EXCLUSIVE: “A token of our esteem” – Alex Page, FIS Worldpay; Alex Gatiragas, Giesecke+Devrient and Kurt Schmid, Netcetera in ‘The Fintech Magazine’

Are we falling out of love with cards? If anything, our relationship is proving remarkably resilient, agree Alex Page from FIS Worldpay, G+D’s Alex Gatiragas and Kurt Schmid from Netcetera. Here, they discuss how tokenisation, click-to-pay and secure customer authentication are all helping to keep the spark alive

How long will we persist with card-based payments that have, with a lot of effort, been retro-fitted into an online world?

It’s an important question, given how much is invested in the card economy and how much it costs retailers and banks to support them as a payment method – and, with increasing adoption of open banking, how many payments might in future be made account-to-account and avoid using them altogether. Various open banking payments platforms released a series of surveys last summer in which merchants and other payment decisionmakers supported the view that a stake was about to be buried into the heart of our flexible friend. In one poll, 25 per cent of respondents in the UK predicted that open banking would become the most popular payment method by 2027.

That would be some going, given that data from the British Retail Consortium showed that card payments still accounted for 90 per cent of all retail transactions in 2021, while UK Finance said cards made up 57 per cent of payments overall that year.The popularity of e-commerce, accelerated by COVID-19 shuttering stores during pandemic lockdowns, has powered much of that card spend. Global retail e-commerce sales amounted to about $5.2trillion in 2021 and this figure is expected to rise by 56 per cent to about $8.1trillion by 2026, according to Statista.

But, even if cards continue to be the load bearers of that online spend in many countries, the way they are provisioned is changing dramatically. Which isn’t surprising: online is not an ideal transaction channel for cards, which were designed for an analogue and card-present payment era. The biggest shift in their usage is revealed in the 2023 Global Payments Report from Worldpay by FIS, which tracks transaction trends over the previous 12 months. It showed that digital/mobile wallets were used in 48.6 per cent of e-commerce transactions by value.

That would indicate that by now we’ve passed the 50 per cent watermark and are indeed living in the Age of the Digital Wallet.Even more flexible than the plastic on which they’re often based, wallets offer consumers a choice of underlying payment methods. While, more often than not that will still be a card, there are a plethora of other funding options available to them, including – increasingly – buy now, pay later. As the so-called x-pays, like PayPal, AmazonPay and AliPay, make secure one-click payments a reality for more and more shoppers, companies including

FIS Worldpay, G+D and Netcetera, are actively improving the customer experience and security for all card users, however they choose to provision them – and that’s come a long way in a short time since the pandemic. Alex Page, vice president of solution consulting at payments and financial technology giant FIS, hands much of the credit for facilitating the rapid shift from in-store transacting to online in 2020 to the merchants.

“It’s about building awareness among merchants, so they understand the different tools and levers they have at their disposal”

Alex Page, FIS Worldpay

“There has to be a huge amount of investment in marketing brand awareness to get consumers on to your website in the first place,” he says. “And once you’ve got them there, merchants need to focus on securing every customer possible and, ultimately, selling a product at the end of that journey – so, that means optimising the checkout, reducing the number of clicks, and offering consumers the payment experience that they’re after, with a global reach, tapping into local trends and payment methods.

“If, as a consumer, I go to somebody’s website, and I’m not comfortable with the payment experience that’s being offered – or maybe it’s a payment method I don’t trust – then that’s probably going to act as a very big barrier to me going ahead and clicking with that merchant, especially when there is probably a myriad of other providers that can offer the same product with a good experience and at a similar price. It’s a case of toeing that very fine line between implementing security/fraud management solutions and not impacting the customer journey.”

This is where payments tokenisation comes into play. Most of the time it’s invisible to the consumer – protecting their card credentials and other stored details. It can also be used to automatically update a customer’s payment credentials at a merchant if the card expires, or it’s reported lost or stolen, for example. But there are some less obvious ways that it can benefit the customer, too, even if they don’t know it’s tokenisation, explains Alex Gatiragas, global head of digital solution experience at paytech company Giesecke+Devrient (G+D).

“There are subtle little things that give consumers confidence; like being able to provide the artwork of their digital or physical card, which reassures them that they’re using the appropriate card when they’re paying,” he explains. “Consumers don’t know it’s tokenisation, but I’m sure it helps with their checkout experience.”

Looking to the future, Gatiragas expects to see the self-service provisioning of tokenisation by merchants. A typical user journey then might be: a customer opens an account, receives a debit card, provisions it on to a digital wallet and then has the option to also push it to their favourite merchant – avoiding the necessity to update their card details with every single retailer. The problem with MFAOne necessary hurdle to creating a truly seamless online retail card payment experience is the introduction of multi-factor authentication, which inevitably adds friction to the payments process – sometimes to the degree that it breaks it altogether if the customer doesn’t have the required device for authentication to hand.

This is less of an issue on devices with a digital wallet, in which consumers can upload their card details to pay electronically. In the UK, the use of digital wallets for single transactions now stands at 30 per cent of sales, outstripping contactless payments in-store (24 per cent), conventional card payments online (21 per cent) and cash (17 per cent), according to a 2022 Barclaycard Payments survey.

“The reality is, consumers recognise the brands for the card networks. I think we’ll continue to see those networks grow”

Alex Gatiragas, G+D

It is therefore unsurprising that an increasing number of online merchants are now using click-to-pay options that act as a shortcut to a customer’s digital wallet in order to facilitate a fast, easy checkout, particularly for those wanting to place an order as a guest. Is there a perfect solution to balancing security and ease of use? Possibly not, although Page says that the closest we’re likely to get is using more real-time fraud monitoring.

“That involves capturing data around the customer, or prospective customers, using real-time decisioning on that data to say ‘is this a good actor, or potentially a bad actor?’ and therefore making the decision on where you’re accepting that order or not,” he explains.

In some circumstances that data can be used to make exceptions to the standard checkout journey. Page cites the example of one of G+D’s luxury retail clients, which attracts high-net worth individuals who are likely to spend hundreds of thousands of dollars in a single transaction.

“For these customers, it’s a case of just removing all the security elements that you might normally have in place, because the client knows that these individuals are going to spend a huge amount of money and they want the ultimate customer experience for them. That’s a decision they take, based on minimal risk,” he explains.

It highlights how the payments industry can offer granular bespoke levels of security for end users if it’s in possession of the right data. Page says there are already a myriad of different tools that it can use to achieve that.

“With real-time fraud checking solutions, potentially you can route higher risk customers down more stringent authentication routes as well as in those scenarios where you have a high level of trust with the customer, you, as the merchant, use exemptions and bear the additional risk and responsibility,” he adds.“It’s really about building awareness among merchants, so they understand the different tools and levers that they have at their disposal, and relying on experts to guide them in finding that optimal journey and the decisioning across the organisation.”

Kurt Schmid, marketing and innovation director for secure digital payments at digital payments solutions company Netcetera in which G+D recently took a majority stake, says the revised Payment Services Directive (PSD2), has already implemented such exemptions in strong customer authentication. But that means there’s also inconsistency in the user experience.

“Sometimes the user is asked to carry out authentication while other times they’re not,” he explains.“One of the pains in payment processes today is if you get redirected to other devices – so, if you shop on your tablet, but then you need to do a payment authentication on your mobile phone, etc. You’re redirected back and forth from the issuer page to the merchant page. I think that we are seeing improvements in this, but, ultimately, we should not redirect the consumer back and forth on the user journey.”His preference would be to make ‘authentication that easy, and that convenient’ that nobody would object to doing it.

“Then we would have a consistent process. For sure, we would also have a bit more friction, but if we reduce this friction to a minimum, I think that would be a good way forward.” An answer might be to use existing biometric technology – which many consumers are already using to access functions in their banking app – to validate a wider range of transactions, suggests Schmid.

“So, for example, if you log on to your computer using biometrics, or if you use Face ID on your phone, this is totally convenient; you typically do this many times a day. And then, if you use the same authentication for payment authentication, it delivers almost no friction,” he says. Netcetera is a large provider of 3D secure (3DS) services for many issuing banks and has recently been examining authentication success rates. It found that the highest successful conversion rates were with an issuer that challenges every payment, but uses an easy and understandable authentication process.

“Exemptions and risk rating is one element, but let’s try, as an industry, to remove barriers and make authentication as easy as possible, so people use it frequently

Kurt Schmid, Netcetera

“It delivers consistency, but it’s trained, and it’s easy, it’s secure, and this is the perfect experience because it is really delivering on the security we want,” Schmid concludes. “So, exemptions and risk rating is one element, but let’s try, as an industry, to remove barriers and make authentication as easy as possible, so people use it frequently.”

Europe is currently engaged in drawing up the next iteration of the revised Payment Services Directive, which laid the foundations for open banking, as it moves towards a regulatory architecture for open finance.

“We’re already seeing quite a lot of disruption within the payments ecosystem, and new, emerging methods that are challenging the card schemes, and the card networks,” says Alex Page.

“We’ve obviously seen regulation that’s come into the industry to facilitate more account-to-account, or open banking-style payments, and this is an area that I really want to watch closely, over the coming years. There’s still work that needs to be done, as far as I’m concerned, to try to get to parity on consumer experience from an open banking checkout. There are also questions around chargebacks and disputes, and how that would mirror into the open banking environment. But it is an area that has had quite a lot of investment. There are substantial growth figures of open banking payments, and the schemes will undoubtedly want to react to that, and do their best to protect their businesses, going forward.

“I think, if we were to fast-forward 20 years, though, we’ll still have the card schemes around, they’ll still be processing a lot of transactions, but we’re going to see more challenge coming into their environment.” Of course, there are regional differences. In markets such as Brazil and India, real-time payments over non-card networks dominate whereas others, such as Africa and South America are leapfrogging cards altogether in their payments evolution. Meanwhile, Europe and Australasia are among those already seeing open banking enabling an ever-increasing amount of account-to-account payments.

The UK alone saw 6.5 million successful open banking payments in August 2022, up from 2.4 million the year before – a 267 per cent increase. But cards have the advantage of being a physical tried-and-trusted method of payment for many – even if they’re then digitally provisioned onto to another device, such as a smartphone or watch.

“The reality is, consumers recognise the brands for the card networks. I think we’ll continue to see those networks grow – and that’s certainly what we’re seeing through our issuers,” says Gatiragas. “The other thing to remember is that for some of these alternative payment methods, the primary funding instrument is still a card.”

This article was published in The Fintech Magazine Issue 27, Page 22-24