – Instant Withdrawal of Money

Instant Withdrawal of Money: Consumers will be able to instantly withdraw and move money from their PayPal and Venmo accounts to their bank account via their Visa debit cards leveraging Visa Direct – providing an experience that offers speed, security and convenience.

PayPal’s use of Visa Direct is a balanced benefit to both Visa and PayPal

For Visa, further adoption of so-called OCT transactions provides the firm with a leg up on the next generation Faster Payment system from The Clearing House coming to the U.S. in 2017. PayPal’s usage is an endorsement of the OCT technology in the U.S. and may spur others to adopt as well. More importantly, it may provide Visa issuers in the U.S. with an incentive to move to the optional “Fast Funds” model that many have ignored to date. Fast Funds is the model used to immediately post funds received to the recipient’s bank account. PayPal’s support for Visa Direct goes hand-in-hand with elimination of funding source steering for Visa cardholders. For these PayPal users, ACH will no longer be used to fund accounts OR to withdraw funds.

To the extent that Visa issuers participate in Fast Funds, withdrawals from PayPal and Venmo accounts via Visa Direct provide faster settlement to bank accounts and directly benefits PayPal’s customers. This comes at a cost however, as PayPal will now be paying card transaction fees instead of the ACH fees on withdrawals from a PayPal or Venmo account. Presumably, there will be a reduction in exception handling for PayPal as Visa Direct is able to verify the account exists and is open prior to the funds being pushed to the cardholder’s bank account.

Deal Point #4 – Enhanced Data Quality

Enhanced Data Quality: PayPal will ensure that data provided to issuers and their cardholders for Visa-funded transactions will be consistent with the information that is received with traditional Visa card transactions. This will ensure a better consumer experience, reduce cardholder confusion, ensure proper application of rewards, and reduce costly and time-consuming disputes.

Enhanced data quality primarily benefits Visa with no significant downside for PayPal

Visa has long held a stated grievance against PayPal for providing “incomplete” transaction data. Of course, PayPal provides the transaction data that is required by card company rules, but not a lot more. The card networks have changed their requirements over time – they now require PayPal to provide merchant tax IDs for example – but the grievance remains.

In my opinion, this is a bit of a red herring issue as the only real data concern was likely just the incomplete mapping of PayPal sponsored merchants across all of the ISO merchant category codes (MCCs). This incomplete mapping is the result of PayPal asking small merchants to self-map against a predefined subset of MCCs rather than making them work their way through hundreds and hundreds of potential category codes. Instead of knowing that a specific merchant is a “specialty retailer,” Visa will now know that the merchant is actually a “jewelry store.”

Providing enhanced data quality to Visa does not really cost PayPal anything more on a transaction-by-transaction basis, but perhaps they have to invest some money into getting the MCC self-assignment mapping right. Not the biggest deal, but it speaks to how important payment data is today for the increasingly analytics-driven card companies. Providing Visa with this data does not detract from PayPal’s ability to use the same data.

There is a possibility that there is more to this deal point than meets the eye, but it’s hard to know at this point. There are lots of other data elements PayPal could share with Visa, but that would be beyond what is structurally provided to the network on a card transaction.

Deal Point #5 – Economic Incentives

Economic Incentives: The agreement affords PayPal certain economic incentives, including Visa incentives for increased volume, and greater long-term Visa fee certainty.

Economic incentives, of course, primarily benefit PayPal

If successful in implementing the various partnership components, PayPal will financially benefit from “Visa Incentives” meaning that some of the economic downside from other points in the partnership will be mitigated by these incentives. “Greater long-term Visa fee certainty” probably speaks to fixed (if not reduced) network assessments over the length of a long-term contract – and perhaps a promise that Visa will not dream up new fees that are specifically targeted at PayPal. Perhaps this deal point also includes some offsetting compensation for card-not-present transaction interchange on Visa transactions, but we have no way of knowing.

While this might appear as a pure cost to Visa, it indirectly benefits Visa as well, as the volume incentives provide PayPal with clear motivation to minimize their tendency (post-Durbin) to steer qualified Visa debit transactions over PINless debit rails from STAR and NYCE instead of over Visa’s signature network rails. This PINless debit steering technique is used by PayPal to reduce the cost of network assessments on select debit card funding transactions in the U.S. It also will occasionally result in the cardholder being denied debit reward points, through no fault of their own, when the transaction is routed over a non-signature card network. In the end, however, Visa purchase volume goes up; STAR and NYCE purchase volume goes down.

Glenbrook’s Take on the Partnership

At first blush, this partnership is broader and more far reaching than what we were expecting here at Glenbrook. While termed an “extension of their long-standing relationship” this is actually the first time Visa and PayPal have collaborated on anything. Historically, the companies have been arms-length competitors. It’s worth remembering that Visa Checkout is Visa’s third attempt to compete with PayPal in the digital wallet segment of the payments industry. And PayPal uses MasterCard as its network partner on its PayPal Debit MasterCard, PayPal Extras MasterCard, and PayPal Prepaid MasterCard products. So, not historically partners.

The terms of the relationship are specific to the U.S. market. This restriction seems a bit odd given that PayPal and Visa both think and act globally. Maybe Visa doesn’t feel that bank account steering is a major concern outside the U.S.? PayPal doesn’t offer it in many markets. Maybe PayPal doesn’t see Visa having a critical mass of tokenized payment credentials outside the U.S.? Maybe it’s just too early to look at extending the partnership globally?

While we have cast the partnership in terms of what it means to Visa and PayPal individually, some consumers and some merchants will come out ahead of where they were prior to the partnership. From their perspective, most of the benefits will come from the elimination of bank account steering in favor of authenticated debit card transactions.

Consumers in the U.S. carrying Visa cards will enjoy a dramatically streamlined user experience (with less friction) when using PayPal to buy at any of its 14 million merchants. Some merchants that accept PayPal as a form of payment—those that do not qualify for seller protection—should see fewer ACH NSF transaction reversals. To be fair, this is likely a small number of transactions for a small number of merchants. But it may prove meaningful to some.

In the end, though, this partnership isn’t really about consumers and merchants. It’s about generating incremental transaction volume for Visa and its issuers—and unleashing PayPal to compete against Apple, Google, and Samsung at the POS.

For PayPal, what’s particularly intriguing about this tap-and-pay thrust at the point of sale is what it might mean for Venmo users. The same Visa tokens used in the PayPal app could also, potentially, be used in the Venmo app at the POS with the same constraints and same processing model. Embedding tap-and-pay functionality into Venmo would further accelerate the momentum behind Venmo and be the perfect synergistic overlap of social payments and mobile payments for millennials.

Think Venmo Pay!

This post was written by Glenbrook’s Russ Jones.



Post image for Sensibill – Redefining Digital Receipts for FIs

Stretching the retail financial institution’s (FI) mission beyond checking account and debit card management is on that industry’s agenda. It’s what fires the imagination of fintech entrepreneurs too because retail financial services is an industry in need of creative, expansive approaches to accountholder services. Not every idea catches fire but fortunately there are those willing to light a match.

This Payments on Fire podcast looks at Sensibill, a digital receipting and data repository service for FIs. Join Glenbrook’s George Peabody and Sensibill’s CEO and co-founder Corey Gross in this discussion of how an FI can help its accountholders turn digital receipts into data far more useful than what’s on a statement or that piece of paper stuffed into a purse or wallet.

Transcript below the jump.

[click to continue…]


Clicky Web Analytics