Frictionless Payments: Will they Become a Mirage

Dec 9, 2016
Posted by: David

Attend any major payments conference and you will hear the term ‘Frictionless Payments’ being mentioned, the story of how you get out of your Uber taxi and as if by magic your payment has been made.  How it is frictionless, how it is a great customer journey and how other businesses are looking to see how they can create this great experience for their user.

Recent research by Deloitte has also further highlighted this trend with what they have termed ‘Default Payments’ i.e. your payment token held on file by the seller.  Thus allowing you to have truly one-click shopping.  After all the king of online retail Amazon led the way with this, and why do consumers like it, well fairly obviously  47% of responders of the Deloitte research stating convenience.

Yes in some retail areas default payments are more important than others, with as you might expect utilities being high along with other high frequency destinations such as online marketplaces e.g. Amazon, Ebay etc.

The challenge is things are potentially going to change in a big way.  Default payments are all about that Uber experience, that one click ease, that get out of the car and your transaction is complete.  Two things have been announced which mean that the concern over fraud and fraudsters is going to take precedence over customer journey.

Firstly Directive (EU) 2015/2366 on payment services in the internal market (PSD2) entered into force in the European Union on 12 January 2016 and will apply as of 13 January 2018. The PSD2 has conferred 11 mandates on the EBA, one of which relates to the development, in close cooperation with the European Central Bank (ECB), of draft Regulatory Technical Standards (RTS) on strong customer authentication and secure and common communications (Article 98 of the PSD2).  Or in simple English when a customer purchases something online they will need to authenticate the transaction using a second factor e.g. mobile device.  So how will this affect default payments, currently it is unclear but it is likely to mean that consumers will no longer have one-click check out it will be one-click to check out and  then ah wait a minute now you need to authenticate yourself.

There are some potential workarounds that have been offered un the ‘Trusted Beneficiary Exemption’ around which a consumer creates a trusted relationship:

In-line with the transaction request itself, passing through the card schemes to the card issuers, and allowing follow-on transactions to avoid strong authentication.

A direct relationship between a merchant and a bank to establish a framework for trust among their shared customer bases

Neither of these can be considered strongly viable options though to recreate the default payment solutions in existence today.  Some retailers may try to get around this by the PSP becoming the trusted partner, and thus any merchant dealing with the PSP and the consumer covered.  This will obviously help larger PSPs and could in fact hinder competition in the market.  Finally maybe some retailers will instead offer credit so that they can simply collect a single payment at the end of the month a la a Klarna type POS credit solution, but there is then a credit risk factor to be costed into the retail model.

One result of this could be is that we see consumers starting to more and more use the Direct Debit system as this would enable the avoidance of such additional authentication and take them back to a simple one click check out.  And if you look at the Deloitte research more than 50% of the default payments by value were made using bank accounts.   The chart below does show there is some variance by retail category:

However this option for one-click shopping looks like it is also going to be stopped as on the 29th November it was announced  by the Payments Strategy Forum that when money is taken from an account by a direct debit, consumers will also be asked to confirm the payment i.e. second factor authentication.  The plans are due to come into force by 2020 latest.

The first new safeguard will be known as "Confirmation of Payee".  When a bank account holder makes a payment online from their bank account, a message will come back from the bank, confirming the name of the person they are paying.  Only when they click "OK" will the payment go through.  It is argued that this should stop people paying the wrong person accidentally, or being tricked into doing so by fraudsters.  

The second proposed safeguard and the one that will target the default payment market is called "Request to Pay".  When a company wants to take a regular payment from a customer's account - for example gym monthly membership fees, or a mobile phone company charging for extra data used - the consumer will receive a message asking them to approve the payment.  Again they will have to click "OK" for the payment to be processed.

I read in the press that these reforms are ‘Brilliant’:

"This is just the start, the ambitious reforms should make it far less likely you'll be hit with hefty fees for missed payments, much easier for you to stay informed about where your cash is going, safer for you to bank online and simpler for you to change account," said Hannah Maundrell, the editor in chief of  "It's rare you read an official paper that seems to 'get' all of the issues and addresses them sensibly. Simply put, these plans are brilliant news for everyone with a bank account."

But are they really brilliant, I don’t think so.  Ultimately we are moving further away from the frictionless checkout, further away from taking the transaction of paying easy and making it more of a pain for a customer.  

What happens when I am travelling abroad if I have no signal do not click okay, am late with my direct debit payment for my credit card payment and thus get late charges.  As a consumer surely I should have the right to turn on or off this functionality, surely I should have the right, perhaps with some liability, to make my life easy rather than having to second factor authenticate every transaction I make.  

One of the key reasons many consumers set up direct debits is they can forget about them, they know a company will collect the funds owed when required.  Now if they forget, are out of mobile range, lose their mobile or for any other reason forget to say okay they could end up with additional charges – putting aside the annoyance factor.

So perhaps the really big question is how this will all be implemented, how will it be delivered so consumers see a benefit in the process and not just a painful check out process, after all 10% - 30% of all transactions are already lost on VBV 3DS second factor authentication.  We need good fraud prevention tools, we need all customers both sophisticated and non sophisticated to be able to manage funds effectively.  This is a challenging balancing act and one where only time will tell if the new regulations are tipping the balance too far one way or another.  However true frictionless payments look like becoming a mirage and something we dreamed off but a reality that soon disappeared.