Covididence 2020 in payment traffic

Covididence 2020 in payments

Covid 19 and SCA give old payment features shine like new


POSTED ON 06. MARCH 2021 BY Ralf Hesse

The good intentions

New Year’s Day 2020. Many are struggling with the well-known late effects after a night of too much drinking and one or two are perhaps sceptical for the first time about New Year’s resolutions that they so laboriously put together the previous week. But what then happens in the spring of 2020 is something no one has or could have taken into account in their plan of action. A small virus from the far China, named “Covid-19”, was to develop into a pandemic in a very short time and hold the entire globe in a firm grip from the spring of 2020. The restrictions in public and private life that became necessary by the pandemic have greatly affected and inevitably changed people’s lifestyles worldwide. The economic and social as well as socio-economic consequences are difficult to foresee or conclusively to predict even after a year of “covid confinement”.

A collapse in economic power (due to various restrictions and/or a wide variety of lockdowns), restrictions on the freedom to travel, the special protection of risk groups, mental overkill of care personnel and much more are the effects that we all perceived at least informally in 2020. The payment industry certainly paid special attention to the resulting changes in the purchasing and payment behaviour of citizens who are so restricted.

At the same time, however, the payment world has also saved and transferred an old boil from 2019 to 2020 – the “Strong Customer Authentication” or SCA, which, according to the European Banking Authority (EBA), had to be switched on by 1 January 2021. At the beginning of 2020, every payment service provider is likely to have counted the upcoming SCA adjustments in its payment systems among the necessary evils rather than among the good resolutions for 2020.

If we look at the past 12 months, we can state with certainty that the SCA mandate, in coexistence with the pandemic, has greatly changed the payment world and even woken up old acquaintances of the payments as from a “Sleeping Beauty” sleep. Perhaps in this case it was not the fair prince who kissed these candidates awake from their “sleep of the century”, but rather the two frightening figures Covid-19 and SCA, which accelerated the awakening with their ugly grimaces.


The development over the year 2020


As we are well aware, at the beginning of 2020, the region around the 11 million metropolis of Wuhan in China “exported” the virus. This then missionized the globe in the shortest possible time in an unprecedented manner. Here in Germany (as well as in many other European countries), the first peak was reached with the first lockdown on 23 March 2020. From a virological point of view, a worldwide spread in only three months can definitely be considered a success.

Compared to this, the SCA measures that were carried out in the same period were rather small, even though they were partially intensified (e.g. at the issuers). Due to the mandates of the credit card organisations, which of course defined their own milestones for 1 January 2021 in line with the EBA’s master plan, the card-issuing institutions certainly had to carry out a significantly higher implementation effort by April 2020 than was the case on the acceptance side in the same period – hence only a partial effort by the payment service provider ecosystem.

But also on the acceptance side, mandates from the credit card organisations were defined as requirements and applied into their calendar, which then hit them from the middle of the year onwards (EMV 3DS2.1+ mandate as of 01.07.2020 and the EMV 3DS 2.2 mandate for Visa as of 18.10.2020). This ecosystem on the acceptance side – consisting of acquirers, their processors, the payment service providers, the network service providers and the 3DS2 service providers – was therefore forced to technically adapt to these enhancements in due time.

Oh yes, and then there was another not entirely unimportant participant on the acceptance side, namely the merchant or payment acceptor. And this is where we recognised the weakness of the SCA definition. It cannot be said that the merchants in their very own role are a weak point for itself, but rather that the SCA by definition did not take this last link of the payment acceptance world sufficiently into account in the implementation mandate. The reason for this is once again the “chain of command” of payment surveillance, which has not been thought through conclusively and consistently to the end. Of course, the regulator and surveillance authorities (BaFin/EBA) can only regulate the regulated and supervised parties (Payment Institutions). But blindly trusting that these supervised parties will revolutionise the market on their own initiative and pass on the torment demanded of them to the “offenders behind them” was probably a little too short-sighted. The market is governed by the traditional “chicken and egg principle”. And following this principle, it was almost impossible for the payment acceptance providers to convince the merchants of the salutary benefits of the SCA if used.

Regardless of the SCA’s quarrels, the Covid-19 virus continued its success story and at an increasing pace.


The weaknesses in SCA implementation on the payment acceptance side


On the payment acceptor side, the wheat was separated from the chaff by the middle of the year with regard to the SCA adjustments to be made. Those merchants who sold their goods via a direct sales model had quickly calculated at least a master plan that should enable them to implement the SCA in accordance with the applicable requirements by the end of the year.

Those market segments that sold their goods via indirect sales channels were much worse off. Due to the chronological separation of order reservation and payment capture, different technical service providers were sometimes entrusted with the processing of the individual tasks in the successive sub-processes of payment execution – sometimes even service providers contractually distributed over several points of payment acceptance. This sometimes made a SCA-compliant payment processing impossible.

The travel and car rental industry (T&H for “Travel and Hospitality”) was particularly affected, as reservations were often made far in advance of the use – and thus the collection of payments – for the respective services. The travel packages often booked via online travel agencies (OTA for “Online Travel Agency”) were collected by different service providers (hotel, airline, rental car, etc.) at a much later date. And for this procedure, even before SCA, these OTAs used virtual credit cards as a one-time mens of payment. With this instrument, the OTAs were able to bind the payer directly to themselves without the payment transaction being processed directly between the service provider and the cardholder. However, since it was known from the SCA definition that virtual cards were exempt from the SCA obligation, the use of virtual cards by the OTAs was thus used as means to an end. This renaissance of virtual credit cards was certainly not in the interest of the service providers, as it only alienated the cardholder even more from the service provider – especially since the OTAs did not provide this service without a corresponding contribution to the service provider.

With the SCA requirements, however, the demand for interactive data exchange between the service providers involved also became louder (use of the so-called MIT framework [1]). This demand in turn required extensive adjustments in the IT systems and communication protocols of the corresponding service providers. As already mentioned, the creation of this framework required a wide variety of adjustments at different service providers, which realistically made implementation at the turn of the year 2020/2021 impossible.

However, the credit card organisations recognised this shortcoming just in time and, due to the multiplexity of this service provider universe, created a possibility to bring about the affected transactions without the use of virtual cards and without the use of MIT frameworks through a corresponding MOTO labelling of the transactions. Of course, this also required adjustments in the marchant acceptance ecosystem, but it was much easier to realise because this “re-labelling” could be implemented centrally on the machines of the payment acceptance providers.

MIT framework as a powerful SCA tool

The MIT framework described above is certainly the last resort in the implementation of SCA requirements – especially if the business transaction is realised via indirect sales organisations such as OTAs. However, by definition, there are some conditions attached to the use of such a framework that need to be observed across the entire service chain. Equally, it should be noted that the acceptance channels used by these different service providers (ECOM, MOTO, POS, etc.) can sometimes be applied in one and the same MIT process.

And it is precisely at this point that an old companion that does not seem new to the payment world returns to the discussion podium: the creation of an “omnichannel solution”. The idea of using omnichannel products to collect payments that were authorised e.g. via an ECOM portal but which are later collected from the service provider via a POS device, and ideally also in compliance with the SCA – i.e. with the help of an MIT framework – is thus the logical consequence of the search for a cross-service provider and platform solution of a holistic MIT framework.

Predestined for the realisation of such a solution would be network service providers (who usually also offer ECOM and MOTO solutions) or PSPs, as both parties are already processing parts of this omnichannel solution on their platforms. It remains to be seen who will be the first to take up the baton in 2021.

In 2019 and 2020, we have already seen two renowned PSPs in Germany (Computop and Adyen) expand their ECOM/MOTO platforms to include POS business. Certainly, this move should be seen primarily in the context of the idea of expanding the service portfolio and the associated market segments. However, it also offers the perfect jumping-off point for the realisation of an omnichannel solution. Network service providers should therefore now be warned to expand their platforms in the direction of omnichannel. This is the only way their platforms can handle all business transactions in a SCA-compliant manner in the medium to long term. In addition, there is the increasing number of ECOM transactions, which, not least due to the Covid-19 pandemic, has triggered changes in the purchasing behaviour of citizens and is prompting network service providers to rethink. It remains to be seen who will be the first to take up the baton in 2021.

The bottom line is: Covid-19 and SCA in cooperation have shifted payments in the direction of digital payment transactions (this also includes the reduction of cash payments) and also demand cross-platform solutions in the sense of the omnichannel approach. Even though the SCA appears to be in full force [2], it will continue to have a significant impact on the development of payment transactions in 2021.




[1] MIT stands for “Merchant Initiated Transaction”. This transaction type is exempt from the SCA and can be used when a merchant wants to collect payments without the cardholder being present. The use of an MIT framework in connection with “indirect sales” transactions is a preferred approach of the credit card organisations for the T&H industry but requires adjustments in the systems of all affected service providers in this processing chain and also requires SCA-compliant communication between these affected service providers with additional SCA values.

[2] In full” here includes the EEC-wide “ramp up” plans of the national surveillance authorities, which partly provide for the 100% implementation of the SCA in monthly steps until the end of March 2021.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

Social distancing, hand hygiene, face masks and contactless payment

Social distancing, hand hygiene, face masks and contactless payment

POSTED ON 06. DECEMBER 2020 BY Marcus Klose

Contactless and cashless payment? One scenario: It is Saturday, and I am driving to town in my car. I am parking at the small market near the church. I get out my car, insert my credit card into the slot of the parking machine and select the desired parking time in 50 cent steps. My next stop is the fruit stand at the weekly market. I am picking up the small bag of bananas and kiwis, type the 10-digit number printed on a paper label in the display, into a payment app on my mobile phone and transfer the amount with a short swipe. Just before I get back into the car, I want to stop by the supermarket. As I stand in line at the cash desk and dig out a few coins in view of the small amount, the grumpy cashier points at the sign on the door: “We don’t accept cash”. So, I pull out my mobile phone again, unlock it by looking at the display and then hold the device against the terminal. I wonder if I will ever get rid of the change in my pocket again.


Telling from the “war” against cash
This story seems strange to you? Perhaps it is because what has been said did not take place in Germany, but in Sweden. Here people already live predominantly cashless. And not just since yesterday. Here, the “war on cash”, as Harald Olschock, General Manager of the Federal Association of German Money and Value Services (BDGW) puts it completely unselfishly, is already in full swing. Not to say, in the meantime, to the point where only a few insurgents persistently defend their right to use cash.


Cashless payment transactions: figures about the use in Germany
In Germany, on the other hand, the advance of the fighters for cashless payment transactions in recent years resembled a grueling positioning battle to remain in the picture. Especially the use of contactless payment methods, are considered widely as bridging technologies to a complete digital payment infrastructure. Still in 2016, 54% of Germans stated that they had never made contactless payments and would not consider doing so in the future. Only 10% of the population had already paid contactless at that time and only the smallest part of them regularly. In 2019, 3 years later, the situation already looked different. 55% had already made contactless payments last year. Half of them used the contactless function of their girocard, credit card or smartphone at least once a week.


Another victim of Corona – cash?
Now this year is different from all previous years and in many ways. Not only does it now feel strange to leave the house without a mask, even though just a few months ago we shook our heads half amused, half uncomprehendingly when an Asian travel group ran into us again dressed in all kinds of colourful face masks, but Corona (or COVID-19) has also fundamentally changed our behaviour at the checkout. Even in 2018 you still belonged to a rare species if you only held your card briefly at the terminal in the supermarket. You could be sure of the amazed looks of your fellow-square-players if you only briefly pulled out your mobile phone after the question “cash or card” and with the “ba-bing”, which in the meantime has even received some media attention through Deutsche Bank, you grabbed your shopping bags and simply disappeared without even opening your wallet.


Corona as driver for contactless payment

The pandemic is now responsible for the fact that the number of cashless and, in particular, contactless payments has increased considerably since 2019. Both parties say so, the supporters of cash and those who would like to get rid of it at last. The former complains, however, that the warning about the risk of infection with cash is only scaremongering and will only fuel fears among customers and sales staff. The latter, on the other hand, are pleased that the last necessary impulse has now apparently been given to finally clear the way for a long-slept future of digital payments in Germany.


In contactless payment the focus is on practicality and speed

Now it seems that the greatest risk of infection is probably not really due to the exchange of cash, but to fruits that has been inspected for purchase and then put back. But this must be conclusively clarified by the relevant experts elsewhere. It is also the case, however, that it is by no means the fear of an infection risk that makes people increasingly use cards or smartphones.


Current Top 3 reasons for using cashless payments

At least this is what a survey by Statista in cooperation with gdata has shown. When asked why they prefer to pay without cash, only 20.3% of participants cited fear of infection as the reason. And that puts this statement only in third place. In the first two places, on the other hand, were the reasons that, for example, the smartphone is always at hand, cash is not always available (32.5%), or that the time saved at the checkout compared to cash plays a role (31.7%).


Cash – no longer the German’s favourite child

The fact is that the love of their cash has suffered particularly badly among Germans since the outbreak of the Corona crisis, and people are even becoming bolder about “new” technologies. In the meantime, 75% have already made contactless (i.e. also cashless) payments and about 64% even do so regularly, Forsa researchers have found out on behalf of Visa. Most of them, 56% of those questioned, prefer to pay by card, an increase of 3% on last year. Only 32% still say that cash is their preferred means of payment. However, the increase for smartphones is significant. Here, 12% of respondents said that this is now their favourite form of payment. This represents a doubling of the previous year.

What is even more interesting, however, is that the basic attitude towards cash also seems to be changing, almost equally across all age groups. For example, the digital association Bitkom has found out that the vast majority of people in Germany would like to see more points of acceptance for contactless payment. In the group of 16-to-29-year olds, this is less surprisingly as high as 76%. But even among the 65-year olds and older it is still 62%. And if we continue to listen to the participants, the majority of those questioned even try to avoid paying with cash as much as possible. In the younger group, among the 16-to-29-year olds, the figure is already 84%. But it is sensational that even 68% of the oldest citizens, 65 years and older, have the same opinion.


Doesn’t anyone think about data protection? For God’s sake, data protection!Thus, one of the most frequently mentioned arguments for the usage of cash seems to lose its importance. Namely that older people could be excluded from social life if cash were abolished. Other arguments regularly address the alleged lack of control over spending and the general security of the payment process. In addition, fear of the lack of data protection must not be missing in Germany, of course. Materialistic sounding statements, such as those about the “war on cash” of the BDGW mentioned above and the diffuse fear of the “transparent citizen “, cleverly combine the German very own guilt complex with fundamental skepticism about the technological future.


Kids photos on Facebook? No problem. Pay digitally? Never!
The fact that the majority of people now publish every private detail on social networks without thinking about it, seems to be deliberately overlooked. Just the way it suits you. Quite a few parties are currently discussing the lowering of the voting age to 16 years. Under the cloak of maturity, the tendency of some people, which is very practical for them, to prescribe ideologies without checking them, is just right to open up new groups of voters. But when it comes to buying a new pair of Air Max, we don’t trust young people to be able to understand the impact of this transaction on their account balance and to make a sustainable assessment of it as long as they don’t use cash.

Every reasonable banking app now offers a corresponding overview. Even up to analysis tools that let us monitor and plan our spending behaviour in detail and even help us to avoid excessive spending, for example with certain earmarked sub-accounts or spending limits. And of course, technological solutions are always subject to a certain risk of misuse. But we dare to doubt that the inclined citizen will consciously recall the various possibilities of manipulating an ATM every time he or she withdraws cash with a PIN and then make the possibly quite long way to the next bank branch, especially in times of extensive branch deaths.


The reasons against contactless card payments are the reasons for paying with your smartphone
Quite the opposite. On the contrary, the transition to the digital payment infrastructure should be accelerated if security and privacy are to be ensured. In fact, cards can be read. Even though with Near Field Technology (NFC), which is the basis of contactless payment, a maximum of 4 cm can be bridged. So, you would have to get very close to the card to be able to read it. But even if this were to succeed, the stolen data can be used to make a one-off purchase for a maximum of €50 (€25 before the Corona crisis) or up to a total of €150 for no more than 5 consecutive transactions before a PIN is required again. However, if one really wanted to be consistent, one would warn citizens less about the risks of contactless card payment but rather try to get them interested in paying by smartphone as soon as possible.

Through tokenisation, as is usual with Apple Pay or Google Pay, no personal information or payment data is transferred here. Furthermore, the hurdle of misusing the smartphone is much higher than with girocards or international debit/credit cards. Not only would one have to overcome the protection of the smartphone, but the payment app itself would have to be tricked. And with the latest devices this would mean that you would need the victim’s face or at least a thumb. In our unshakable belief in the good in people, we hope that this will be a sufficient obstacle to the potentially small profit, at least for most of us.


No bank account is not a solution either
One point that cannot be dismissed however, is the loss of anonymity through contactless spending. In purely digital transactions, banks and service providers constantly receive information about who, when, where and for how much has been purchased. In my experience, however, in the best case this has the effect of offering more services that are personally optimised for me and in the worst case it has the effect of spamming me with additional advertising, which, in view of the supposedly very efficient evaluation of my data and the associated potential power of persuasion, may tempt me to spend more money.

Anyone who now wants to point out that this form of data protection is not so much about the economic aspect of the service providers and banks involved, but rather about the criminal law interest of the authorities, has certainly not yet experienced the effects that late payment of motor vehicle taxation or sufficiently long delays in the transfer of the so-called tv and radio broadcasting contribution in Germany can have even without digital payment methods. If one would want to avoid this, one would not even be allowed to open an account. And we are certainly not being too far off the mark when we say that the part of the population that consistently follows through on this does not really belong to our circle of readers.


Developing country Germany – also for the digital payment infrastructure
Nevertheless, the admonishers will undoubtedly not get tired of stressing the risks of cashless payment transactions and will continue to believe that cash is still the most important means of payment in Germany and will remain so (quote from the BDGW – who would have guessed it?). Meanwhile, Sweden has set itself the target of having completely switched to cashless payments by 2030. And even for Germany, our colleagues from the management consulting firm Oliver Wyman predict that by 2025 at the latest, the use of volume based cash will be just 32%. And according to Statista, the number of users who will pay at the POS with their smartphone – and thus contactless – will more than triple in the same period (from today’s 6 million users to about 19.7 million).

The increase in the amount that can be paid contactless with the girocard without a PIN (from €25 to €50) as a result of the crisis will certainly contribute to this in future. However, we estimate that in particular the further spread of payment terminals with contactless function and the changing awareness of customers to pay small and micro amounts in food retailing, together with the capping of merchant fees by the MIF regulation, will have an increasingly positive effect on the use of non-cash payment methods.


The bakery trade as a guide to the digital future
Even today, the smaller the amount to be paid, the more likely it is that cash will be used. According to Finanztest, which is a magazine published by the German Consumer Protection Agency, 70% of cash transactions take place in food retailing. In comparison, the figure is 3.1% for furniture stores, 3.2% for garden centres and DIY stores and only 4.6% for clothing or shoe shops. So, Germans are not yet prepared to pay for their buns at the baker’s on Sunday mornings using their card or smartphone. Accordingly, the willingness of retailers to offer contactless payment options in the first place is correspondingly high.

In this respect, it is good news, at least for the supporters of cashless payment transactions, that at least the Central Association of the Bakery Trade has now published a brochure aimed at explaining the advantages of “this new” technology to its members and their customers.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

Mobile Payment – between commodity and individual interests

Mobile Payment - Samsung Pay

Mobile Payment: between commodity and particular interests

POSTED ON 18. OCTOBER 2020 BY David Kruse


A few days ago it was announced that Samsung Pay, the mobile payment service of the South Korean technology manufacturer, will be launched in Germany at the end of October. Samsung has entered into a partnership with the FinTech bank Solaris and Visa and can thus bypass the local banks and savings banks. As a result, owners of a Samsung smartphone – with the exception of the Galaxy J and Galaxy M series or Smartwatch – will be able to pay at the physical point of sale (POS) in addition to the already established checkout solution for e-commerce. In addition to Apple Pay and Google Pay, another payment service with a potential of approx. 20 million end customers will be launched, which may have consequences for the business model and the still awaited digitalisation of the German debit card girocard run by the leading German banks and savings banks. This is underlined by the fact that the major international providers (GAFAs) seem to be mastering the tightrope act of merging an optimal user experience and different distribution channels, while efforts of national interest groups resemble more the timid training run over the safety net. In order to better assess the mentioned harmonisation as well as solutions in mobile payment, it is useful to classify them. For this reason, the first question to be answered is “What is mobile payment” or “How is mobile payment defined”?


What is now mobile payment?
To say it in advance, there is no single, all-encompassing definition for mobile payment. As the name implies, mobile payments are payments that are made via a consumer’s mobile device and do not involve cash nor physical debit or credit cards. Although it is possible to create vast numbers of categories with a granular classification, we have agreed on two main categories for the sake of simplicity. These are called Proximity Payments at POS and Remote Payments in E- and M-Commerce and represent all common use cases that are carried out on a mobile device. We speak of an “Omni-Channel payment method”, as these can be used at stationary retailers (Proximity Payment) and mobile or online (Remote Payment). As a synonym, mobile payment is also often used as “wallet payment”, as these e-wallets store corresponding payment data digitally, but can also contain additional applications such as loyalty, couponing, digital tickets or boarding passes.

Proximity or Wallet Payment is well known to many, especially through Apple Pay, Google Pay, PayPal Wallet and soon Samsung Pay. With this type of payment, a debit or credit card is (usually) digitised in order to use it on a mobile phone for payments. The contact between terminal and mobile phone triggers the payment with the digitised wallet. Google has been using “Host Card Emulation” (HCE) technology since the introduction of Android 4.4. The same applies to the less user-friendly but for the merchant cheaper adaptation of mobile payment, the digital girocard, as offered by the savings banks in the payment app “Mobile Payment”. Apple on the other hand controls the NFC interface with its own software. The required data is summarised and encrypted by the Secure Element. Once the digital card has been loaded into the wallet, the digital wallet can be used like a credit card at the physical POS as well as in e- and m-commerce. In addition to installation on the consumer device, all that is required for this is merchant acceptance and a contactless terminal. Especially the user-friendly payment process via touch or face ID has helped the services to spread in Germany.


Mobile payment with the smartphone: Various forms and providers
When goods and services are paid for via mobile devices in e-commerce and m-commerce, this is called remote payments, as in this case the Internet is the distribution channel. Mobile wallets such as Apple Pay, Google Pay, Samsung Pay or specialised apps can be used for in-app or app-to-app payments. The term app payment describes the provision of payment methods in the form of apps on smartphones. These can be applications which exclusively represent the functionality of the service offered or services which are connected to applications of third parties in order to enable payment functionality for them. A popular example in this context is PayPal, which is used both independently and in the checkout of different online providers.

Based on the number of different versions and the mass of different national and international providers and service providers, it is clear that mobile payment has not only existed since the introduction of Apple Pay. For this reason in particular, the question inevitably arises as to why it took so long for a fairly critical mass to make use of this technology. The answer can be summarised in one term – vested interests.


Particular interest as a brake on innovation
Originally, mobile payment was driven by the German mobile phone providers. With the introduction of premium SMS, they were able to charge for services such as the “Jamba Sparabo”, which lifted some mobile phone contracts and bills into the triple-digit range. Based on this logic, an attempt was also made to depict normal payment processes at the POS. To realise this, mobile phone providers had to cooperate with a regulated e-money institute and a credit card scheme as technology partners. For example, Vodafone and E-Plus used the e-money licence of the now insolvent payment processor Wirecard as well as payWave (Visa Card) and PayPass (Master Card) for technical processing. If there was interest in using the wallet inventory, the customer was sent a new SIM card (NFC-SIM). This card contained the Secure Element, which is still used today to secure sensitive credit card data. In addition, only mobile phones could be used, which were accepted and released by the telecommunications provider. Billing was done via the monthly mobile phone bill. Unfortunately, the product was not accepted by consumers, which led to the discontinuation of various initiatives. This may have been due to the self-positioning of the telcos in the value chain of the payment process, the low number of NFC-capable terminals due to the lack of non-contactless fees of the schemes, or the questionable selection of mobile phones offered. Only after the porting of the secure element to the phone device and the introduction of payment services by the manufacturers, including their marketing budgets, mobile payment gained attention. This, combined with customer-oriented processes from the beginning, simplified usage and the correct interpretation of the term omni-channel, has led to the introduction of mobile payment in many countries.


Paying by smartphone in Germany? A look at user behaviour
Only Germany took its time. A possible reason for this may be the often described phenomenon of the cash-loving society, but also the self-interest of German banks thatprefer to book the share of the interchange or merchant fees demanded by Apple to their own revenue accounts. This went well until the first German bank positioned itself as a pioneer and, with the launch of Apple Pay, entered the battle for the consumer.

In the meantime, it has become clear that the use of the mobile Internet is spreading through all generations in Germany. A study of the Postbank which was conducted before Corona reflects that smartphones have left all other mobile devices behind and are a constant companion of the people in this country. Almost 80 percent of citizens access the internet with their mobile phones, 71 percent via laptops and 58 and 47 percent respectively use desktop PCs and tablets when they want to access the internet. Even before the COVID19 pandemic, the younger customer segments were almost permanently online, and most of them used their smartphones. The lockdown due to Corona and the ongoing measures to restrict contact may have intensified this trend. This user behaviour also has an impact on mobile payment and according to the current Bitkom study, one third of German citizens state that they have used mobile payment by smartphone or smartwatch at least once. In the survey from 2016 this figure was only eight percent.


Catching up or already hung up?
The development of mobile payment in Germany shows that the customer acquisition as well as his interaction with an offered service is essential for survival. That German banks have also understood this becomes clear in the desperate attempt to position the current account as a core customer product. After possible implications of the PSD2 have long been incorrectly interpreted, it remains unanswered whether this is still realistic. It was only when other providers already conquered the market, dominated by banks’ own products that the self-confidence of the supposed top dogs diminished and a clear view of the actual situation became possible. The situation could be similar with the German payment market after the introduction of Samsung Pay. While the German banking industry is busy harmonising different interest groups and their respective payment methods to achieve a multi-channel-capable product and #DK may ultimately mutate from a phoenix to a paper tiger, 20 million consumers will be supplied by Samsung with a pre-installed app in the near future. In addition to customer-friendly onboarding via IBAN and qualified electronic signature, cross-channel payment for goods and services with a digital VISA card and an expenditure overview in the form of a KPI dashboard, this app also offers the possibility of creating sub-accounts and completing financing transactions. In this way, the payment service depicted by Solarisbank has the potential to take over all relevant interactions for the customer and reduce customer interaction with the main bank account to the monthly direct debit of the compensation payment. In this way, traditional German banks lose customers who, after a short confirmation of an acceptance contract, find themselves in the new customer portfolio of Solaris Bank AG. And all this is available for a bank-friendly revenue share based on the regulated interchange of 20 basis points. Samsung has understood that consumers find it difficult to deviate from a service once they have become accustomed to the amenities. It remains to be seen whether this will be accepted as a customer requirement and fact by the competing projects currently being implemented.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

Digital currency: Central Bank Digital Currency? – Cash is dead, long live cash!

Digital currency: Central Bank Digital Currency?

Cash is dead, long live cash!


Cash, that’s always been there, hasn’t it?

For a large proportion of European consumers, there is no more commonplace activity than exchanging goods for money in any form. This natural behavior  makes it clear that many are no longer aware of the origin of the euro, or of its journey since its creation. This is remarkable, especially since the last currency reform, which resulted in the abandonment of national currencies such as the German mark or the Dutch guilder, was only 18 years ago. Now that the ECB is discussing a no less radical reform of the European monetary area, a little refresher of our opinion is in order.


Cash and the evolution of payment

Cash or the physical value of national currencies, as well as the associated purchasing and exchange power, has undergone various stages of evolution since its introduction. After the first transactions carried out as barter deals, it quickly became clear that a value independent of the exchange interest had to be created, which would find broad acceptance. At first these were shells, later coins. The first token was created. The logistical disadvantages of a coin currency, the weight, soon became obvious and Europe became the first “Copycat” of China by introducing a paper currency. Since this introduction in the 15th century, there should be no payment innovations in the sense of Schumpeter’s creative destruction, except for the addition of plastic money.


Digital currency: Europe, a single cash country

It was not until 2019, with the launch of the digital Euro initiative, that the way in which payments are made in Europe was looked at more closely for the first time since the Monnet project was terminated in 2012. This observation was less a result of the European Central Bank’s own initiative or desire for innovation than a reaction to the introduction of a digital yuan in China. This project was gratefully adapted by America as an iterative innovator in the form of the digital dollar in 2020. Unfortunately, unlike China, Europe has not yet succeeded in getting over 90% of the population hooked up on a QR Code based payment wallet, which is as advanced as the Apple Store. This automatically raises the question of whether the blueprint of a currency reform forged in China can be applied to Europe. Especially in Germany, which uses the advantages of cash like no other in Europe, this question must be asked critically. Beyond the consumer perspective, the role of the banks as well as the retailer acceptance must also be evaluated. In order to be able to classify these developments, we have dealt with the topic of Central Bank Digital Currency (CBDC).


As mentioned at the beginning, Europe is by no means in the vanguard of discussion and strategic planning on the introduction of a digital currency. Similar to the European Payment Initiative (EPI), formerly the Pan European Payment Systems Initiative (PEPSI), one can speak from the outside rather of the embodiment of asnooze button user, who now jumps out of bed. This manifests itself in a newly formed working group, which is dealing with European implementation models consisting of the Chinese state digital currency in combination with the stable coin approach of the Libra Association. Stable Coin is defined as a block chain-based currency, which hedges monetary values by depositing Fiat money without exchange rate fluctuations. In this way, cash in its current form as a means of payment would be replaced by digital tokens, stored on a decentralized account management system and returned to the circulation of money in the form of a wallet.


To what extent are the potential users ready for a digital currency reform like CBDC?

The advantages communicated by the ECB lie not only in the constant supply of consumers and the improvement of hygiene in times of Corona, but also in the digitalisation of an aging financial instrument whose current form of existence is open to debate. It is questionable whether only the almost altruistic focus of the ECB on the end user carries weight in the decision to introduce  such a stable coin or whether other reasons are no less relevant.



Even if the above-mentioned advantages for the consumer make sense, the question remains whether they are sufficient to convince German and European cash lovers. Apart from the purely psychological component, which justifies the possession of cash as a means of payment for many, there is also that of data protection, since cash is anonymous. A devaluation of the social score or the ranking of an insurance company after buying a pizza is therefore not possible. Cash can also be used to deal with the failure of technical infrastructure. Although the digital euro is to meet the same data protection criteria as the physical version in the ECB’s marketing, this is, to put it mildly, unlikely from a point of view of the Money Laundering Act and the prevention of terrorism alone.


It is also worth mentioning in this context that cash in its current form cannot experience a negative interest rate. Even before the ECB’s massive bond package was passed and the associated speed of interest rate declined, consumers knew that their €10 notes would still be worth the same in the evening. Even if we are going too far here, the question of “who guarantees that the E-Euro will not become a financial product dependent on the financial markets and similar to a demand deposit?” must be allowed, right? From the consumer’s point of view, widespread acceptance is therefore questionable.



Nevertheless, the obvious advantages are communicated to merchants. In addition to the reduction in effort – on average seven steps are required from the acceptance of cash to crediting the account – cost savings are also emphasized, since processing cash as a payment is relatively more expensive for the merchant than the fee to be paid to the acquirer / network operator. But here too, disadvantages are obvious. In addition to possible additional costs of the acceptance to be set up at the terminal, the dependence on 100% availability and the resistance of the end customer to pay virtually for all items with the E-Euro, the last cash receipt that is smuggled past the cash security regulation would also be documented in future. So, if a merchant did not see the benefits already listed as a wake-up call to convert to “card only”, the question of why remains.


Why does the ECB now seem to be pulling out into the fast lane?

Even if the German cash affinity seems less relevant at the European level, the ECB’s sudden interest is not entirely conclusive at first glance, especially since other innovations such as Alipay as a digital ecosystem have provided little momentum in Europe apart from tax advantages for the user. One obvious point is the momentum created by other nations (China) and institutions (Libra Association), which increases the pressure on market participants to act. Even classic credit card brands like Visa and MasterCard are expanding their fields of activity in this direction. A possible reorganization of the fee model in a post-card scheme fee era is certainly a pleasant side effectin this context. Furthermore, an expected cost saving in money creation may be a possible driver. Since this is financed by taxes it would certainly gain in relevance with an euro that show no sign of abrasion , is not created or destroyed and is secure against fraud. As a side issue, the reduction of anonymity, which is “exclusively useful in the fight against terrorism”, is worth mentioning. In this context, the question inevitably arises as to whether consumers will in future hold an account with the ECB and thus make the current banking structure obsolete in terms of cash supply. Besides the expected chaos when opening an account and the confusion among end customers as to why an account at the ECB now exists, the lack of customer interaction could also have implications for the up-selling strategy of financial products in the retail banking sector. Finally, questions regarding the implementation of this strategy are also being discussed. What is the maximum amount of money that can be given away for daily use? Is there a danger of treating the currency as deposits, since they are only presented on the wallet in the form of fiat money? Is there an obligation to disclose suspicious cases that fall through the grid in the current situation?


Although the working group that has been set up has most probably examined all facets of the issue at hand, there are potential stumbling blocks before the pilot project launched in France can be replaced by a regular operation in the European currency area. Contrary to the “never change a running system” doctrine of many, it is to be hoped that these will be removed in order to sharpen the EU’s digital profile in banking and payment on an international level.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„European Payment Initiative: Third time’s the charm…or 4th?!“

European Payment Initiative: Third time’s the charm…or 4th?!



The next european payment initiative


Over the last two decades, a number of well-known European companies and institutions have come together to push forward the development of a single payment system for the euro zone. Under names such as Monnet, EAPS or PayFair, banks and payment service providers in particular wanted to join forces to make the locally very heterogeneous payment infrastructure universally available and future-proof with innovative concepts. After all initiatives failed equally, a new attempt is now apparently being made under the leadership of the ECB and the European Commission, with the European Payment Initiative (EPI). Considering various comments and communications from the circle of initiators, one thing seems to be certain – not innovative payment systems are to ensure competitiveness in the future, but rather an enhanced SEPA system ought to protect Europe from it. Although a decision on how to proceed with the initiative was already expected at the end of 2019, things had become surprisingly quiet around the topic in the meantime. At the beginning of April, however, a list of questions from the European Commission has surfaced. It asks interested parties to answer questions about the future retail payments strategy of the EU. As the topic could become relevant again in the short term, it is worthwhile analyzing whether such an initiative is likely to be successful according to our current understanding.


A Pan-European Payment System? Hasn’t there been something before?


One might think, that sounds somewhat familiar, when reading the not so recent news about a new initiative for a single European payment system. How was it back in 2010? Representatives of 24 banks and European institutions are meeting in Madrid to launch the so-called “Monnet Project”. It should be designed to create a new “pan-European card scheme”. The project was launched 2 years earlier by major German and French banks with a feasibility study. This study came to the – very welcome – conclusion that a cross-border payment initiative would contribute to the standardization of the fragmented European payment market and thus to the development of innovative and sustainable concepts. Basically, however, it was simply a matter of not having to give up any further market share to the established market leaders MasterCard, Visa and the relevant FinTechs from the USA and to regain European data sovereignty. However, by 2012 the great ambitions had vanished into thin air and the project was cancelled eventually. Allegedly due to unclear circumstances regarding the regulation of card-related interchange fees.


2020: Payment systems between the dominance of credit cards and new digital currencies


Now 10 years have passed. The international credit card companies have continued to gain dominance in Europe – as early as 2016, according to the ECB, 67.5% of payments by cards, issued in the EU, have been made through the MasterCard and Visa systems. More or less innovative payment methods have sloshed over to us across the big pond and besides private consortia like Facebook, several countries are already working on future-oriented concepts for digital currencies. And what is it that you can read in the news these days? 20 European, particularly German and French, banks have joined forces in an initiative with the goal of developing a “pan-European payment system” based on the SEPA Instant Settlement Mechanism. What is striking is that almost the same institutions are represented as in the year 2010, but instead of a “card scheme”, a uniform “payment system” is now to be created. However, and let us be clear about this, the change of name does not reflect a desirable expansion of the results space. It is rather the regrettable realization that we have missed the moment until which we would have still been able to fight fire with fire (i.e. when the dominance of the card giants could have still been broken with an own innovative card offering).


The EU and the great fear of innovation


With the pan-European Payment System Initiative (short EPI, or formerly known under the working title PEPSI, until apparently a US soda company came across this abbreviation and wasn’t too happy about it), it seems that the local banks want to make a new attempt, initiated and led by the industry, towards an independent European payment solution. In fact, however, various sources suggest that it is not the banks that are the driving force here, but the ECB that is responsible for the recent push, and that the fear of overpowered credit card providers and FinTechs from overseas is once again playing the decisive role. In a commentary on EPI, former ECB board member Benoît Coeuré, for example, warned that “the European authorities see American payment providers in particular as a significant threat to financial stability in the eurozone”. And European Commission Vice-President Valdis Dombrovskis affirmed that “the European Union’s ability to develop cutting-edge innovations in certain strategic technologies will determine the degree of sovereignty of our continent”. And payment transactions count as such a technology. As no comments have been received from the banks involved to date, suspicions are growing that, similar to 2010, the current initiative does not appear to be a technologically driven but rather a politically driven venture.
In contrast, the initiative launched by the German banking industry with the working title #DK, for example, seems to be pursuing the right goal. Here, the payment assets at the POS (girocard, bluecode) as well as in M- and E-Commerce (Paydirekt, giropay, bluecode, Kwitt) are to be integrated into a consolidated system and placed under uniform corporate governance. It remains to be seen to what extent the topic will be approached objectively and in the best interests of the market and customers respectively. However, since it can be assumed that the players in EPI and #DK are the same, it will be exciting to see what dependencies and implications will arise between these two projects and if the parties are able to use them prudently or get bogged down again.


Europe’s dependence on international payment systems


One of the first questions that naturally arises here is whether the fear of losing sovereignty is justified. And there are certainly points that cannot be dismissed. For example, we can observe at the moment that the USA is increasingly seeing sanctions as a legitimate political tool. And this trend is also increasingly influencing European market participants. In the Iran conflict, technological dependencies meant that companies from Airbus to Siemens simply had to stop trading with the Islamic Republic, since the processing of payment flows is handled via the Belgium-based SWIFT messaging network and the supervisory board consists of representatives of major American banks, among others. In Russia, similar conflicts have already led to the development of the national payment system MIR, after MasterCard and Visa briefly stopped providing services to Russian banks when they annexed the Crimea. But there are also concerns in general, of course, when payment flows are processed via networks outside the eurozone. European institutions have no authority over international providers and only limited supervision. However, the issue of security could be much more serious, as a common currency area is of course much more vulnerable to attacks and disruptions from the outside.
But how dependent is Europe actually on international providers? After all, there are domestic card and payment card providers operating in this country, too, who do not depend on the infrastructure of transatlantic companies. For example, if you look at card sales in the seven largest economies in Europe, it is clear that local card systems, such as girocard in Germany or Carte Bancaire in France, dominate. Despite the coexistence of MasterCard and Visa systems in these countries, they have a considerably larger market share. Moreover, there is virtually no competition in the SEPA credit transfer or direct debit area and regional, alternative payment methods such as Klarna, Sofort or Trustly are becoming increasingly important. So, is there no reason to panic?
Well, as mentioned above, even with non-card-based payment methods, a certain transatlantic influence cannot be ruled out. For example, among others, interbank communication in SEPA transactions is handled via SWIFT. In addition, under US supervision, this service provider is also one of the official certification authorities for the global messaging standard ISO 20022, which is considered the new standard for all credit transfers via the TARGET system. The Real Time Settlement Systems of the ECB (TIPS) and the EBA (RT1) are also geared to this standard. As a result, neither traditional nor future transactions in the SEPA network are fully under European control.
And even if local card schemes dominate in the respective countries, the lack of interoperability of regional infrastructures means that the vast majority of cross-border card payments are already co-branded, i.e. made through the MasterCard or Visa system. Not to mention the fact that in the remaining European countries, which do not have their own card network, the international schemes are already leading.


Digital payment solutions will not save Europe


Now one could argue against the fact that the development in payment traffic is increasingly moving towards digital solutions and at the expense of card payments. But apart from the fact that here too the leading providers are so-called Fin- or Bigtechs from the USA, these methods are also predominantly based on the underlying card infrastructure. For example, with the wallet solution from PayPal, a Master- or Visacard is usually deposited next to the bank account, and even with ApplePay a credit card is still necessary until the savings banks have finally managed to make their girocard digitally available. However, it is much more important that, for digital payment methods, the front end is decoupled from the back end. This means that the access to the customer, which is important for every payment provider, is separated from the actual processing service. The card issuer is demoted to a pure technical service provider without access to the so important customer data. Only the original provider of the payment solution then has access to information about the type of transaction, value and individual preferences of the customer. And, as we all know, they are more likely to be located in America than in Germany, Denmark or France. Or even more so in Asia, where with the Tencent all-in-one chat solution WeChat, with integrated payment function, and AliPay, the next major competitors for market leadership in international payment transactions are already in the starting blocks.


Payments: a question of simplicity and cost efficiency, not of nationality


However, fear is and has never been a good advisor, although in the current corona crisis it seems that decision-makers are driven solely by it. This is especially true when it comes to technical innovations. In a world of global trade, it is really questionable what value market participants will attach to an initiative whose declared aim is to strengthen national identity. Don’t get us wrong. Harmonization of the fragmented payments market would be welcome. The multitude of national payment systems and methods is confusing and inefficient. But like all social and economic measures, initiatives in the payment market must be measured against their achievement of objectives. The acceptance of new forms of payment, however, is generally measured in terms of simplicity and cost efficiency rather than by the degree of isolation.


Modern problems require modern solutions, just not in the EU?


While on a global level the abandonment of entrenched paths is seen as a necessary prerequisite for innovation, the European institutions are seeking their salvation in the tried and tested SEPA Retail System with EPI. In the form of the SCT Inst. procedure, at least with the possibility of booking credit transfers and direct debits instantly and along with the commencement of the PSD2, the opportunity to transfer this concept to non-banks (keyword: open banking). But where is the added value for end customers and merchants? Once I as a customer have deposited my card with PayPal, why should I switch to a SEPA-based service? With this I can transfer money instant today and do not need to provide any additional information except an e-mail address. The transaction does not cost me anything and if necessary, my purchase is even secured by buyer protection. When transferring money via the SEPA instant settlement system, however, there is no way to protect myself against fraud. Once the money has been transferred, I can no longer retrieve it.
For merchants, on the other hand, there would certainly be advantages. A direct credit to the company account is very advantageous for them. Especially in connection with the fact that the customer cannot charge the money back. It can also already be observed that merchants are successfully circumventing the complicated and expensive cost structures of credit card providers in favor of providers with account-to-account (A2A) solutions (e.g. in the aviation industry with IATA as PISP). But ultimately, the end customer is still the decisive factor in determining which payment methods will prevail in the market and so far we have not been able to identify any solution in the market or on the horizon that can compete, for example, in terms of simplicity and speed with contactless payment at the POS to avoid the “party at the checkout”. It is therefore at least bold to assume that merchants will give preference to alternative, locally limited payment methods due to protectionist considerations of the European Commission.


Instant payment systems as a special challenge for banks


And even for the banks, the effects are anything but clear. With SCT Inst. they are moving back into the focus of the transaction. They can offer their customers a payment procedure that is attractive not only in stationary trade but also in e-commerce. But the SCT Inst. procedure also presents them with much greater challenges. For example, although the rules and regulations stipulate the speed of message transmission, the maximum amount of a transaction and the reachability, they do not cover the clearing and settlement mechanisms (CSM). Thus, the provision of the transfer amount on the recipient account regularly coincides with the actual receipt of the money. Depending on the transaction volume, however, delayed and guarantee-based settlement places considerable demands on the bank’s liquidity management. This means that banks must first develop their own approaches in order to be able to offer customers attractive instant payment solutions without taking too much risk of their own.


EPI: The initiative that nobody asked about?


Given the different needs and challenges, the question ultimately arises as to whether individual interests are at least adequately represented in the group of initiators. From the point of view that EPI does not appear to be a technological but a political initiative, it is probably understandable that in none of the reports that have been read on the subject so far do the names MasterCard or Visa appear as partner companies. It is certainly understandable to the extent that one wants to defend oneself against the market power of the companies mentioned. But in terms of creating a new European payment system, it is rather difficult to understand. One would think that the German banks in particular have learned from their mistakes with Paydirekt. Here the implementation of a quite good idea failed because of the inability of the initiators to really involve all relevant market participants in the product development from the beginning. However, neither the key companies of the successful “four-party system” of banks, acquirers, cardholders and merchants are included, nor does it appear that there are any plans to involve well-known European payment service providers. Yet it is precisely companies such as Adyen, Worldline or Nets that ultimately guarantee access to the merchants
But as already described at the beginning, this time the banks can probably not be blamed. Obviously, it is the European Commission and the ECB, united in common cognitive dissonance, who are shouting: “now more than ever”, while the rest of the world is actually already working on innovative concepts. Perhaps one should just listen to the institutions that one is supposed to be representing. An example is the association of over 200 banks and FinTechs in Germany under the umbrella of the Bankenverband. As early as 2019, the members explicitly stated that they see “programmable digital money” as an innovation with the greatest potential to become the decisive key component in the next step of digital evolution. This is particularly true in terms of cost efficiency, simplicity and (listen closely European Commission) competitiveness. In the age of the “Internet of Things” and with 5G in the starting blocks, the fast transmission of XML messages limited to Europe is unlikely to be a competitive advantage in the long term. Then we will talk about payment processes that do not play a role at all today. For example, when an autonomous e-car drives to a charging station and pays for the amount of fuel directly using crypto or digital currency in the future. Perhaps, a bank will then no longer be needed. The money is booked from the payer’s wallet directly into the recipient’s wallet on the basis of a corresponding digital transmission technology.


Regulatory frameworks: the be-all and end-all for a competitive environment for innovative payment systems


However, „this requires the creation of the appropriate regulatory framework,” says Gilbert Fridgen, founder and head of the Fraunhofer Blockchain Laboratory. And the companies of the banking association express the same opinion. According to them, the legislators and regulators should create the necessary basis for digital innovations and the private institutions would already be doing their part to develop a sustainable and innovative currency system. It remains to be seen to what extent the banks are actually prepared to continue sawing on their own branch. However, especially with regard to technical innovations, the creation of a competitive environment that is favored by regulation is probably more conducive to achieving the goal than the cementing of market structures that are not very future-oriented, due to the alleged loss of national sovereignty.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„The future of commerce: the end to payment competition?“

The future of commerce: the end to payment competition?



Payment is not an end in itself


Payment is a growth market and exciting start-ups, new payment methods and interesting partnerships are emerging almost daily in 2020. Exorbitant sums are being paid by private equity firms and other market participants for payment companies, always in the hope of even greater growth and profits in the future. However, one should never forget that payment is not an end in itself. No one needs payment for the sake of payment. Payment is needed to enable trade. The exchange of goods and services for monetary value is the very purpose why payment services exist. It helps the many companies and people to sell their goods and services to other people and market participants. It is clear that customers and consumers like it when this is done as simple and smooth as possible. But probably no one would object if the annoying process of “payment” could be dispensed completely. Especially against the current background of the corona virus and the transmission of viruses via cash or payment terminals, many merchants point out the advantages of cashless and ideally even contactless payment. This leads us to a far-reaching thesis: the holy grail of payment would be to abolish itself – to make payment redundant. Well, maybe not redundant, but just to take a back seat and integrate seamlessly into the processes. That means completely silent. Without interaction.


Queuing up at the checkout is optimised


For some time now, the large supermarket chains EDEKA and REWE have been introducing services such as self-scanning for checkout as pilots in Germany, and much earlier abroad. If possible, the actual work should be outsourced to the end customer, with cashiers becoming increasingly redundant or reduced to a monitoring function. Unfortunately, one last process step is still left over – the customer still has to pay. The customer should also be relieved of the payment, and so concepts such as Amazon Go are currently being developed. Consumer electronics retailer Saturn is also experimenting with this type of easy and seamless checkout, and retailer chain Real is also piloting such tests. What they all have in common is that in one way or another they are trying to completely automate or eliminate the process of “putting goods on the conveyor belt and paying”. In some cases, customers have to use an app to scan the goods themselves and then pay for them in the app or at a payment terminal. Ideally, the customer simply walks out of the store with the goods in hand, smart technology recognises the customer and the goods and settles the purchase fully automatically, as for example with Amazon Go. The customers simply receive their receipt or invoice in the app or via email as soon as they leave the store. This payment process, which is very simple from the customer’s perspective, is already known from the Uber product. Everything the customer might notice is the debit on the bank account or he sees the debit on the credit card statement. For this purpose, the customer has usually registered somewhere beforehand, e.g. in an app, stored his desired payment method and authorised the payment once. The special thing about these processes is that they are remarkably similar to those used in e-commerce. The big difference to payment at the POS is that the customer no longer decides how to pay for each purchase, but rather only defines this once and authorises it accordingly for any payments in the future. Accordingly, this stored payment method is set forever or, in the case of credit cards, until the validity period expires. The competition of payment methods is over, the payment method is predefined and permanently stored. Amazon as the relevant player in eCommerce is increasingly transferring its expertise from the online world to the offline world. After the purchase of Whole Foods, Amazon is now experimenting with Amazon Go with its own physical stores and has already announced to offer this technology to other merchants.


IOT quickly becomes machine-to-machine payments


In 2020, more and more everyday devices are connected, will be smart and increasingly independent. This refers to widely used devices such as Google Home or Amazon Alexa, but also to the German’s favourite toy, the automobile. It won’t be long before the car can independently trigger payment at the gas station. The first initiatives such as Shell SmartPay or BPme are already moving in this direction. Paying without carrying out the actual payment process is already possible in voice commerce with Amazon Alexa. When ordering by voice, the shopping experience is reduced in extreme cases to a few words such as “Alexa, order new toilet paper!” In times of Corona, where toilet paper mutates into a status symbol, maybe not so bad. No more lenghty article selection with price comparisons and reading reviews. The decision on the choice of payment method? This has been done once during setup and will never be considered again. The payment is simply executed. Also at this point there is no more competition between payment methods.

Merger of POS and eCommerce leads to standardisation of payment methods

Omni-Channel is another important trend in retail. As a big buzzword driven through the village by the payment industry, this trend is slowly making its way into reality. Customers expect and demand a uniform shopping experience and the dissolution of the boundaries between stationary trading and online commerce. For customers of various retailers, it is now a matter of course to exchange goods purchased on the Internet or mobile in the next shop and vice versa. If a desired article is not available in the store, it can be delivered to the customer’s home without any problems. The customer expects a consistent experience, the stored shipping address should be as known to the stationary shop as to the online shop. The same applies to the payment methods. Seamless transitions, refunds and payment options. All a matter of course from the customer’s perspective. For companies, merchants and payment service providers, this means ample conversion measures, standardisation and harmonisation of legacy IT infrastructures, adaptation of ERP systems and processes and, above all, for service providers, of course, that they have to offer a one-stop solution. The retailer needs everything the customer demands for his business. All major payment providers have now adapted to this more or less well and optimised their systems, services and solutions. This shows that the two worlds not only converge, but that there can even be overlapping, integrated and interactive retail management processes. It is clear that this will also lead to the standardisation of payment alternatives and this is already being perceived as such.


The future of payment is the background


Handing over your hard-earned money is rarely fun. Agonizingly slow processes, tedious input of security features and remembering all those 3DS passwords… nobody really wants that. And a merchant only wants to make sales, i.e. conversion. The only ones who seem to like the complexity are the regulators that have just raised the bar a bit higher with the PSD2 and will make it a bit harder for the consumer to pay. Enough reasons for customers to mature their wish to banish this unpleasant process from their field of vision to the background. Paying with a quick look at the mobile phone (FaceID & ApplePay or Google Pay), a short button click (PayPal OneTouch) or simply walking out of the store (Amazon Go) – the actual payment process moves into the background and will be best if made almost invisible. Those who are able to place themselves first in this big trend and which the customer saves as his preferred payment method will be the winners of the next big era of payment. The less the customer has to do actively to participate in the payment process, the better customers will find it in the context of a value-added shopping experience. And then nothing will change for a long time. Why should the customer change his payment method when everything works quietly in the background? What incentive would he have? I mean… probably none or the payment provider has to buy the preference at a high price…


Making something appear simple is usually the biggest challenge


Apple invests millions, if not billions, in the development and design of its products. It is no coincidence that iPhones are so easy to use and have a very simple design. Anyone who has ever tried to paint a picture or design a website knows that it is incredibly difficult to make things look elegant and chic or to make an end-user process feel natural. The same is true when you’re trying to move payment in the background and make everything look easy. In depth, payment is incredibly fragmented and complicated. There are a multitude of protocols, regulations and market participants involved. The recent regulations on Strong Customer Authentication with the Payment Service Directive 2 and the new standard 3DS 2.0 that comes with it alone are dizzyingly complicated. Looking at Germany, the very decentralised and inhomogeneous POS infrastructure in particular is a major challenge. In order to achieve the necessary degree of standardisation and harmonisation here, which will be necessary to make the world of payments virtually invisible to the end customer, major challenges will arise for payment service providers, network operators, acquirers, merchants, schemes and regulators alike.

Just how challenging standardisation can be if it is to be achieved in an international context can be seen impressively in recent years in the attempt to introduce a uniform plug standard for charging mobile phones. The EU has been trying to push this forward for years and manufacturers, above all Apple, are becoming increasingly creative in circumventing EU regulations. The payment world will face similar challenges. None of the providers in the value chain will have any great interest in making themselves redundant and hiding in invisibility. The race of the payment providers to become the “all-rounder-Omni-Channel-one-stop-shop-payment-service-provider ” will continue in 2020, because everyone wants to be able to offer exactly that to their customers. Everything from a single source, seamlessly integrated, largely in the background and yet still earning good money as a company itself.

We are very excited to see which payment provider will be able to solve all these challenges of his business in the best possible way. It is clear that the distinction between online and offline is becoming increasingly blurred and representatives of both milieus are trying to cover this seamlessly…


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„Fiscalisation: New cash registers for retailers in Germany?“

Fiskalisierung 2020 in Deutschland

„Fiscalisation: New cash registers for retailers in Germany?“



Fiscalisation will come into force in Germany on 01.01.2020.

The primary objective of this measure is to curb the generation of black money by documenting each transaction that has occurred. In a letter from the Federal Ministry of Finance dated 06.11.2019, it was announced to the contrary that merchants would be granted a further period of grace until 30.09.2020. The letter describes that merchants without an installed technical safety device for documentation purposes, do not have to fear any penalties until the deadline expires. Despite this transitional period, fiscalisation raises more questions than answers for merchants. In particular, it has not been fully clarified how the implied changeover will take place, what rules will apply and what will happen in the event of non-compliance. For this reason, the following blog article addresses the most persistent myths and subsequently deals in depth with the subject of fiscalisation.


The cash register obligation comes to Germany!

Fiscalisation and the associated “Cash Register Anti-Tampering Ordinance” (KassenSichV) are not to be confused with a cash register obligation. An obligation does not exist in Germany and is currently not planned, since the administrative expenses caused by this would be disproportionate from a cost-benefit point of view and it would involve a considerable high administrative burden. This applies in particular to weekly markets, community/club festivals or farm shops and street vendors as well as to persons who do not offer their services at fixed locations. Moreover, exceptions would not be legally definable. Thus, the range can go from an open cash register, through a mechanical cash register up to an EDP cash register.


I need to buy a new cash register!

Reality: If the cash register has been purchased later than 25.11.2010 (§ 30 Abs. 3 zu Art. 97 EGAO), GoBD compliant and cannot be upgraded, a transitional period until 01.01.2023 applies. If the cash register can be upgraded, the upgrade has to be done by the cash register system manufacturer accordingly.


Certified cash register system: Cash registers must be certified from 01.01.2020!

No, only the technical safety device / software must be certified. This device consists of a security module, which logs the cash register entries at the beginning of a recording process to prevent subsequent manipulation, a storage medium, which stores the individual records for the duration of the statutory storage obligation, and a holistic, digital interface to ensure smooth data transmission for auditing purposes. As already mentioned at the beginning, despite the entry into force of the KassenSichV, for the time being there will be no sanction for violations of implementation.


The KassenSichV comes into force on 01.01.2020?

Yes, the KassenSichV will officially come into force on 1 January 2020. However, the letter published by the Federal Ministry of Finance dated 06.11.2019 shows, that recording systems within the meaning of §146 of the Fiscal Code (Abgabenordnung, AO) which do not have a technical safety device will not be objected to until 30.09.2020. This also means that the digital interface of the fiscal administration for cash register systems (DSFinV-K) published in August 2019 is not applicable.


What exactly is a fiscalisation? Am I GDPdU and GoBD conform and what has the paragraph §146 AO to do with it? Do I have to buy a new cash register/tablet or even exchange my hip cash register system in a slim design into one of the chunks from the old days?


Computers and the associated possibilities are part of everyday life today. This also applies to the electronic processing of data. In the course of the last century, systems for bookkeeping reconverted from their original, paper-based version to electronic systems for bookkeeping. Unfortunately, these electronic accounting systems have often been misused to allow unverifiable manipulation of sales data and the related evasion of taxes and social security contributions. In order to limit this evasion, in the 1980s the first data carriers were utilized to store sales data. The resulting process, aimed at storing sales data and thus the public treasury, became known as fiscalisation.


Almost 40 years after the first fiscal storages were used, a comprehensive ordinance, the so-called KassenSichV, should be developed and enforced for the electronic cash register landscape. The fiscalisation of electronic cash registers and their requirements serves exclusively to fight merchants who process funds tax-free and thus gain a competitive advantage over those who declare their sales turnover properly. This topic has special relevance, since current cash register systems have back doors installed, which can be exploited by users. Multiway, a cash register system manufacturer mainly for Asian restaurants that apparently made it possible to cancel booked items in order to evade taxes, caused quite a stir with this function in early 2019. In some cases, the will to evade taxes goes so far that customers only purchase a new cash register if it allows the cancellation of transactions without evidence. Thus, a state regulation – which would not have been necessary if the manufacturers of cash register systems had consistently complied with the regulations – would not only reduce potential black money but also eliminate the financial advantage of evading merchants.


In order to gain a better insight into the forthcoming fiscalisation of the German cash register landscape and its requirements, some terms such as GoBD, Kassensicherungsverordnung or §146 AO must be clarified.


The GDPdU or “Regulation on data access and auditability of digital documents”, which came into force on 01.01.2002, for the first time held the tax payer accountable by contributing to an administrative regulation. As a result, merchants had to archive all tax data for 10 years and make it available to the tax authorities during an audit if required. On 01.01.2015 the GDPdU was replaced by the GoBD. The GoBD or “Principles for the proper keeping and storage of books, records and documents in electronic form as well as for data access”, contains as administrative regulation that an immutability of the data must be given. In addition, the individual recording obligation as well as the possibility of data export in a predefined format belong to the general principles of the GoBD. The simple storage of cumulative shift sales in the form of so-called Z-reports, i.e. the day-end closing reports at the cash registers, is not sufficient. Compliance with the directive on protection against manipulation must be guaranteed by the cash register manufacturers. However, actual control lies with the competent tax offices. In this context relevant, neither the GDPdU nor the GoBD have the enforceable effect of a regulation, since only the principles of orderly bookkeeping (GoB) are regulated in the Fiscal Code. Due to the fact that the Ministry of Finance has not made a clear statement as to which criteria an electronic cash register must meet in order to be compliant, the GoBD does not necessarily offer legal certainty.


In contrast to GDPdU and GoBD the KassenSichV is a regulation of the Finance Ministry which prescribes as obligatory new standards for the prevention of manipulations at cash registers. The KassenSichV of 26.09.2017 is based on the Act on Protection against Manipulation of Digital Basic Records from 16.12.2016. From 01.01.2020 onwards, cash registers in Germany whose design permits it technically must be equipped with a so-called technical safety device (TSD). The security device stores the transactions of the cash register in its internal memory and returns a code to the cash register. This code shall be printed on each sales receipt. The data must be stored in a protocol that can be exported by the tax office. Cash registers purchased between 25.10.2010 and 31.12.2019 which cannot be upgraded may be renewed until 31.12.2022.


Although the terminology has now been clarified, the question of legal enforcement and the consequences for merchants in the event of non-compliance remains. The regulations for reviewing transaction data states that a cash auditor may enter the shop unannounced during normal business hours and observe the use of the cash register (no identification requirement; keyword test purchase). In addition, the auditors may require the management (or a qualified representative) to conduct a cash check (ID card requirement). In addition to business premises, this also applies to sales vehicles, e.g. food trucks. If the audited records are not sufficient, an external audit may be ordered. Anyone who concludes after this vast amount of information “Fair enough, but what happens if I continue as before and in the worst case pay a fine” should be warned at this point. If non-compliant cash register systems (including security devices) are used, the merchant may be fined with up to 25,000 euros.


The aim of the KassenSichV is to determine and prevent the subsequent manipulation of sales data. Here, the audit is conducted based on the export of the cash register journal as well as evaluation data, programming data and master data change data, which is examined by a software of the tax offices. The necessary technical safety equipment consists of a safety module, a storage medium and a digital interface, which enables the export to be read out. In the future, documents from compliant systems will have a continuous signature including unique information from the previous document/receipt. This signature is stored encrypted in a security module and can therefore not be changed. If the chain of signatures is interrupted, you can quickly find out where a manipulation took place. This module must be accessible consistently, since communication between the cash register and the security module takes place not only during signature creation, but also when articles are entered. Due to this constant accessibility, there is a clear implication that cloud-based cash registers may no longer be able to work offline from 01.01.2020 onwards, if this results in an interruption of communication with the module. For this reason, contact should be sought with the cash register system manufacturer, as the latter must provide the solution or software for his system.


With this short summary of the not entirely new idea of German fiscalisation and the answering of the most important questions, the question remains with regards to the conclusion. There is no dispute that Germany is a country with an affinity for cash. It is also not disputed that not every euro is properly documented with the tax authorities. However, the question remains as to whether the implementation via new cash register systems is really the solution to the problem of tax evasion or whether it does not even create others. What are the implications of paper-based receipts in an increasingly ecological society? Is it appropriate to establish a closed standard in an open source working community? Is the tax money evaded in the form of cash really reduced by the defined exceptions?


These questions have not yet been answered. What is certain is that the law, which will come into force in January 2020, will remain ineffective if standards are not clearly defined and enforced by an adequate number of auditing personnel.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„The SCA launch: a 5-minute instant soup?“

PAY SCA Visions Fullsize EN

„The SCA launch: a 5-minute instant soup?“



On 14.09.2019 the martyrdom of European payment diversity in electronic payments began

What has happened so far …

When the European Commissioners were considering an amendment to the PSD1, which came into force on 1 November 2009, the desire for greater security in electronic payment transactions was one of the driving factors, along with the idea of a level playing field in the payments market. Very noble and also challenging goals, which were certainly owed to the market events in the electronic payment industry.

Strong Customer Authentication (SCA), as one of the driving factors in the PSD2, should reduce the problem of uncontrolled misuse in electronic payments by allowing electronic payments to be doubly secured through independent authentication procedures. So far, a really commendable approach, which should help to get the fraud problem under control.

For the implementation, however, a definition of a catalogue of requirements was required, which had to describe exactly this so-called two-factor authentication (2FA) in the payment systems of the EEA payment service providers. In accordance with the motto “many chefs spoil the broth”, the star chefs of the European Banking Supervision Authority (EBA) were put in front of the stove in Europe, supposed to cook exactly this soup with the ingredients of the Strong Customer Authentication (SCA). The EBA soon found out that the ingredients for preparing the soup were not clear to them and asked his assistant chefs – the payment service providers – how the composition of the soup should be made. By the time this survey and information gathering was complete, our star chefs had written down their recipe in the Regulatory Technical Standards (RTS).

And now the great cooking began…

From water pot to finished soup …

On 27 November 2017, BaFin adopted the “Delegated Regulation (EU) 2018/389 of the Commission of 27 November 2017 supplementing Directive (EU) 2015/2366”, the German implementation of RTS. So the RTS now manifested the basic technical rules in the German text of the law that were supposed to make the SCA soup boil – and preferably with a pleasant taste for everyone. At the same time, 14 September 2019 was mentioned as the target date by which all EEA payment service providers must authenticate their electronic transactions according to a “new reading”.

However, card-based payment transactions are based on the networks of the large credit and debit card organisations (VISA, MasterCard, American Express, JCB, Diners, DK, etc.). Exactly these scheme operators have now been ordered to draft a set of rules which integrates the information on the adaptation measures required in the RTS into the processes of the individual parties. This implementation in the individual companies was implemented centrally with the introduction of the new 3D Secure 2.0 (3DS2) protocol. Unfortunately, however, there was a whole cookbook of rules per entity that had to be taken into account with the use of 3DS2. And as is usual with cookbooks, these are never congruent across the board – at best similar – which naturally led to a significant increase in the requirement criteria for technical implementation.

Now the big guessing began. The payment market is a very heterogeneous system in which many service providers have different tasks and responsibilities. The EBA, as the initiator of the amendment, only spoke and talks to the regulated payment institutions and service providers and prescribes the newly adopted procedures for them. Other service providers involved in the service chain (e.g. MPI/3DS2 operators, GDS (Global Distribution Systems) such as Amadeus or Sabre, etc.) are not or were not directly affected by the SCA requirement, but sometimes play a major role in technical/operational processing for the execution of authentication. The pure authentication process is therefore a regulated process, which should, however, sometimes be implemented by unregulated service providers – a contradiction in itself.

Many cooks spoil the broth…

The payment processing empire consists of many parties. There are the

  • Merchants whose bad experience from 3DS1 could repeat or even increase their skepticism about negatively influencing the conversion rate with a new authentication process (Strong Customer Authentication).
  • PSPs who are interested in a constant or increased number of transactions with the broadest possible use of their payment type portfolio
  • The acquirers who do not want to lose any sales in the credit/debit card business with SCA either
  • Schemes that see securing revenue as a top priority in the new authentication process, but at the same time must comply with regulatory requirements
  • The issuers, who want to ensure the implementation of regulations in the field of payment. In addition to reducing the number of fraud incidents, this also implies securing the portfolio volume of their card portfolio.

All these parties and stakeholders are involved in the implementation of the SCA requirements, but sometimes pursue very different objectives and interests.

As a result, certain use cases are not considered at all or only peripherally by one or the other party. However, it is at least as irritating for the payment ecosystem that different stakeholders interpret and implement supposedly identical facts in different ways – and this in the absence of clear regulatory or defined specifications of the schemes.

A very prominent example of this is the very hotly discussed handling of key entry transactions in the travel and tourism industry in recent weeks. With this transaction type, card data is entered manually into the payment terminal at the point of sale or an online input screen (sometimes without the cardholder being present). Since neither the regulator describes these transactions as “electronic payments”, nor the card organisations themselves present an alternative to the SCA obligation, this increases the creativity of merchants (and thus the service providers serving the merchant, PSPs and acquirers) to circumvent the SCA obligation.

Unfortunately, there is no homogeneous procedure or guideline for implementing SCA logic that has been agreed with all parties.

The oversalted soup: not only a bitter aftertaste

Since 14.09.2019 the PSD2 and with it the strong customer authentication has officially entered into force and many open questions are still unanswered. The business transactions in the aforementioned travel and tourism industry are particularly affected by this.

The ignorance of the regulators – be it the EBA or the respective national regulator (BaFin) – have fueled the uncertainty in the market in recent weeks through its reluctance to make decisions rather than to rebute it.

Unfortunately, the result is not quite unexpected. Large and well-known players in the payment ecosystem such as Amadeus and Galileo have already informed their customers that their systems will not be able to fully meet SCA requirements by 14 September 2019. Although this is only a restrictive statement, it nevertheless shows that the time period for implementing the outstanding questions was not sufficient. And this is exactly what BaFin has not yet wanted to take into account, despite the ever louder signals from the market and also from the companies regulated by BaFin.

The previously mentioned 3DS2 protocol has a decisive advantage compared to 3DS1, which raises the justified hope that a drop in the conversion rate can at least be avoided: the so-called “frictionless authentication”.

In this process, the merchant provides the issuer with a complete set of additional, risk-relevant information that the issuer can evaluate itself and then approve the transaction or payments without interacting with the cardholder. On the one hand, this procedure removes the liability of the merchant for the loss event and transfers it to the issuer, and on the other hand does not require any further interaction with the cardholder, which could possibly lead to a termination of the transaction.

But since – as things stand today – neither the issuers know exactly which parameters for evaluation in their fraud prevention systems will really have a positive effect on smooth transaction processing, nor the merchants are able to transmit the optional fields required for the issuers in the authentication message across the board, the market runs the risk of not using this powerful instrument at all. The PSD2 guidelines should avoid exactly this.

And it is precisely at this point that it would once again be necessary to have a regulative specification through the corresponding schemes, which would put the issuers in a uniformly defined state.

Seasoning of the soup and its improvement

Ultimately, however, the BaFin gave in on August 21 – at least for the e-commerce sector – and announced in its statement that it would tolerate e-commerce transactions that had not (yet) been SCA-authenticated for an indefinite period of time. However, the SCA obligation was by no means lifted as of 14 September 2019. According to our star chef, the BaFin will never give up its SCA soup, but rather try to make it “bearable” for the consumer by skillfully tasting it.

However, BaFin must not forget when “tasting” that it is only one of the assistant cooks of the SCA soup. An inhomogeneous handling in the EEA of the toleration regulation described above generates an even greater sense of uncertainty than is already the case. Nationally differing regulations would confuse both the merchant and the cardholder to the maximum. To avoid precisely this situation, a much clearer EBA specification would be much more helpful.

Therefore, it remains to be seen to what extent this will be achieved or implemented.

Summary of the cooking course

As already mentioned, the uncertainty on the market in dealing with the use of SCA has clearly stimulated the creativity of the merchants due to the acute urgency before the implementation on 14.09.2019. This sometimes goes so far that in the absence of suitable SCA alternatives, so-called “alternative payment methods” (such as PayPal, Paydirekt, Wallet systems, etc.) are given preference over SCA-liable card transactions. The operators of these alternative payment methods observe this extremely favourable effect with a broad smile for them, as without extensive marketing expenditure they do profit from the lack of coordination and the weaknesses of the regulatory system without own effort from the competitors. And this was – and cannot have been – in the spirit of the regulator when the SCA obligation was developed (we remember the goal of increasing competition).

Even if the SCA obligation has now entered into force on 14 September 2019 – albeit in a weakened or delayed form – the toleration period with regard to the PSD2 guidelines should be used sensibly. Above all, one should learn from the mistakes since the release of the RTS. And this learning effect must start with all parties involved, so that after the end of the toleration period there is no D-Day again and nobody knows how and when to prepare for it. The alarm signals for such a situation are already red, as merchants have already announced that they will only activate the SCA obligation at the end of the toleration period, in order not to suffer a competitive disadvantage against the competition themselves prematurely.

Coming back to the initial concern of the SCA obligation – namely the reduction of fraud and thus the safeguarding of cardholder integrity – it can only be stated at this point that the EBA, with its chef assistants, the national regulators, has led the “SCA project” up the garden path for lack of clearly defined specifications. Let us hope that the regulators have learned from the past months.

Only a common approach involving all stakeholders in the payment ecosystem can guarantee the desired success with regard to rule-compliant SCA use. It would be a pity if the opportunities opened up by SCA for clear security and also for a customer and cardholder-friendly authentication procedure could not be exploited due to exceptions and the ignorance or decision-failure of the competent authorities.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„Status Quo in B2B Payment Transactions: From Desire to Reality“

B2B payment transactions visions fullsize

Status Quo in B2B Payment Transactions: From Desire to Reality



While citizens in Germany are consciously or unconsciously using new and innovative forms of payment beyond cash, mobile-only banks and other payment means driven, among other things, by Fintech’s, the use of innovative methods is stalling in other areas of banking. We are talking about the complex subject of corporate banking, here in particular with a view to payment transactions.


But why is that?


We’ll start with an example: “Please help the authorized signatory of company XY to fill out the bank transfer form and then submit the floppy disc for processing the salary payment to the back office? ” Does that look familiar to you? The cashier’s inquiry might have sounded like this or something else in the training of a bank clerk.

The training was completed years ago and (fortunately) a lot has happened in payment transactions apart from cash payments and accounts. Or isn’t the difference to the past then so great? For comparison: 10 years ago Steve Jobs presented the first iPhone. Considering the development stages the iPhone has gone through as a smartphone since then, the further development of payment transactions by corporate banking customers over the past decade has been very cautious.

Payment transaction requirements differ considerably among users (private customers or corporate customers). The thought leaders, digital natives and technology nerds attach importance to an appealing user experience and innovative features in their private environment. They now want to enjoy all facets of the banking business digitally far beyond the online account alone. However, companies pay much more attention to issues such as security, data protection, system stability and the (unfortunately) well-known “never change a running system”. Despite increased private curiosity about innovative, digital products for finance and money, progress among corporate customers is almost non-existent.


But what or who can be a driver of innovation and where is a corporate customer’s payment traffic heading?


A company has two essential requirements for its payment transactions

1.) Receipt of information in the form of an (electronic) account statement, and

2.) the execution of payment transactions (e.g. bank wire transfer)

This is usually controlled and managed via an electronic banking system. Communication is largely defined by the EBICS standard. In particular, the introduction of SEPA was and is for many corporate customers a (first) major step towards the professionalisation of payment transactions. The conscious examination of the existing path of payment transaction management showed the status quo and highlighted the strengths but above all also the weak points. SEPA provided the Cash Manager/Treasurer with a tool which, if used correctly, increased efficiency and can continue to do so. Through the introduction of SEPA, formats were defined that are identical in the SEPA area and thus make payment transactions across national borders easy.

Now, however, there are some limitations. Very often, medium-sized companies in particular use systems for payment transactions and account management that meet the minimum requirements for an electronic banking system but slow down the modernisation, automation and professionalisation of payment transactions within companies. Why is that? Habit, fear of change, personal preferences, no trust in future generations and technologies?

Quickly we end up with the ‘chicken-and-egg’ problem. Should banks set the course and impose their own digital agenda on companies and, for example, offer modern electronic banking systems with great features, if possible by use of a block chain (somewhat exaggerated) and interface-optimized? Or does this impulse also have to come from the companies? Do the banks have to make their customers much more accountable for this, or must mutual understanding first be established? Is such, almost cooperative, behaviour possible at all, or is the relationship between customer and service provider too pronounced for this?


What do companies want when it comes to payment transactions?


According to a study conducted by Commerzbank together with FH Mittelstand, companies today want to manage their liquidity and cash flows holistically at all times. In the past, it was only administered, today it used to be efficient, active and professionally managed – also through the use of software. The reasons for this are transparency, reduced transaction costs, intra-group liquidity management and automation. A cash management system/electronic banking system is now used by around 50 percent of all companies (both large corporates and SMEs).

Despite the use of an electronic banking system, only 10 percent of companies also use access via an app to a mobile device or tablet. Unlike private use, where a variety of third parties now access our financial information, companies do not want their information to be used by third parties (excluding tax advisors and auditors). This was stated by 75 percent of the respondents. A similarly high number of users of cash management systems do not expect cash management to be interconnected with other internal systems for the reasons of data protection and security mentioned above. It is astonishing when one looks at the already described curiosity for innovation in the private environment and digitisation activities in other areas of a company.

Nevertheless, many employees in finance departments make an effort and claim to gradually transform the structures that have grown over time into the modern and digital world. No quantum leaps, but adapted to the circumstances. This is where the banks come in.


What do the banks want concerning the payment traffic of the future?


The attractiveness and earnings potential of corporate customers should be a source of inspiration for domestic banks. Confidence remains high and the hurdles to switching after setting up a functioning electronic banking system including payment transactions are very high. Enough reasons to continue to act as the hub of a corporate client’s finances in the future. However, there is only limited time to rest. The banks find themselves in a competitive crowded-out market and are attacked by large foreign banking institutions and above all technology groups.

Banks often offer their customers cooperations with partners or set up platforms that provide the customers with supposed added value without responding to the concrete wishes of the customers. Fintech’s many good ideas and in-house approaches are made available to the customer as unfinished piecework without (felt to be) a clear strategy. Whether there is a concrete need is often only questioned in the next step. The developments within the banks are thus developed independently of the customer and, in many cases, are not in line with the customer.

Banks want to make their services appealing to customers through their advisory strength and expertise. The Transaction Banking departments advise their clients with experts on all topics and information relating to the transaction business. More complex issues in particular, such as the sale and payment of a machine or the provision of a service abroad, are complex, cross-border and cross-currency and require the bank’s expertise or correspondent banking network. Here the banks currently still have a very large asset to defend. Many new players on the market, such as Transferwise in foreign payments, portray things that were originally a traditional banking domain (see also Michel Hilker’s blog article “Quo vadis AZV“).

In addition, banks not only want to make their corporate customers happy, they also want to drive their own processes forward. Because in order to offer a customer an innovative product, you have to be an innovative bank that can also provide and execute these products. Often a break in the thought process between the wishful thinking of “modern bank” and reality.


Common denominator!?


We see that a professionalization and a certain rethinking has begun in the finance departments of companies. The desire for changes is there, but from the point of view of the respective departments often resembles an open-heart surgery at the payment transaction processes. An adaptation is only possible step by step. The bank must create system-side conditions in order to be able to implement new systems, processes and requirements and not remain stuck on its “legacy”. The often cited “thinking from the customer’s point of view” must also remain a strong focus in corporate banking. The banks should avoid going it alone.

Companies must initiate and closely accompany the change of their systems, and there must be a strong commitment by the employees conducting the change and the responsible management. The active involvement with the topic of payment transactions must be an essential part of the job profile.

The majority of medium-sized companies should give the coming technical and personnel generations in the finance departments the chance to implement new approaches and to trust these approaches as well as the executors. Otherwise, the desire for progress remains only a wishful thought – and not only with regard to payment transactions.


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]

„The OSTHAVEN view of the present & future of Artificial Intelligence in Banking & Payment“

The OSTHAVEN view of the present & future of Artificial Intelligence in Banking & Payment 3

The OSTHAVEN view of the present
& future of Artificial Intelligence in Banking & Payment



Are we really abolishing ourselves?


The topic of artificial intelligence (AI) has been discussed so often in recent days. The German government plans to spend several billion Euros to make Germany fit and to keep up the pace in the dramatically increasing competition of R&D within the field of AI. Companies from Silicon Valley compete with transfer fees for demanded researchers. One might think that AI is about to seize world domination. The myths and stories picture various horror scenarios and outdo each other in drama. Celebrities like Elon Musk and the recently deceased Stephen Hawking warned of nothing less than the downfall of mankind.

High time to take a look at this topic on our OSTHAVEN blog – factually, differentiated and specifically related to our industry – Banking & Payment.


Artificial? Intelligence?

Let’s start by taking a close look at what we are actually talking about. Before we deal with the “artificial” part of intelligence, let us first focus on the topic of “intelligence”. To this day, the field of “intelligence” is largely unexplored and lacks a clear definition of what exactly intelligence is. The existing definitions blur between biology, physics and philosophy. Up until today we do not understand exactly how we humans actually function. Expressed in lay terms, one can say that our body is streaked by nerve tracts and muscles, whereby in their control centre, the brain, all threads run together. Neurons flow back and forth in our brain and nerve tracts, switching and acting in a similar way to modern computer processors in our thoughts and actions. From birth, and actually before that, we humans gradually learn all our abilities. During our first weeks of life, for example, our brain learns that what we see in front of our own eyes are our own arms, hands, legs and feet and that we can control them with targeted muscle contractions. So the cute clumsy baby, who unconsciously hits itself in the face with the hand, eventually becomes the cute toddler, who consciously takes his shaky first steps. Behind this process lies a complex interaction of nerves, brain and muscles that we have not yet fully understood. You could say it’s a miracle. But the more we explore the field, the more we see that what looks rather complex at first glance is on a small scale simply the interaction of biological and physical processes. It gets even more complicated when you think about what exactly our soul is, where our free will comes from and in very simple terms what makes us get out of bed every morning and what makes us do everything we do all day long.

The vernacular would declare us humans as intelligent beings. Some certainly more intelligent than others. Humans do things using their mind. Humans are weighing a given situation and decide based on their assessement of the situation. Humans plan ahead and anticipate. Humans act based on experience and what has been learned. Humans try out. But humans also do make mistakes. Why is that? This is a question that we are unable to answer completely based on the current state of knowledge. But we are certain – we are intelligent.

Now the human race has set itself the ambitious goal of artificially recreating “intelligence”, which it neither understands nor is able to define precisely. So let us note that we cannot exactly understand or even define the target we are pursuing.

We now have arrived at the interesting aspects of this dilemma, which makes this topic incredibly attractive, exciting and complex. Research on AI is entering a new field, driving and chasing other fields of research forward and has even helped us humans to better understand ourselves.

Broadly speaking, we have begun to reproduce the researched areas and functions of the human brain with computers, which are ultimately very complex electronic circuits.


Man versus machine – two simple examples

For the following thought experiment imagine a photo of any cat. Who will recognize faster whether the animal on the photo is a cat – man or machine? The answer is usually man. For another thought experiment, please briefly consider who will find it easier to calculate the following formula: (2342 * 2345) / 234444 + 23445 * 12499584 – man or machine? In this discipline we would most likely be beaten and use a calculator instead.

A researcher at Stanford University, together with Google, has taught an AI to recognise cats in images. Any cats, in any colors, positions and clippings. For this, AI had to be trained manually in a cumbersome process with over 1 million images. But if you present this artificial intelligence with a picture of a dog, it is at a loss.

What we can learn from these two thought experiments is that computers can work insanely well with structured, formalised content, such as mathematical formulas. There are clearly defined numbers, operators and calculation rules that have to be adhered to in order to reach a result. Computers can do this at speeds unthinkable for the human brain.

We can also see that human brains, together with its various senses, can work impressively well with unstructured and incomplete data sets. As an infant we once learn what a cat is and can recognise cats until the end of our lives; and that goes also for cats in other colours and completely different forms. We humans are able to abstract the format “cat” accordingly and apply it in completely new circumstances. The easiest way to make this clear is that every human who knows what a cat looks like can usually draw a cat. These drawings usually have at least one thing in common – pointed cat ears. Most of the time we also add a cat tail.

We owe it to Stanford University’s impressive research that we are able to train these skills on computers as well. At the same time, this research also highlights the enormous challenges that such a goal entails and, alongside, illustrates the very different strengths and weaknesses that we humans and computers have.


Fields of application of AI in banking & payment

In the area of payment, the topic of AI, especially machine learning and pattern recognition, has long been a fixed component. The most prominent and widespread example is risk monitoring at payment service providers and credit card companies. Today, systems based on artificial intelligence generally support the real-time detection of credit card fraud. Companies such as Risk Ident, Fraugster or Feedzai have established themselves in this area, but companies such as Adyen also count on these technologies. The Otto Group company collectAI is currently establishing itself in the field of receivables management, which implements a customer-centric approach in receivables management that is optimised, automated and individualised through AI, thereby reducing effort and costs and at the same time achieving higher success rates in the receivables process.

The use of new technologies in banking is somewhat more differentiated and not widely used yet. First market participants established themselves in the area of Robo Advisor, such as Scalable Capital, which is pursuing a value-at-risk investment approach and uses advanced risk management and simulation algorithms based on AI technologies. Interestingly enough, final investment decisions are still controlled by humans. More and more applications can be found in the field of bank account analysis, which automatically allocate expenses to categories and detect patterns in account movements in order to plan or control budgets and expenses. Examples in this field are the App numbrs, Kontowecker of the savings banks or N26. Programs that automatically trigger account movements, such as savedroid, go even further. In addition, there are applications that provide financial recommendations on the basis of existing knowledge and more and more chatbots and self-service offerings. If you combine all these things and think them a little bit further, a fully automated, individualised and AI-supported  holistic banking advice will be possible in the future.

The banking business seems predestined for the use of these technologies for the simple reason that the data basis of banks is highly standardised and the processes in banks are strongly regulated and formalised. To put it simply, one can assume that processes in banks can be replaced or extended by AI-supported technologies, especially if they follow clear and formal rules.


What will become important in the future with AI in Banking & Payment

In particular, with a view to the payment and banking industry, we have identified some aspects that we consider to be important dimensions with regards to the progress of AI as important topics of the future.

These aspects are:

  • Auditing of algorithms and automated decision processes
    When algorithms and AIs make important decisions, they must follow clear rules and be comprehensible. Traceability is difficult to achieve in most AI systems. Therefore, a solution must be found so that audit requirements can be met nevertheless.
  • Regulation for algorithmic decision-making processes
    Not only internal company audit provisions will have to be taken into account, but also requirements from regulators will be given and these must be able to be verified. Rigid regulatory requirements and dynamically growing AI systems seem to be not really compatible. This requires new approaches on both sides.
  • Data quality
    AI-systems are generally based on large amounts of data, which is the only way to achieve good results and efficiency gains. Very simply and accurate one can summarise this with the well-known IT saying: “Garbage in. Garbage out.” If you want high-quality decisions, you need high-quality data.
  • Room for error
    As explained at the beginning of this article, AI-systems learn analogously to humans. People make mistakes and so do AI-systems, mostly due to poor data quality or simply wrong training. In a world with 0% fault tolerance, to which the banking and payment world tends to belong, this means a new challenge. This is particularly important, as we are usually talking about mass transaction business in which real money is moved. Here it is necessary to design solid test frameworks, which are developed especially with regard to the peculiarities of self-learning and self-changing systems.
  • Risks of data monopolies
    As Spiderman had to learn on the cinema screen: “with great power comes great responsibility”. The larger and more significant data monopolies become, the greater the risk of abuse. Politicians, public authorities and society will have to find ways to avoid data monopolies and ensure fair and healthy competition in order to contain the risks of increasing concentrations of power.
  • Regulatory decision-making processes
    How do you give regulatory approvals for self-learning and self-changing systems? Licensing and control processes have to evolve with technical developments and find new ways.


A plea for cooperation and the eternal dilemma of AI

The world will change. Computers will take over activities that humans do today. But until further notice, people will not be displaced by computers. Many tasks will change and completely new ones will emerge. For the time being, computers in particular will need humans to teach them the things we want to automate. A computer by itself can do less than a new born child when it comes into this world. Like with the baby, the computer needs a human person who shows him the world, explains it to him and teaches him how to do his tasks.

People should engage with AI and use the respective strengths of humans and computers to maximise overall benefits. We will thus free up precious life time that we will be able to use for new, creative and important things, while boring, recurring tasks and activities will be more and more automated.

The great dilemma of AI is at the same time the most important factor for human beings. Computers are dumb. Computers only work when  a human has given them a clear goal. This is a great chance for humans to not become redundant for the time being. At the same time, there is a great risk in this particular detail. Because computers pursue their goals with all means. Even if it’s the wrong target or an immoral target. Finally, a very simple example to think about: Imagine a fully automated banking advice. The AI takes over all of your banking transactions fully automated, including your investment decisions. The computer behind it can now be given two similar but fundamentally different objectives. On the one hand, it can be given the goal of maximising the investment – that is, getting the best out of it for you in a risk-optimised, cost-optimised and return-optimised manner. On the other hand, it could also be given the objective of maximising the investment while at the same time optimising the bank’s earnings by, for example, exclusively acquiring its own bank’s ETF products, which are perhaps not the most cost-effective for the client but the most profitable for the bank. You think you would notice the difference? And who monitors these algorithms? Your bank?

We are only at the very beginning of this story…


[pissc number=20 cat=”Articles” the_more=”Read the full post →”]