Fraud Protection & Compliance
It’s predictions time again. And while I was correct that 2016 did turn out to be the year of bad analytics—see the ultimate illustration below—this year I’m doing something different: I’m predicting what won’t happen in the coming 12 months.
The past year perhaps held no analytic surprise greater than the 2016 US Presidential election. Source: New York Times
Let us move on to 2017.
1. Prediction: There will be no clear winner in the mobile payments wars
A plethora of payment apps emerged in 2016, further upping the already densely populated payments landscape. Launches included Wal-Mart Pay, CVS Pay, Kohl’s Pay and CakePay (my personal favorite), to name just a very few. These apps are follow-ons to Apple Pay, and while many of them aren’t quite as good, that hasn’t stopped the stream of new entrants.
Despite consumer confusion and high levels of market fragmentation, the payments landscape is going to get a lot messier––brand-specific payment apps seem to be the next big wave—before any kind of front runner(s) emerge.
What does this mean for banks? As consumers hopscotch between payment apps, banks will need to have sophisticated and nimble fraud defenses capable of recognizing which transactions, firing in from all directions, are legitimate and which ones may be fraudulent.
When it comes to payments activity, most consumers’ individual patterns are fairly consistent; they shop at the same stores, get cash from the same couple of ATMs, and so forth. Not so with payment apps. Consumers will likely not settle on a default payment app, even for person-to-person payments. (Venmo, PayPal and Zelle are in a competition to see who’s the most popular verb, as in “I’ll Venmo you my share of the bar tab.” Interesting.)
The mobile payments landscape will become even more jumbled in Europe
The Payments Service Directive 2 (PSD2) in Europe will similarly drive more confusion. This directive, which aims to create “an EU-wide single market for payments,” will require banks to open their account interfaces to other parties (i.e., new payment apps) to drive competition. This creates risk for consumers, who will need to ask themselves, “Do I really know whom I’m giving access to? Is this cool new payment app really legitimate?”
Like the plethora of payment options in the US, PSD2 will certainly test the agility of European banks’ fraud defenses.
2. Prediction: Fintechs will not keep acting like carefree start-ups
It’s great being a fintech start-up. VC funding! Foosball and free snacks! No regulations! One of those things is about to change. Actually, it’s already started. The Office of the Comptroller of Currency (OCC) will, for the first time, start granting banking licenses to fintech firms.
As the Wall Street Journal characterizes it, this move will give fintechs “greater freedom to operate across the country without seeking state-by-state permission or joining with brick-and-mortar banks.” Less glowingly, American Banker characterized the decision as having “strings attached”: “The Office of the Comptroller of the Currency will start granting limited-purpose bank charters to fintech companies, but intends to maintain high standards for new entrants.”
By granting banking licenses to fintechs, regulators are taking a very different stance than they did in the past — when, for example, Wal-Mart abandoned its banking plans in 2007 after “a firestorm of criticism from lawmakers, banking industry officials and watchdog groups.”
Getting a banking license is a privilege. The flip side of that coin is that regulation is work, it’s expensive and it’s important. Regulation is the cost of protecting and bettering society, which is an important part of building trust in the financial ecosystem. To gain real legitimacy, fintechs will need to participate in that.
My views happen to align with Jamie Dimon, who says, “Look, if [fintechs] become big and significant, they’re going to be regulated, too, eventually. The government isn’t going to say, ‘We’re going to regulate banks, but we’ll leave these other companies alone.’ I think the regulators want to make sure that they have some form of regulation on anything systemic.”
3. Prediction: The EMV rollout in the US won’t be close to complete.
Put another way: There’s no way I won’t be swiping my payment card in 2017. Or even 2020, since gas pumps won’t be required to have chip-card readers until October 1, 2020. Although the progress of US merchants’ adoption of EMV technology has been described as “trudging along,” chip cards are nowhere near being accepted “everywhere.” As of mid-July of this year, 28% of merchants accepted chip-and-sig cards. Many merchants have yet to upgrade, and even major chains’ terminals have signs that say “no chip.”
4. Prediction: We haven’t seen the end of mobile “killer apps”
With smartphones we’ve seen a steady parade of breakthrough apps; in my mind, maps are what make my iPhone truly indispensable. For other people it’s mobile banking, and for others still it’s a mobile wallet that holds their boarding passes. I don’t think we’ve seen the end of life-altering apps just yet. And in 2017 I think we’ll see one that makes me say, “Wow!”
It could be mobile hotel check-in. Starwood introduced this in 2014, first on Apple iWatches and later on phones. Marriott and other major chains offer it, too. As a frequent business traveler, it sounds perfect to me—I can check in on the app, pick my room on my phone and use it as my room key. And when I leave, I can check out from my room and pay for it using my phone. I’d never have to go near the long lines at the front desk.
However, the reality is, this app category is not quite yet “killing it.” While the check out and payment portion of the Marriott app works great, the check in, not so much. I don’t know which rooms are quiet or have a view, for example, which is something I’d ask the clerk at the front desk. It can also take what seems like an eternity for the phone swipe to actually unlock the door. It’s like the difference between POS checkout with a swiped card versus a chip card. Waiting for the EMV authorization can seem like forever.
But still. As the smartphone further cements itself into the center of our universe, we'll see more and more fraud and security defenses shift to it, since the phone is such a valuable source of information to understand customer behavior. In the payments world, innovation sometimes comes in with a big swoop. Most of the time it pitter-patters in on baby steps. That’s one thing I won’t predict not continuing in 2017.
Follow me on Twitter @fraudbird.