How To Make Sure Instant Payments Are Still Secure Payments
Lisa McFarland, EVP & Chief Product Officer at Ingo Money
When compliance and risk people start taking a real look at how they can safely and securely get instant payments up and running, the road can get rocky.
There is no shortage of risks to consider:
- Financial risk: making sure the payee that ends up in possession of the funds is actually the intended recipient.
- Data security risk: making sure fraudsters aren’t harvesting all the information that has to exchange hands to make instant push payments possible.
- Regulatory risk: ensuring all the mechanisms and tools for payout are actually compliant with all relevant regulatory structures, both state and federal.
Risk is always a concern in making payments without face-to-face interaction. But companies need to keep in mind that risk and fraud are also associated with old, slower ways to pay.
There isn’t more or inherently worse risk with an instant payment. It is just different risk.
Speed: The Biggest Benefit and Security Stumbling Block
Unfortunately, the major risk with an instant payment is also its main benefit — the fact that it is fast. When everything goes as planned and the funds have flowed to the right person, speed is a terrific feature that means the receiver can pay a bill, make a purchase or head to an ATM and cash out. But if something goes wrong, and the funds have been sent to a fraudster, they too can instantly access those funds and be gone. The payment is irrevocable and can’t be reversed.
Being slow doesn’t make a payment fraud-proof. In the old world of analog check payments, a fraudster could still steal checks, endorse them and have them cashed before the payee could call in and report their payment hadn’t arrived.
Among the upsides of digital interactions is the breadth of information that can be brought into authenticating a transaction — whether it matches the name and address of the proposed payee and how long an account has been open. With those guideposts in place, payors can have a high level of confidence they are paying out to the appropriate end receiver.
Customizing the Payment to the Context
Every vertical is different, which is why in some sense every instant payment offering is a bespoke build. In the case of merchant acquirers, much of what they are doing is really looking at their onboarding process and making sure they have reason to trust those within the instant payments experience.
Some acquirers will offer instant payments to some merchants but not all, depending on profile or amount of time on the platform. But overall, it really isn’t that different from a standard settlement process.
For insurance companies that operate under both federal and state jurisdictions, the relevant elements quickly begin to center on regulatory risk and making sure that they are compliant with local regulations in each jurisdiction.
Building this capability is no longer up for debate. Potential partners know; they’ve seen the data.
The critical next step is showing them how they can use the technology to set the risk rules they want — and adjust them as circumstances call for.
The new conversation is about going through all of the controls that can be applied and helping clients build the risk management system they need to be confident.
Tune into the podcast on PYMNTS.com, Why Slow Payments Aren’t Necessarily Safer Payments