Pay-by-Bank solutions are suddenly the fashion in the payments world. Solutions are available from HSBC, JP Morgan, Barclays, JP Morgan, Mastercard and World Pay to name a few. How do they work and do they help or hinder fraud? They promise convenience at
the point of sale. But, what about fraud? Do they help combat that?
Billers whose consumers already pay from their bank can choose to integrate Pay By Bank solution on their existing payments page. At checkout, consumers select ‘Pay-by-Bank,’ where they will be prompted to find their bank. There they will verify themselves
using their own bank’s familiar authentication process, a biometric scan, for example, and securely share their bank account information with the bank to complete the payment on behalf of the biller.
The Pay-By-Bank product can utilise Open Banking protocols in the background to reduce payment fraud. As the service gets taken up by more merchants it has the potential to reduce fraud across the payments landscape as it uses the bank’s security systems
to verify the user and the payment. The key benefits of the product are that no third party intermediaries are involved and the customer does not need to key in their card details, pin numbers or passwords to make the payment. The user experience is different
depending on the device the customer is using but it is very intuitive and customers should not experience any problems.
Consumers have peace of mind as they never need to share their payment information and security with the merchant, there is nothing to download, no new passwords or payment details (all of which could be compromised by a bad actor. The consumer sees the
before and after account balance almost instantly. Finally, they can quickly find all connected retailers within their banking app.
Merchants benefit as all transactions are authenticated by the customer’s own bank app – therefore fraud liability is shifted to the customer’s bank resulting in fewer chargebacks and payments being near instant. An obvious limitation is that merchants want
that want to use PaybyBank App, will need to partner with an acquirer bank or payment service provider that can process MasterCard transactions. They will also only be able to process PaybyBank App transactions if a payer’s bank also supports Pay by Bank App.
The card issuer benefits as Pay-by-Bank puts the trusted bank brand at the center of consumer payments. This gives the customer the confidence they are looking for when making a purchase.
It appears therefore that the technology behind Pay-by-Bank reduces the likelihood of unauthorized transactions and frees merchants from the need to retain, and the responsibility to securely maintain consumer banking information.
An ongoing concern of mine is the rampant growth of APP (authorized push payment) payment fraud where a payer, often an individual consumer, instructs their payment service provider (PSP) to send money from their own account to another account. PSPs can
include banks, credit unions, and electronic payment institutions etc. The payments happen instantaneously so are difficult to prevent. The payments are typically executed via CHAPS or Faster Payment System (FPS). APP fraud occurs when the payer is deceived
into making an APP to an account controlled by a fraudster. Once the money has left the bank account it is gone!
But, be under no illusion fraud isn’t totally eliminated with Pay-By-Bank. One avenue is closed as the merchant doesn’t see the card/ bank details and they are re-keyed by the customer. However, the device/ computer may be controlled by a bad actor - in
which case the account owner will still be liable for the purchases/ money transfers made from the account. The bad actor could use your phone, or computer to make purchases at multiple stores using Pay-By-Bank and clean the account out before you are even
History teaches us that as banks and card issuers prevent one method of fraud, the bad actors quickly devise new more advanced methods to bypass rules-based and ML technologies. With dark marketplaces, fraudsters purchase compromised accounts and emulate
legitimate fingerprints via the use of bots and browser plugins.
Pay-By-Bank does provide an additional level of security. This initiative and others like it by other major banks are to be welcomed. By using technology, AI, and other tools available we as an industry are narrowing the window of opportunity for scammers.
This is not a time to rest for the industry we need to redouble our efforts and create new innovative products that protect customers and their money.