As businesses have digitised, going from predominantly face to face to online and contact centre interactions, payment have had to follow suit. Realistically, the only option for taking these remote payments has been with credit and debit cards. But cards are expensive and increasingly complex to support operationally. New open banking payments regulation and technology has allowed innovative regulated payments institutions like Ordo to deliver attractive new alternatives. These services allow businesses to collect payments for only a small, fixed fee, and without the customer experience difficulties of cards.
- When taking payments online or over the phone, the only practical option to date has been debit or credit card. But card payments are costly (businesses pay a percentage of value and have the growing overhead of card data security protections), not guaranteed (fraudulent card use means businesses don’t always get paid), take time to arrive in a business’s bank account, and are getting harder for end customers to use with the roll out of Strong Customer Authentication.
- New open banking regulations and technology is changing this, allowing a new generation of regulated payments providers like Ordo to let businesses collect these types of payments cost effectively, securely and easily directly from their customers without the use of cards.
- Services like Ordo’s e-commerce and request for payment solutions charge a small flat fee per payment, allow money to flow irrevocably, in real time, directly from the customer’s bank account into the business’s account with no exchange of bank or card details and the customer authorising their payment directly with their own bank. All the customer needs is access to their mobile or internet banking channel. There’s no registration or app download needed. There is no information for the customer to enter, either about who they need to pay, or how they need to pay them, just a simple authorisation with their bank using their fingerprint, face-id or password.
For e-commerce and contact centre payments, cards have been the only payment option but are costly to businesses and increasingly difficult to use for consumers.
Over the last twenty years businesses have digitised and moved many of their customer interactions from face to face to contact centre and online. In parallel with this move, their payments have gone from predominantly ‘card holder present’, where the customer can simply pass over their payment details securely embedded in their payment card and authenticate their payment via chip & pin to ‘cardholder not present’ where the customer has to type in or read out their card details, name, expiry date etc., and then authenticate the transaction as best they can with their CVV2 number from the back of their card.
With limited other viable digital payment options available to businesses these ‘cardholder not present’ transactions have been the only game in town. Given this limited choice its unsurprising that using card payment in these circumstances feels like a poor solution:
- Taking any card payments is expensive, costing anywhere between 0.5 and 2.5 percent of the transaction value as a direct fee, and given the security risks of taking these payments remotely, the card fees can be even higher.
- The indirect costs to businesses of taking and securing these card payments has continued to grow. The costs to businesses of complying with the Payment Card Industry Data Security Standard (PCI DSS) continue to grow as fraudsters have developed and enhanced their ability to harvest stored card details via business data breeches and security infrastructure or process weaknesses. Also, the costs of failure, fines imposed by data protection and privacy watchdogs, have also become eye-watering for large companies that have failed to properly secure their systems
- Day to day operational costs have also increased, particularly in the contact centre environment where, to preserve internal staff security, customer’s card details can no longer be handled by agents and need to be captured via Interactive Voice Response (IVR)/DTMF systems that require a customer to enter card details over the phone without the agent hearing them. Most recently, with the mass migration to home working from Covid lockdowns, the technicalities of this requirement have acted as significant barriers to effective contact centre working from home.
- Because of the inherent security weakness of these remote transactions, the risk of fraudulent card transactions remains. This is a cost that is ultimately born by the business concerned through chargebacks and potentially higher card fees. Often linked to this problem is the delay in receipt of cash as card companies normally settle payments to their merchants a number of days after the card transaction has been authorised or charge a premium fee for quicker settlement
- Remote card transactions, whether on-line, or via a contact centre DTMF solution are also harder for the end customer. There are significant barriers to transaction completion for end customers who have to enter all their card details and more to for every transaction. With the final implementation of Strong Customer Authentication (SCA) regulations in 2021 these hurdles will grow even higher, causing increased purchase abandonment and customer dissatisfaction, even when card details have been held-on-file by a merchant from a previous transaction – each subsequent payment transaction triggered by a customer action (for example an insurance mid-contract amendment or ad hoc purchase, rather than a regular subscription) will still need to be authenticated by the customer using SCA (see box: Strong Customer Authentication).
Given this combination of direct and indirect costs, poor customer experience and purchase abandonment, there has to be a better solution for businesses to collect remote payments. While there is a substantially more cost-effective way of collecting payments, the Faster Payments Service, its limited feature set and growing security concerns, makes its use on a standalone basis a non-starter for e-commerce and contact centre payments (see boxes: Faster Payments & Push Payments Fraud).
Open banking regulation and technologies has created new options for businesses
New open banking FCA regulated payment institutions, like Ordo, are using open banking and the Faster Payments Service to finally deliver an alternative to card payments for e-commerce and contact centres that massively reduces direct and indirect costs and risks to businesses, as well as providing an easy to use and safer experience for their customers than current card-based solutions (see box: Open Banking Payments).
Ordo’s innovative e-commerce and real time request for payment (contact centre) solutions have been built to exploit the following key features of open banking enabled Faster Payments:
- The underlying low cost base of the Faster Payments Service, which, unlike the global card schemes, charges banks only a small fixed fee per transaction irrespective of the value of that transaction.⦁ The potentially much reduced flow of account details between parties in the open banking payments journey. Only the paying customer’s bank sees all account details, the receiving account information being provided securely from the open banking payments institution (e.g. Ordo) and the source account being selected directly and securely by the paying customer within their own bank’s mobile or internet banking app.
- The irrevocability of Faster Payments meaning that once a payer’s bank authorises and makes a payment, there is no mechanism for reversing or clawing back the payment, eliminating the risks of fraudulent payments for the collecting business.
- The security and privacy led end-to-end designs of the Ordo open banking payments solutions, ensuring that both the business’s and end-customer’s payments information is kept secure, allowing all the benefits of speed, low cost and irrevocability of Faster Payments without any of the fraud risks associated with its normal day to day use.
There are now better payments solutions for businesses and their customers
Exploiting the regulation and technology of open banking, new regulated businesses like Ordo are now delivering businesses e-commerce and request for payment (contact centre) solutions that outperform card payments for them and their customers in every dimension:
- Rather than a percentage of transaction fee that rises with transaction value, Ordo charges businesses only a simple flat fee per payment (never more than 20p) irrespective of the transaction value. Ordo can do this because as a regulated Payments Initiation Service Provider (PISP) it initiates Faster Payments from the end customer’s bank account directly to the requesting business’s bank account to deliver funds, never handling them itself. All consumers and many businesses also get the underlying Faster Payments at zero cost, or as a maximum, as a small fixed per payment fee from their bank.
- With Ordo, indirect costs are all but eliminated. As there is no exchange of payment card or account details between the business, their end customers or even Ordo there is no customer payments data to secure, no requirement for PCI DSS compliance and no risk of fines following a data breach for these transactions. The Ordo solutions also enable the collecting business to provide an indelible transaction or customer reference passes with the underlying Faster Payment to support automatic payment reconciliation on receipt into their bank account.
- This open banking enabled payments solution can also reduce business operating costs. For example, in the contact centre environment, an agent can trigger the generation of a request for payment that is sent directly to their customer. The customer simply opens the message, selects their own bank and authorises the real time payment to the business already set up by Ordo from their mobile or internet banking app. As soon as the payment has been made the agent is informed and the customer call can be completed knowing that irrevocable funds have been received.
- Payments fraud risks to businesses are also eliminated. They know definitively whether payment has been made or not. Ordo informs the business in real time that payment has been made so the business can be absolutely confident that the money is in their bank account and that there are no circumstances under which the money can be clawed-back, or the payment reversed.
- Finally, and potentially most importantly, the end customer’s payments experience has been radically simplified. With the open banking enabled Ordo solution, the end customer does not enter any card or bank account details. They simply follow a secure and personalised, single use, link from the business’s e-commerce site or from a payment request message sent by the business. The link takes them to the Ordo web environment where they choose their bank from one of the forty plus UK banks supported by Ordo. Ordo then automatically opens the customer’s mobile or internet banking app and passes all the information required to make the payment to the customer’s bank using the open banking security protocols. Provided the customer is happy to proceed they authorise payment directly with their bank using their normal security credentials (like fingerprint or face-id), and the payment is made directly to the requesting business.