Join Jeff Brown, president of VPay, a firm specializing in insurance claims payments, and George Peabody of Glenbrook Partners in this deep dive discussion of how the work of claims processing is done and how he approaches B2B payments, compliance, and the value-added services needed by the company’s customers.

The B2B Domain

We’re all familiar with the card present POS domain, card not present Remote domain, P2P payments, and the Bill Pay domain. A phone tap here, a card swipe there, a bill payment to the utility company. On a day to day basis, our personal experience with payments is these areas.

The B2B and B2C payment domains are very different. There is a wide range of industries with very specific payment needs. (Listen to episode 92  to hear how customized payments can become. Roadsync’s Robin Gregg talks about the special paper check type built just to serve independent long haul truckers.)

Insurance is Huge

One of the biggest industries is insurance. Premium payments in the U.S. alone are over $1.2 trillion. Payouts by stakeholders, such as healthcare systems and property & casualty insurers, and made to individuals claimants and service providers amount to trillions more.

Insurance is definitely big enough to be a very attractive vertical to a payments service provider.

Knowing Your Customer’s Business

If you are a PSP serving a particular vertical market in the B2B space, you have to know at least as much about the vertical you serve as you do about payments operations and services. For example, if you’re making healthcare payments, you have to comply with the strict data privacy requirements specified by HIPAA regulations. You may have to support specific data formats. And you should help your business customers deliver useful features to their own customers.

If you want a great explanation of how payments fits into a vertical market, you can’t do better than listening to this episode of Payments on Fire®.

Digital disruption and financial inclusion are focus areas throughout the developing world and the topics are white hot in Colombia. Listen in as Hernando Rubio, CEO of Moviired, speaks with Elizabeth McQuerry and George Peabody about Movii and payment / financial inclusion ecosystem in Colombia.

Financial Inclusion in Colombia

Although one of the first countries in Latin America to make a big policy push for financial inclusion, those efforts focused a “banking correspondents” or agents in local stores carrying out basic financial services on behalf of banks. While these correspondents greatly improved access to financial services, they have not fully produced the desired results. According to the World Bank, fewer than half of all adults have a bank account and only a handful (less than 5%) have a transaction account from a telco led service. Very few Colombians use those accounts to pay bills or buy something on the internet. Cash is still preferred.

Enter the SEDPEs

In 2015 regulators in Colombia created a new category of licensed financial institutions called a   special company for electronic deposits and payments, or SEDPE by the Spanish language initials. While a bank can also pursue this type license to focus financial inclusion efforts, the main conceptualization of SEDPEs are fintechs that gain authorization to take deposits and make payments – the two most basic (and still lacking) aspects of financial inclusion. SEDPEs are not allowed to make loans but can partner with others to make small credits available.

Movii

Rubio’s Movii was the first SEDPE to be authorized by regulators. Movii is a classic digital service that offers a wallet for storing funds, access to a reloadable debit card from Mastercard for buying in stores and on the internet, bill payment, mobile top ups and transfers to other Movii users. Movii also recently connected to the new national real-time payment service (Transferencias Ya) in order to be able to reach all account holders in Colombia. Movii builds off the company’s experience managing Moviired, an extensive network of physical agents in stores and bank correspondents throughout Colombia, that people use for those basic payments. Hear how a company disrupts itself as it lays the foundation for the next generation of financial services.

The merchant acquiring industry continues its large scale shift from a payments-led to an operations-led purchasing decision for the merchants it serves. Historically based on independent sales organizations (ISOs) and non-bank acquirers, the party that increasingly provides payment acceptance is the independent software vendor (ISV).

This makes sense for a number of reasons:

• Software is Vertical. Today, the first IT choice more merchants make is the software they use to run their business. This makes sense. Tools that improve overall business operations have a greater impact on success than the comparatively minor differences among payment providers. Auto parts stores need inventory management. Salons need scheduling. Ice cream and coffee shops need quick order entry. Daycare providers need security controls.
• Payments are Horizontal. Every merchant, regardless of its segment, needs to take payments. While many segments have particular requirements for payments, payment acceptance alone is a commoditized service.
• The ISV is the First Point of Contact. Given its primary role, the ISV has moved into an excellent position to sell and profit from payment acceptance.
• Taking a Back Seat in Selling, Payments is Infrastructure. The payments industry has multiple ways of enabling ISVs to sell payments. The ISV may use a gateway to reach multiple acquirers with the gateway itself selling value-added capabilities in areas like fraud management. The ISV may use the payfac model for fast onboarding of new merchants. The ISV may, itself, become an ISO. Multiple forms of business relationship all provide some measure of revenue sharing with the ISV.

Differentiation in Payments Via New Paths

Differentiation based on value-added services drive revenue in payments. For that reason, we have seen non-bank acquirers and ISOs focus on particular vertical market segments to drive and secure long term revenues. A decade and more ago, Heartland Payment Systems (acquired by Global Payments) doubled down on the restaurant vertical by developing special services for restaurant operators as well as acquiring restaurant-focused ISVs. That lesson has been learned by many since.

Over the last few years, differentiation has also stemmed from how well the payments provider serves the ISV and its developers. Integration of payment services both into the ISVs code and within the provider’s own code base is important. A single API that exposes all of a provider’s services is preferable to integration work requiring knowledge of an API tied to each function. Micro-services based capability is also welcome.

Payment Facilitation as Enabler

While not, in and of itself, a new approach, the payment facilitation model is a major enabler of payment service delivery via ISVs. The payfac model is based on network rules that allows an intermediary to act as the merchant of record in order to provide payment system access to smaller merchants. PayPal did this first for ecommerce merchants. Stripe is another card not present example. Square used the payfac model to offer sellers in the physical world access to card acceptance.

ISVs who become payfacs assume responsibility for the activity of their small merchant customers. So, choosing to become a payfac has its complexities and risks. A number of providers, including Finix, bring expertise in the payments facilitation model to help ISVs make that decision.

In this Payments on Fire®, take a listen to Glenbrook’s Nicole Pinto, Drew Edmond, and Finix CEO and founder Richie Serna as they discuss the payfac phenomenon and the larger shift to the ISV as payments provider. This is a cool conversation about a sea change event in the merchant services industry.

Take a listen as George and Nick Starai, Chief Strategy Officer of NMI discuss the role of the independent payments gateway and its evolution as a technology and business enabler for today’s providers of payment acceptance: ISOs, ISVs, and merchants.

A key technology and business partner for merchants and the first-line providers of payment services (think ISVs and ISOs) is the payment gateway.

At their simplest, gateways provide a single interface to their users that, once built, lets the party using it switch between acquirers with relative ease in order to get better performance, service levels, and/or pricing.

For independent software vendors (ISVs) selling line of business software this flexibility allows their customers to choose their acquirer of choice from the range of acquirers supported by the gateway. Many such relationships are in place long before the ISV relationship is established. ISVs can’t insist that their potential customers change acquiring banks in order to use their software. That’s one use case for a gateway.

Another is the Independent Sales Organizations (ISOs) that also realizes the necessity of using gateway technology in order to reach their increasingly demanding merchant customers. Placing stand-beside payment terminals next to a cash register is no longer nearly enough. Integration of payments into the overall business process of even a smaller merchant is now table stakes. Gateways can help make integration of more advanced capabilities happen.

Independence Means Acquirer Neutrality
Many formerly independent gateways have been acquired by processors. What processor wouldn’t want to move all the transactions managed by the gateway onto its own systems? It’s all about volume, after all.

But for independent software vendors, independent sales organizations selling to ISVs and merchants, and for many merchants themselves, an important virtue of the gateway function is its processor and acquirer independence.

Value-added Services
Gateway operators generally charge flat fees for each transaction handled so they have every incentive to expand the volume of transactions they manage as well as to provide value-added services that increase revenue on each transaction handled.

To increase volume, gateways make it as easy as possible for a customer to integrate to the gateway. They make their APIs simple and robust so it’s easy to add new services. The gateway provider builds software developer kits (SDK) to support in-app payments and makes sure their code runs on every important operating system.

Gateways often specialize on a particular payment domain such as large ecommerce merchants or in-store systems. Others offer a broader set of services. NMI, the subject of this Payments on Fire® podcast, supports both EMV terminals and the card not present environment.

Payment Facilitation
The payment facilitation business model has broadened card payment acceptance to the wide base of small merchants who would otherwise not qualify for a traditional merchant account.

The greatest impact of this payfac model is how it streamlines the onboarding process. Instead of the days-long underwriting process traditionally needed, sellers working through a payment facilitator (PayPal, Square, and Stripe all employ that model) can start to take payments within minutes of creating an account.

Because of that swift onboarding, the payment facilitation model reduces sales friction for ISVs. Their customers can install the ISVs line of business software and start taking payments at the same time.

For the ISV, there’s also the opportunity to earn revenue from their customer’s payment transaction flow. We’ve seen multiple merchant companies selling software services earn substantial revenue from the payments side of their business. NMI provides essential infrastructure services for the payfac business model including onboarding, sub-merchant account creation, KYC, and other reporting services.

The NMI Story
Nick relates NMI’s growth and service expansion. It’s a cool story that speaks to the industry’s evolution as well as the company’s own growth. By the end of the podcast, you’ll understand how enabling technology and new business models have shifted, yet again, the payments ecosystem. The gateway and payment facilitation services offered by NMI help move ISVs and tech-forward ISOs into a first position over traditional providers of merchant services.

Take a listen to Ian Drysdale of Zelis Payments and George as they discuss how complex the payments process is in the healthcare industry.

Near the peak of payments complexity and specificity is the healthcare industry. If you’ve ever looked at an explanation of benefits letter from a healthcare insurer, you’ve had a glimpse into the complexity of these payments. Multiple parties are paid a lot of money, before you may be required to ante up a co-payment yourself.

Regulation, compliance, the huge range of services delivered, and the scale of the healthcare ecosystem—from giant healthcare insurers to the local dentist—make healthcare payments a challenging, and attractive, market to serve. It is an enormous business-to-business market. Americans spent $3.5T, over $10K per person, in 2017. We spend something like 1 in 6 of our dollars on healthcare.

Simply getting the payment to the right party is complicated. Consider the imaging clinic that operates within a big regional hospital. It has its own back accounts, its own P&L, its own accounts receivable. Getting payments routed into the right account isn’t easy.

Checks still dominate in this industry because the development and maintenance of databases to track bank accounts is a major headache for a payer like an insurance company. Dropping a check in the mail, along with invoice information, at least communicates what’s necessary despite slow speed and high cost.

That’s where Zelis Payments and Ian Drysdale, its president and guest on this Payments on Fire® podcast, come in. Zelis Payments specializes in shifting healthcare payments from check rails to ACH rails. Using the service, providers get paid within a two or three days instead of two weeks. That speed has a huge impact on cash flow, a business metric of particular importance to smaller providers.

Zelis Payments also enables an EDI message format that communicates what’s being paid for in a manner consumable by the accounts receivable software in almost every healthcare provider’s office. Matching up the ACH deposit to what it covers is automated. While neither ACH or EDI are considered modern technologies, pairing them tightly produces real efficiencies.

Another area of complexity Ian discusses is healthcare fraud. Unfortunately, no small number of providers enter fraudulent claims into the system. They add up to huge numbers.

Zelis Payments adds value specific to the healthcare industry around the general functionality of EDI and ACH rails. If you’re a dentist getting paid 10 days faster than before, that added value is a very good thing.

Need an early warning system for what payment system hackers are about to do? Then knowing what’s happening on the dark net is imperative.

In this episode of Payments on Fire®, George speaks with Aamna Zia, VP of Finance and Growth at Flare Systems, and David Hetu, its Chief Science Officer. Based in Montreal, Flare Systems operates a dark net monitoring system that brings intelligence to the InfoSec and fraud management teams at banks.

The dark net is a mysterious place for most of us. It exists on something called Tor, an internet overlay that is designed for anonymity. Using a purpose-built browser, users can access websites, chat rooms, and the like, similar services to those we use on the open internet. The anonymity feature makes performance slow but it also works.

And that’s why it is the hub that marketers of stolen card numbers, user IDs and passwords, personally identifiable information, and hacking tools use to buy and sell. It’s this activity and the discussions around it that Flare Systems monitors and reports on.

Among the findings of Flare’s analytics is the fact that the vast majority of card data sellers probably have to live with their parents to get by. There’s not a lot of money in that particularly tired approach.

Obviously, there’s plenty of money to be made in payment fraud, though. Account takeover (ATO) fraud is growing quickly as recent losses on the UK’s Faster Payments system demonstrate. Synthetic identity fraud is fueled by the kind of data sold on the dark web.

Take a listen as Aamna Zia and David Hetu as they describe how Flare Systems works and what the hackers are up too. Then, if you’re on a bank’s infosec or security team, try to get some sleep.

Listen to George and Jacques Soussana, General Secretary, of nexo Standards, an organization based in Europe with global goals to establish interoperability of hardware, software, and data across the point of sale and e-commerce domains.

Interoperability in a Complex Ecosystem

The payments industry is in a period of especially swift change. New methods of payment, new payment systems, new ways to initiate a purchase.

Innovation can be wonderful, improving convenience, speed, and reliability. But there is a downsides to all of this creativity: Interoperability. Connecting disparate systems is technically challenging and faces business questions such as “what’s the ROI on connecting to yet another system?”

Today interoperability may be difficult or impossible by design. Payment methods stood up by individual companies often remain closed or must rely on other payment systems to actually move transactions.

In what is an increasingly integrated world with payments as an embedded experience, interoperability challenges show up both at the physical point of sale and online. Acquirers often use proprietary adaptations of standard protocols to “enhance” their capabilities and, to a degree, erect competitive barriers. The software used to connect point of sale terminals processed by one vendor must be changed when those same POS devices are connected to another provider.

Further complicating the merchant challenge is the merchant-facing software that connects to those terminals. That software connects to each brand of payment terminal in a proprietary fashion. While gateway providers simplify the payment interface for these independent software vendors (ISVs), each gateway provider has its own approach.

For merchants, then, there’s no such thing as “plug and play” software to connect to terminals or to connect those terminals to payment networks.

This complexity was bad enough when card rails were the only payment method of consequence. Today, however, domestic and regional payment methods are changing, adding account-to-account push payment systems like the U.S Real Time Payment Network from The Clearing House or the European SEPA Instant Credit system.

In other words, there are new payment rails, the systems that actually move money, that matter.

So, this complexity problem must overcome and that is the goal of nexo Standards, the organization Jacques represents and the topic of today’s Payments on Fire® discussion.

Getting stakeholders to work on the common goal of interoperability is no easy task. Most often, participants come from competitive companies. Most of these organizations are large because, first, they have to be large to afford the investment in participation, and, second, they have to be large to realize the financial benefits of actual implementation.

This is known as the “Herding Cats Problem” and they aren’t kitty cats.

nexo Standards, and its prior incarnations, has been working on point of sale standards for over a decade. The nexo FAST standard that addresses the physical point of sale, EMV, and how to connect within the SEPA framework is nearly 1,000 pages long. And there are multiple nexo specifications including the Retailer protocol that describes the interfaces between a card payment application and a retail point of sale system

Other nexo standards address security, terminal management, the acquirer connection, and implementation.

So, a complex technical and business environment with nexo Standards bringing a comprehensive set of specifications to address it.

nexo Standards Annual Conference (attendance is free, in London)

Talking Faster Payments

In this Payments on Fire® episode, Faster Payments Council Executive Director Kim Ford discusses the Council’s work, the U.S. Faster Payments Barometer survey, and where we are today with Glenbrook’s Beth Horowitz Steel and Elizabeth McQuerry. Take a listen and take the survey. You’ll contribute to the Council’s education, planning, and prioritization work.

A Better Way, Please

Last week I tried to connect my accounts at two different banks. Between account type mismatches (my bad), long account numbers, ACH micro-deposits, and balky websites, well, I’ll confess I put a check in the mail as a “quicker” way of overcoming the electronic barriers. Snail mail. Really?

That situation, and many more where speed matters, is exactly why the world is turning to faster payment systems that allow the accountholder to push money from an account she controls to a recipient in near real-time. To eliminate entry, and sharing, of bank routing and recipient account numbers, today’s faster payments systems are often enhanced by a directory that maps the recipient’s name to a mobile number or email address. The director connects those to the underlying bank account.

This is great stuff, especially for the United States where so many push payment methods exist based on closed loop or incumbent payment rails. The U.S. now has providers like Venmo using balance transfers and card rails (Visa Direct, Mastercard Send) to make realtime P2P transfers workable. NACHA has sped up the automated clearinghouse (ACH) system to run batches a few times a day to accomplish its Same Day ACH service.

We have Zelle, the P2P service stood up by Early Warning Services,  that combines a directory with immediate funds transfer availability for the recipient and interbank settlement running over, yet again, an incumbent payment system, in this case the ACH.

Every one of these approaches has merit and traction.

New Rails, New Rules

That said, the new real-time systems are growing here too. Built with modern software and messaging protocols, they promise to change how both end-user settlement and interbank settlement is accomplished.

The first on the scene was the Real Time Payment (RTP) network from The Clearing House (TCH). Launched in 2017, the largest financial institutions and bank processors are integrating their core systems—the software that manages accountholder balances and transaction activity—to the RTP Network.

And this summer, the Federal Reserve announced it will build and operate its own faster payments system called FedNow. Like TCH, the Fed has operated multiple payment systems and been the preferred operator for the nation’s smaller financial institutions.

New Complexities

Competitive pressures, market guidance, and regulation are what move the U.S. economy. The Federal Reserve provided plenty of guidance to encourage development and deployment of faster payments systems. THC’s RTP Network was among the first to respond.

These new rails are a result of a multi-year effort by the Federal Reserve to shepherd the highly competitive U.S. payments industry toward the development of these faster payment systems. The RTP Network and FedNow are proof of its success and that of the Faster Payments Task Force, the group convened by the Fed to define the characteristics of the new approaches.

But there’s still a lot of work to do. Questions of governance, implementation, and more abound. Interoperability concerns are especially high. These are, after all, competitive systems.

The New Organizing Principle – The U.S. Faster Payments Council

To keep the evolution of the U.S. faster payments moving forward, the U.S. Faster Payments Council was formed. Many Task Force members have joined as members of the Council.

The Council serves as an industry-led organization that supports collaboration across multiple areas including security, end user education, and interoperability.

In other words, the Council will be herding some very big cats.

The U.S. Faster Payments Barometer

To support its education and collaboration efforts, the U.S. Faster Payments Council is conducting a survey of industry views on faster payments advancements. A multi-year survey, to monitor the momentum and evolution of Faster Payments here in the U.S. market.

The survey is designed to identify key criteria for market adoption, broadly gauge momentum for various use case applications, and seek to address challenges to be solved in order to have a well-established Faster Payments ecosystem.

Talking Faster Payments

In this Payments on Fire® episode, Faster Payments Council Executive Director Kim Ford discusses the Council’s work, the U.S. Faster Payments Barometer survey, and where we are today with Glenbrook’s Beth Horowitz Steel and Elizabeth McQuerry. Take a listen and take the survey. You’ll contribute to the Council’s education, planning, and prioritization work.

For a nanosecond, about seven years ago, I thought the payments industry was entering a steady state where change, while sure to be accelerated by technology, was going to settle down to the familiar sedate pace the payments industry had taken for decades.

Hah! Payments industry evolution has leapt forward since then based on, yes, technology, but also new rules, regulations, business models, and changes in attitude toward how money moves, security, and privacy.

One major trend I didn’t anticipate then was the global phenomenon of faster payments, now in active implementation or operation in some 40 countries around the world. Another, of course, is cryptocurrencies but I’ll leave that one alone for now.

The emergence of faster payments is a function of new technology with new transaction switching infrastructure and (mostly) a common messaging standard in the form of ISO 20022. But it’s also a function of rules and market response.

Even in the United States, a nation whose payments strategy is largely set by competitive forces, the central bank has had significant influence in launching new settlement capability. (And now, the Fed is planning to build its own version).

Europe and India are standouts when it comes to government guidance and strategy setting for banking and payments systems.

The European Union’s active role in evolving payments policy is recently expressed in the second Payment Services Directive (PSD2).

PSD2 has chosen to address one of the most vexing digital security challenges: strong customer authentication or SCA. Article 4(30) of the directive defines SCA as:

“an authentication based on the use of two or more elements categorised as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is) that are independent, in that the breach of one does not compromise the reliability of the others, and is designed in such a way as to protect the confidentiality of the authentication data”

For anyone familiar with authentication requirements, this is hardly a novel approach. That said, as far as the payments ecosystem goes, however, this is a sea change.

This is also a necessary change. Faster payment systems, where the sender pushes the payment to the recipient, make the sender’s bank responsible for authenticating its accountholders. The accountholder has to prove to her bank that she has the right to access her own account and to initiate a payment.

Unfortunately, phishing and malware are attacks that make account takeover easier than ever. There’s been an uptick in authorized push payment fraud in the U.K. due to ATO.

Therefore, enforcement of multi-factor authentication is seen as a necessary response.

Point of sale transactions already meet the SCA requirement. The card is something you have; The PIN is something you know. That’s enough to meet the SCA requirement. Oh, right, in the U.S., we don’t put PINs on credit cards. They do in Europe. We’re going to need biometrics in the U.S. (something you are).

PDS2’s SCA mandate requires that multi-factor authentication be used whenever a user logs into her bank account or makes an eCommerce payment. Whenever payment risk is a possibility, SCA has to be used (there are plenty of exemptions but that doesn’t change the point).

Every stakeholder—every bank, every eCommerce site—must comply by doing something they have not done before.

That means a lot of work.

In this Payments on Fire® episode (Episode 100!), I speak with Russ Jones, Glenbrook’s partner in charge of our Payments Education Program and a preeminently insightful payments consultant. Russ takes us through SCA, its relationship to other standards, and the impact of its now somewhat delayed implementation.

Russ concludes the conversation with the rather chilling observation that history is about to repeat itself. The U.S. will experience in the digital arena what the U.S. experienced at the physical point of sale.

When EMV chip cards were mandated in Europe, card fraud at the POS and the ATM migrated to the U.S. Reliant on the static data of the mag stripe, the U.S. became a global magnet for magstripe card fraud.

Once SCA becomes broadly implemented in the EU, in 2021 and beyond, online fraudsters will redouble their already considerable attacks on U.S. financial institutions, tech providers, and merchants. While security tools are more common than ever—FIDO capable smartphones are one example—the U.S. lacks a single entity to mandate and enforce multi-factor authentication in payments.

Scared yet?

One of the privileges of using a card to make a payment is the ability to dispute that charge should something go wrong. Maybe you ordered one garden rake but got charged for two. Perhaps you ordered a sweater and, as my colleague Allen Weinberg puts it, “got shipped a box of rocks.” Or you discover a charge that you didn’t make on your card account and believe it’s fraudulent.

In all those cases, the dispute process involves a chargeback.

The cardholder disputes the charge, the issuer credits the customer for the amount of that charge if it’s an obvious mistake or fraud, and, depending upon the chain of liability rules and the type of transaction, one party—the issuer, the acquirer, or the merchant—will have to bear the cost of the chargeback.

For merchants, just getting a chargeback message is a cost in the form of a fee paid to its acquirer. How does $5 and (way) up sound? Chargebacks, as a payments cost, are no financial joke.

The card system also views the chargeback rate—the percentage of transactions that result in a chargeback—as a leading indicator of poor merchant behavior. Once a merchant’s chargeback rate approaches one percent of its transactions, the merchant’s acquirer or PSP is going to put it on notice. If the merchant doesn’t lower that rate pronto the merchant could lose the ability to accept card payments.

The chargeback process is also a cost to issuers who are generally the party first called by the unhappy customer (issuers will often ask the customer if she or he has called the merchant, too).

In other words, chargebacks are a result of something going wrong and they can be a costly hassle for everyone because, for many stakeholders, chargeback handling is still dealt with manually.

In this Episode 99 of Payments on Fire® we talk with Rick Lynch, VP of Business Development from Verifi, about the impact of chargebacks on merchants and issuers. He updates us on rule changes by Visa and Mastercard. And he addresses the process and techniques needed to handle these post-authorization events.

While only mentioned in passing during the episode, Verifi is being acquired by Visa, in another example of expansion by card network operators into adjacent payment ecosystem roles.