the new payments ecosystem: fast, open, … 1 the new payments ecosystem: fast, open, secure and...

1Confidential

THE NEW PAYMENTSECOSYSTEM: FAST, OPEN, SECURE ANDDISRUPTIVE

OPEN! Open Payments and their

Impact on Payment Intermediaries.

2Confidential

FOREWORD BY DAREN WEDGE AND JOEL VAN ARSDALEDigital payments, open APIs and real-time account to account

transactions are driving change across the payments landscape. As a

result, consumers, businesses, merchants, and financial institutions

present a growing list of fast-changing demands.

By aligning business models with today’s evolving payment trends,

payment intermediaries have the opportunity to securely grow their

offerings and boost top-line revenue.

ACI partners with all types of payment service providers from around

the globe to help them adapt to the new payments ecosystem,

improve efficiencies, create new revenue opportunities and shield

against increasing fraud risk.

OPEN payments represent one of the four pillars of the new payment

ecosystem bringing new opportunities for growth for processors and

FinTechs alike.

Daren Wedge, SVP Sales, Payment Intermediaries,

ACI Worldwide

Payments are becoming more OPEN - offering greater accessibility,

flexibility, and transparency. Market forces including globalization and

the impact of mobile technologies are forcing providers of payment

services to embrace open technologies and open business models.

This shift is positive for users and providers of payment services who

are well positioned to leverage innovation to achieve exceptional

growth. In Europe, the legislature and regulators continue to push for

greater openness in the form of open banking. PSD2 is a significant

agenda for change and ultimately all providers of payment services

must strive to become more open in order to avoid disruption.

Joel Van Arsdale, Partner, First Annapolis Consulting

3Confidential

WE ARE LIVING IN AN OPEN WORLDBusinesses must be accessible, flexible, and transparent to meet customer expectations.

• Open ecosystems shape our world.

• Easy technical access (API*

commerce) is the new normal.

ACCESSIBILITY FLEXIBILITY TRANSPARENCY PUBLIC POLICY

Customized products (e.g.,

personalized sneakers, individual

headphones or custom frames for

glasses) are high in demand.

• Customers expect transparent pricing and clear terms and conditions.

• Reputations are constantly on the line.

Official registers (e.g. BankID in

Norway, NemID in Denmark) for

company or personal information

are getting more and more common.

Companies like Storebox or Stripe

offer easy access to their services

which has supported their aggressive

growth strategies.

I expect:

• What I want.

• When I want it.

I want to tailor and customize.

Some banks margin for greater customer

satisfaction by offering more transparent and

fair products/pricing. UK RDR regulation and

others require more transparent pricing

strategies for wealth management.

General political drive towards:

• Openness (e.g. Open

government partnership).

• Open data.

*For more information, please take a look at the abbreviations and reference index in the appendix.

4Confidential

BUSINESSES MUST EMBRACE OPEN TECHNOLOGY AND BUSINESS PRACTICES

If you wish to be OPEN, then you must embrace the principles.

Flexible thinking, the basis of everything

• OPEN starts with OPEN culture.

Lean and agile development

methodologies

• Customers want payment request responses

in seconds. Your product and IT development

must be positioned to be OPEN.

Flexible teams and organizational

structures

• Teams and individuals that are ready and

able to change help to establish OPEN

organizations.

Open interfaces, connecting to others

• In an OPEN world, you rely on others,

connected through OPEN technology and

business practices.

Follow (open) standards or set them,

proprietary can be a dangerous path

• Unless you can start a successful,

proprietary ecosystem, standards are a

foundation for OPEN.

Feedback loops and (developer)

communities

• Listen to your customers, stakeholders and

others to adapt.

5Confidential

CLOSED ENVIRONMENTS ARE BEING DISRUPTED

Nothing is immune to change. Plan OPEN to remain relevant.

Governments and administrations transformGovernments increasingly try to OPEN up and make

interactions with them easier and more transparent.

FinTech disrupt traditional providersNew competitors find new ways to compete, to deliver value

to customers via OPEN products and technology.

Changing can be scary, but necessaryTransformation is necessary for long-term survival and

change is facilitated by an OPEN model.

Sharing economy replaces protected marketsBeing closed is a competitive disadvantage.

6Confidential

OPENNESS DRIVES AGILITY, WHICH IS AN INCREASINGLY IMPORTANT FACTOR FOR SUCCESS

OPEN and agile businesses are not hindered by change.

AGILETECHNOLOGY


AGILEORGANIZATION

AGILE BUSINESSPRACTICES

Your tech stack should be adaptable

and adjustable with a mindset for

continuous improvement. Agile

technology is about having the right

systems, people, and processes (you

need all three).

Start with the customer and go

from there. Learn to break ambitions

into bite sized pieces. Embrace

failure, learn, and adapt. Seek out

others with similar or complementary

ambitions.

Think of how to not only develop but also

manage agile. Only by combining agile

development and agile management, will

you achieve a truly agile organization.

This is ultimately needed to thrive in an

OPEN environment.

7Confidential

BEING OPEN TO PARTNERSHIPS IS KEY TO BEING AGILE

Partnerships combine best-in-class resources.

Partnerships, regardless of their nature,

can make you OPEN…

…but both parties must be OPEN

to be successful

Accessing new customer groups:• Alternative payment providers (e.g. open invoice)

integrating with PSPs to access new customer

groups.

Adding a new capability:• Neobanks implement non-core services via

partners.

Going global:• Transferwise expands its global reach through a

joint approach with local partners.

Easy, on-demand technical integration.

Flexible culture, easy to work with.

8Confidential

CUSTOMERS EXPECT OPEN AND PAYMENTS FOLLOW THE TREND...

OPENness in payments may be different due to its sensitive nature – but it’s happening.

Payments are more sensitive:

• Customers are more sensitive to financial services and payments

• Payment companies need to balance privacy, data protection and security legislation

Pervasiveness of social

media in which data

sharing is the norm.

Whether in a professional or private context, data

sharing today is easy and pervasive.

Google and others know you – you have a

digital identity whether you like it or not.

Rethink roles:

As the payment

value chain

evolves, roles and

positions change

as well.

Payment infrastructures are moving

to OPEN IT:

Payments are migrating from proprietary

protocols and networks to more OPEN

technologies such as web services and

secure internet.

Banks are being forced to

be more OPEN:

PSD2*, UK Open Banking*,

and various other mandates

for banks to OPEN.

Unbundled services, specialization,

and outsourcing:

Payments are increasingly partnership driven.

Winners focus on a core competency and

partner with others to fill gaps and to go to

market.

Payment schemes

OPEN up:

Payment schemes are

increasingly OPEN, working

with a broader group of

stakeholders via API*

technologies.

9Confidential

Openness and new technologies bring new threats:

• Digital identity theft; malware.

• Foreign cyber assaults.

• Mobile device fraud.

• Phones as repositories of ID data.

Former pillars of trust change:

• Physical cards.

• Physical decoders.

• Physical signatures.

• Personal interaction.

New threats can be targeted technically

or regulatory – but not every idea is a good solution:

• Device fingerprinting*.

• Machine learning and AI*.

• Detection systems.

• Biometrics.

• Strong authentication*/liability.

OPEN PAYMENTS CAN’T EXIST AT THE COST OF SECURITYPayment systems must be OPEN and SECURE.

Building new trust is possible with data

transparency and sharing:

• National or bank digital IDs.

• Social IDs.

• Digital profiles (Google, etc.).

• User ratings.

• Mobile app transparency (history, locations, etc.).


10Confidential

TRUST IS VITAL TO AN OPEN PAYMENTS MARKETPLACEPayment systems must be OPEN and SECURE.

Payments Marketplace Requirements

1. Strong yet frictionless authentication.

2. Expansion of digital identities and ID

as a service.

3. Detecting fraud and establishing trust.3 In order to approve a loan, Affirm performs a ‘soft’

credit check, whereby they assess

creditworthiness based, in part, on personal data

found on the borrower’s social network profiles.

11Confidential

TODAY, PAYMENTS ARE ONLY SEMI-OPENThe journey towards OPEN is far from complete.

Today

Just banks

Tomorrow

Any accredited company

Proprietary Standard, open

Multi-channel Omni-channel

Mainframes* SaaS*

Closed networks Secure internet

Network Access:

File Formats:

Channels:

Architecture:

Infrastructure:


12Confidential

TRUST IS VITAL TO AN OPEN PAYMENTS MARKETPLACEPayment systems must be OPEN and SECURE.

Tomorrow’s Enhancements

1. Enhanced interoperability (payment “apps”

leveraging multiple payment networks).

2. Digitization of identities and trust.

3. Invisible payments (touch and go).

4. Data access and transparency.

5. Product and business stacks, built via

partnerships, not black boxes.

Merc

ha

nt

Sta

ck

[Vendor] Payment terminals

all of which is ideally

sold in a single,

simple, bundled

service for small

merchants

[Vendor] Terminal maintenance

ACI Processing software

[Vendor] Data center infrastructure

[Vendor] Comms infrastructure

ACI Gateway services

ACI Fraud management

[Vendor] Call center systems

[Vendor] Web portal development & workflow tools

[Vendor] Loyalty services

[Vendor] Accounting / ERP

[Vendor] CRM

Co

ns

um

er

Paym

en

t S

tack

[Vendor] Card OEM

all of which is ideally

sold in a single,

simple, bundled

service for small

merchants

[Vendor] Key / Encryption services

[Vendor] Tokenization service

[Vendor] Wallet app

ACI Processing software

[Vendor] Data center infrastructure

[Vendor] Comms infrastructure

ACI Authentication services

ACI Fraud management

[Vendor] Call center systems

[Vendor] Web portal development and workflow tools

[Vendor] Loyalty services

[Vendor] Accounting / ERP

[Vendor] CRM

Exam

ple

s o

f P

roduct / B

usin

ess S

tacks

13Confidential

FINTECHS ARE USING OPEN AS A KEY ADVANTAGE TO WIN MARKET SHARE

FinTechs must also therefore embrace OPEN to compete in payments.

Information aggregators and neobanks* are putting

information access at the forefront of their payment

services.

Marketplace aggregators such as Facebook are

consolidating volumes away from traditional

merchant-acquirer relationships.

PSPs* are increasingly allowing partners and

customers to help in the development of solutions.


Yesterday

Today

Local

Merchant

Local

Acquirer

Local

Merchant

Local

Acquirer

Local

Merchant

Local

Acquirer

Aggregator/ Gateway (e.g.

Sagepay, Ingenico ePayments)

Global Acquirer

Local

Merchant

Local

Merchant

Local

Merchant

14Confidential

‘Access to the account’ allows any third party to access a consumer’s bank account as long as:

1. It is completed in a controlled fashion (through a formalized API, often with an authentication screening).

2. There is user consent.

FINANCIAL INSTITUTIONS ARE BEING FORCED TO BECOME MORE OPENTake regulation as a chance to grow and evolve.

1. PSD2’s* access to the account.

2. UK’s Open Banking* push.

3. General shift towards partnerships and

outsourcing.

4. Consumers expecting OPENness from their

bank (e.g. the rise of “consumer controls” for

fraud management).


15Confidential

PROCESSORS NEED TO BECOME MORE OPEN In order to become an OPEN processor, the following needs to be considered.

• APIs*

• SaaS*

• SDKs*

• Developer communities.

OPEN TECHNOLOGIES

ON-DEMANDSERVICES

INTEROPERABILITY OPENBUSINESS

• Anytime and anywhere.

• Easy and fast sign-up.

• Modular software.

• Various front-ends.

• Omni-channel.

• Easy to work with.

• OPEN to partnership.


16Confidential

AND, PAYMENT NETWORKS NEED TO BECOME MORE OPENPayment networks need to comply with the following to embrace OPENness.


Multi-national interoperability

while siloed solutions still exist, they

tend to be outperformed sooner or later

by multi-national schemes / solutions.

Component services

while OPEN APIs* allow you to focus on

developing your own solution, end-to-end services

do need more effort to build and maintain.

OPEN to all parties

with the minimum accreditation, PSD2*

now allows different parties to deliver

payment services.

When financial institutions, processors and payment networks need to become more OPEN…

…you should either become OPEN or benefit from those who need to OPEN up by providing complementary services.

17Confidential

PSD2 WILL DRIVE A MORE OPEN MARKETPLACEWhich will drive new product development and business models.


Various parties will

become TPPs*

With PSD2*, merchants,

FinTechs, banks,

processors and others can

deliver payment services.

TPPs* will develop new payment services

on the back of bank payment infrastructure

As PSD2 allows a broader set of players to

serve financial products, banks will be more of

a narrow service provider with OPEN

interfaces for other companies.

TPPs* will develop new

information services to better

drive digital economy

As TPPs* usually move faster than

FIs* and are closer to the market,

they are in a better position to

release new products faster.

Aggregators will help to streamline

an otherwise complex web of APIs

standards and interfaces

Technical integrators provide

standardized interfaces to easily

connect to various different services

with one integration.

The ecosystem will need directories

and registers to track trusted parties

and relationships

As OPENness can not happen at the

cost of security, a label of trust needs to

be established.

$

18Confidential


PROCESSORS AND NETWORKS WILL NEED TO ADAPT TO THE MOREOPEN PSD2 WORLD

FIs will need help to turn PSD2 compliance from burden into benefit.

Processors and FinTechs can…

…new strong

authentication*

services that allow for

frictionless use cases.

…new services such

as digital identities

and white lists.

…new network models,

such as special purpose

proprietary networks.

…enable API* access.

…manage a complex

web of parties

accessing their

networks.

…provide fast and easily

integrated solutions to

deliver innovative

purchase experiences.

…offer a broad set of

payment methods to

maximize conversion.

…help banks to… …help merchants to… …develop…

API

19Confidential


OPEN PAYMENTS CREATE REAL VALUE FOR PROCESSORS AND FINTECHS ALIKE

OPEN is beneficial in the long run.

Reduced time to marketOpen APIs* and standardized interfaces reduce efforts to interact with others and therefore reduce time to market. This allows FinTechs to grow fast – which is vital for them. And it’s also important for processors to keep up with new competitors and a changing environment.

Enhanced usability driving incremental sales and better customer experienceCustomers value openness, good usability and fast service. Bad usability and slow service turns users away from the product, taking possible chances for incremental sales. Don’t turn down this opportunity!

Business model flexibilityToday change is inevitable. Therefore, flexibility is key to remain relevant. With openness, following open standards and interfaces, you preserve this flexibility and maximize your chances for sustained growth.

Beneficial for everyone

If applied properly, OPENESS

provides benefit for all parties

involved. There is no reason to be

afraid, when you know what you do.

20Confidential

APPENDIX

21Confidential

ABBREVIATIONS AND REFERENCE BOOK (1/2)

Term Explanation

APIAn application programming interface (API) is a set of standard protocols, tools and/or definitions when building a software or

application. It supports the software development and sets the standards on how the to be built software will interact with other

software (e.g. a website), operating system or hardware.

Device fingerprintingDevices (Computer, mobile phones, etc.) transmit device-specific data while interacting with servers. Together with other data

available (e.g. IP address), this data can be aggregated to create a unique device fingerprint.

FI Financial Institution (FI), e.g. a bank.

Machine learning/AIMachine learning and artificial Intelligence (AI) are technologies for computer systems to actively learn and develop new

behaviours from the input they receive.

MainframeMainframe systems are massive computer systems used for complex computing, such as computing power intense

applications (like climate forecasts), bulk data processing or transaction processing.

Neobank A Neobank is a web- and/or app-centric bank without physical branches.

PSD2The Payment Service Directive 2 is an EU Directive by the European Commission to regulate banks, payment services and

payment service providers throughout the European Union.

PSPA Payment Service Provider (PSP) offers web shops the possibility to accept payments during the checkout process via

various means of payment (e.g. credit cards, online bank transfer, alternative payment methods, etc.)

22Confidential

ABBREVIATIONS AND REFERENCE BOOK (2/2)

Term Explanation

SaaSSoftware as a Service (SAAS) is a software distribution and licensing model, where the actual software is running on a central

server and its users use an online log in in order to use it. License is usually on a subscription basis.

Strong authenticationStrong authentication is part of PSD2 and refers to an extra layer of security during the payment process when shopping

online.

TPPA Third Party Payment Service Provider (TPP) will have an IT and Operations platform meant to take care of all back office

activities for processing transactions.

UK Open BankingThe Open Banking Standard guides financial institutions on how open banking data should be created, shared and used by its

owners and those who access it.

23ConfidentialConfidential

The last millennium experienced steady incremental innovation in payments with

card the principal disruptive element. Today, regulators and consumers are

demanding FAST, OPEN and SECURE payments causing the pace of innovation

to accelerate and payment models to become fragmented.

Welcome to a new era of DISRUPTION in payments!

www.aciworldwide.com

Americas +1 402 390 7600

Asia Pacific +65 6334 4843

Europe, Middle East, Africa +44 (0) 1923 816393

© Copyright ACI Worldwide, Inc. 2016

ACI, ACI Worldwide, ACI Payment Systems, the ACI logo, ACI Universal Payments, UP, the UP logo, ReD and all ACI product

names are trademarks or registered trademarks of ACI Worldwide, Inc., or one of its subsidiaries, in the United States, other

countries or both. Other parties’ trademarks referenced are the property of their respective owners.

the new payments ecosystem: fast, open, … 1 the new payments ecosystem: fast, open, secure and...

Documents