4th annual QED event on Payments Innovation
On Wednesday March 29, 2017 QED held its 4th Annual Conference on The Future of EU Payments. Azzana Consulting was actively participating in this event, following its ambition to be at the center of payments innovation discussions in Europe. This article will help you understand the highlights of the event.
In a Nutshell:
- The EC is considering to propose a set of amendments on the RTS, which could lead to a new proposal-consultation-adoption cycle, delaying the current expected date for the entry into force of the Access to Account requirements. These amendments will concern security, and ensure the level of service provided by banks on their future APIs
- It is confirmed that risk based analysis will be allowed to replace Strong Constumer Authentification, under the constraints proposed by EBA in the RTS
- Instant Payments will arrive in the near future, with a harmonised framework in Europe. However, full CSM interoperability might only be added in a second stage
- While Fintechs have the possibility to passport a PSP licence obtained in a EEA country, there is currently no guarantee that this will also apply to UK licences, once the UK will have left the union
The first panel discussed regulating the EU payments landscape, the state of PSD2 and the EBA Regulatory Technical Standard (RTS) on Strong Customer Authentication (SCA). In opening, the European Commission reconfirmed their intention to build a faster, better and cheaper internal market for payments. They want Europe to lead payments innovation on the global scene as well. Aside from being very busy with the RTS adoption, the EC confirmed that there is still work to be done on the SEPA harmonisation and avoiding local fragmentation, with an example being given that some tax authorities and utilities companies today still do not accept an account to be debited in other countries. Furthermore there are plans to expand the regulation on the pricing for cross-border non-EUR transactions (i.e. achieving the same cost for domestic and cross-border transactions in a non-EUR foreign currency) and an interest in new innovations such as e-identity.
ECB: Instant Payments
In his keynote, Mr. Helmut Wacket from the European Central Bank (ECB) stated that for Instant Payments, the Eurosystem and the local clearing houses have now agreed on a common procedure and a single model for risk management. The Instant Payments initiative is paving the way for electronic retail payment solutions that are available 24/7/365 and which result in immediate interbank clearing of the transaction and crediting of the payee’s account. The EC would like to see conformity at pan-European level instead of many different solutions at national level. With the objective of achieving interoperability and pan-European reach, the ECB is currently elaborating the user requirements for TIPS (TARGET Instant Payments Settlement). The goal is to ensure a minimum level of harmonisation with all participants in the Eurozone, with the hopes of extending it across the whole EU. The ECB re-assured the attendees that the work currently taking place will lead to pan-European Instant Payments, but the question remains to what extent sufficient links will be set up between the different local clearings at first stage.
Mastercard on customer authentification
According to MasterCard, the trendiest key authentification means is biometrics and its development is the greatest opportunity within reach for seamless shopping/one-click online buying. Mr. Mikael Conny Svensson from MasterCard went on to share some interesting learnings they attained after running internal consumer tests with fingerprint authentication:
• 9 out of 10 consumers feel that biometric authentication is more safe than password based ones
• 90% of the consumers that tried biometric authentication, preferred it over a password based solution
• 3 out of 4 consumers believe that biometric authentication will significantly reduce fraud
• When comparing fingerprints to passwords usage, fingerprints were 49% faster than passwords
Furthermore, MasterCard welcomed the RTS on SCA, albeit with some reservations such as equal terms and conditions for all payment types, saying that whitelisting of trusted beneficiaries should also be extended to cards, and that SCA should not always be required for commercial cards as long as the parties are trusted.
PSD2: the view of the different actors
A recurring theme during the discussions was that there is always a delicate balance to be struck between security and convenience: perfect security might be perfectly inconvenient.
Regarding the EBA RTS on SCA adoption, the EC mentioned that there will be some more finetuning on the required security level in order to achieve this balance between security and ease of use. The panel afterwards continued to debate on the APIs (which the banks are required to provide under PSD2) and their quality. Mr. Georg Schardt from SOFORT was concerned about how standards could be put in place to ensure that banks provide reliable APIs that are of no worse quality than screen scraping the bank’s proprietary e-banking platform. Currently the existing practice of third-party access (referred to by the industry as “screen scraping”) will no longer be allowed once the transition period under PSD2 has elapsed and the RTS applies. Even though PISP actors (such as SOFORT) in the discussion requested the EC to continue allowing screen scraping under the RTS, we understand that the EC will not amend the RTS to allow it. Instead the EC will try to force stricter service levels on banks regarding the API provision, in order to ensure good-quality APIs and a backup solution in case of collapse.
Our view: if there are a few large banks that push the right service level for the new APIs, other incumbent banks will not be able to neglect this and will be pressed by their own clients to offer a decent level of service.
Future Payments innovation in Europe
In the second panel the focus was on the use of technology in payments, how it is changing the European payments industry and the role of innovative “FinTech” companies. Interestingly, this panel made it clear that the European Commission (EC) is now also seeing the so-called “BigTechs” (i.e. big technology companies such as Apple, Google, Amazon, PayPal, etc. bringing their own payments solutions into the market) as an additional actor on the European payments stage. This might perhaps spell a change in the EC’s classification of the players involved, enlarging the scope to traditional banks, new (payments) banks, FinTechs, and BigTechs.
Tatjana Christians from BarclayCard, identified big data, omnichannel (people using different devices and channels) and invisible payments (the consumer doesn’t choose anything aymore, he just “pays”) among the key trends in payments that are becoming the new norm. The keys again being trust, safety and security to bring technological innovation into the payments industry.
Next to the fact that the regulatory focus should be on the consumer and not on the product, Farid Aliyev from the European Consumer Organisation, highlighted the importance of designing in accessibility, and the inclusion of everybody, to not leave people behind in the digital revolution. The problem today is that a lot of people have no digital nor financial literacy (e.g. an estimated 1 in 2 Europeans does not know how to calculate an interest rate), however, the panellists agreed that offering consumers choices with explicit and understood consent and literacy campaigns might help.
During the debate that followed, the panellists further focussed on the issues of consumer data protection and cybersecurity and explored the idea of developing an EU harmonised regulatory sandbox for experimenting with innovations and collaborating with FinTechs. All panellists agreed that the challenge is to get the balance right: to allow businesses to access data to provide services to their customers, while ensuring that others cannot access that same information and use it maliciously. This requires a solid regulatory environment.
Lastly, the event was a good occasion for the EC to remind the participants on the existing public consultation paper on technological innovation in financial services and the place of FinTechs in the EU Single Market: