Ways to Fight Back Against BIN Attacks, Card Fraud

Credit card fraud has steadily increased over the past five years, according to the Federal Trade Commission. Reports of credit card fraud peaked at more than 118,000 reports in the second quarter of 2022. As e-commerce continues to gain traction with consumers and retailers alike, there is a growing number of fraudsters that target customers’ credit cards using their bank identification number (BIN).

BIN attacks occur when fraudsters run the first six digits of a credit card, which are specific to each card-issuing bank, through sophisticated software to methodically produce the remaining numbers, CCVs and expiration dates. They then test to determine which cards are active. These days, fraudsters are capable of developing programs that assess hundreds of card numbers a minute, making detection harder for both fraud systems and consumers.

BIN attacks are a major headache for banks that get stuck with both the financial and operating costs resulting from fraudulent charges. But it may take some time for compromised cards to get monetized, giving banks some leeway to avert more damage.

Compromised cards harvested from BIN attacks can cause significant fraud losses for banks, in the form of accumulating chargebacks, call centers and re-issuance expenses. Adding fuel to the fire, the ensuing cardholder disruption and friction can further damage a bank’s reputation and lead to losses in debit interchange revenues.

Banks are still at risk in the wake of a BIN attack, and should continue monitoring for suspicious activity by reviewing electronic transaction trails for important data like time stamps, geolocation and IP addresses. However, these corrective and protective measures can require costly resources that many banks cannot afford. When an institution comes under attack from fraudsters, manual and purely consultative solutions are a start but must do more.

Bolstering Against BIN Attacks
Luckily, there are efficient ways that banks can fight back against the fraudsters. Here are several tips on proactive monitoring strategies to stop or limit damage from BIN attacks and other card fraud.

  1. Randomize card account numbers and expiration dates.
  2. Set up card transaction limits and velocity rules.
  3. Think about placing risk controls and transaction limits in foreign countries. BIN attacks from tested transactions often originate outside the U.S. Banks should pay close attention to countries that appear in FinCEN advisories.
  4. Implement decision rules to bar transactions from fraudulent merchants to hinder card testing. Analyzing transaction data for suspicious patterns can reveal card testing. If for a legitimate merchant reaches a transaction threshold, the bank can include a rule to monitor transaction velocity per hour and restrict transactions when further investigation is necessary.
  5. Automate the monitoring of BINs and transactions with a system to mitigate and act against fraudulent credit card activity. This system should automatically identify whether your bank is a victim of a BIN attack, including repeated low-value transactions, high decline rates and a high volume of CCV errors.
  6. Take advantage of automated network surveillance to pinpoint both legitimate and fraudulent merchants involved in BIN attacks. This gives banks an opportunity to obstruct additional BIN attacks if other fraudulent merchants are caught during this process.
  7. Work with your vendor to deploy fraudster-level tools and strategies to detect and prevent BIN attacks. Vendors can offer a wide variety of solutions, including fraud score, compromise card detection, merchant type, merchant category code (MCC), geography, zip codes and device ID, among others.

Preventative measures that can immediately interrupt BIN attacks paired with automated monitoring and surveillance gives banks a way to stay ahead of suspicious activity and effectively identify compromised cards. Mitigation may not stop BIN attacks completely, but it can reduce the resulting financial and operating costs while reinforcing the bank’s fraud department resiliency against BIN attacks.

Busting Community Bank Credit Card Myths

Credit card programs continue to be among the most significant opportunities for the nation’s largest banks; is the same true for community banks?

After a slowdown in 2020, credit card applications grew back to pre-pandemic levels in 2021. It is projected that credit cards will experience strong growth in 2022, particularly in small business and commercial segments. While a few community banks recognize the business opportunity in credit cards, according to Federal Deposit Insurance Corp. reports, over 83% do not own any credit card assets on their books.

The potential rewards of issuing credit cards are huge. Customers who have more financial products with their bank show improved retention, with more activity across the products, leading to higher profitability. It can help community banks serve their local community and improve their customers’ financial health. And community banks can realize a high return on assets (ROA) from their credit card program.

Despite these benefits, community bank executives hold back their institutions from issuing credit cards due to several myths and misconceptions about the space. Credit card issuing is no easy task — but with available technology and servicing innovations makes it possible to bust these myths.

Myth 1: The Upfront Investment is Too High
While it would be a significant investment for a financial institution to put together a credit card program from scratch, there is no need to do that. A bank can leverage capabilities built and offered by companies who offer credit cards as a service. In fact, community banks need to make little to no upfront investment to add innovative solutions to their offerings.

Myth 2: Customers are Well Served by Agent Banks
In the past, many community banks opted to work with an agent bank to offer credit cards because it was the only option available. But participating in an agent bank referral program meant they essentially lost their customer relationship to the issuing bank. Additionally, the community banks cannot make their own credit decisions or access the credit card data for their own customers in this model. Alternative options means that banks should consider whether to start or continue their agent bank credit card offering, and how it could affect their franchise in the long run.

Myth 3: Credit Card Programs are Too Risky
A handful of community banks have chosen to issue subprime credit cards with high fees and interest rates — and indeed have higher risk. However, sub-prime lending is not the focus of vast majority of community banks. Relationship lending is key; credit cards are a great product to deepen the relationships with customers. Relationship-based credit card portfolios tend to have lower credit losses compared to national credit card programs, particularly in economic downturns. This can provide comfort to conservative bankers that still want to serve their customers.

Myth 4: Credit Card Programs are Unprofitable
This could not be further from the truth. The average ROA ratio overall for banks increased from 0.72% in 2020 to 1.23% in 2021, according to the Federal Deposit Insurance Corp.; credit cards could be five times more profitable. In fact, business credit cards and commercial cards tend to achieve an ROA of 8% or higher. Commercial cards, in particular, are in high demand and expected to grow faster due to digital payment trends that the pandemic accelerated among businesses. Virtual cards provide significant benefits to businesses; in turn, they increase spend volume and lead to higher interchange and lower risk to the bank.

Myth 5: Managing Credit Cards is Complex, Time-Consuming and Expensive
Banks can bust this myth by partnering with a organizations that specialize in modern technology and program management of credit cards. There is technology available across all card management disciplines, including origination, credit decision making, processing, sales/servicing interfaces, detailed reporting, integrated rewards, marketing and risk management. Partners can provide expertise on policies and procedures that banks will require for the program. Community banks can launch and own credit card programs in 120 days or less with innovative turnkey solutions — no new hires required.

Considering the past challenges and perceptions about credit cards, it is no surprise that these misconceptions persist. But the future of credit cards for community banks is bright. Community banks armed with knowledge and foresight will be positioned for success in credit cards. Help from the right expertise will allow them to enhance their customer experiences while enjoying high profitability in the long run.

How to Give Cardholders Digital Self-Service, Fraud-Fighting Capabilities

Despite the dramatic changes in consumer spending habits over the last 18 months, an unnerving constant remains: Fraudsters are ever-present, and financial institutions and consumers must stay on guard.

To address fraud issues and enhance safety, credit and debit card payments are being reimagined and increasingly conducted via digital channels. By deploying digital self-service card capabilities, banks can better protect their consumers and allow them to keep transacting securely.

Recent research by Raddon, a Fiserv company, shows the ongoing primacy of credit and debit card payments. In a typical month, 77% of U.S. households use a debit card for purchases and 80% of household use a credit card for purchases, according to the research.

 

Card usage among varying demographic consumer segments remains robust, with millennials, Generation X and baby boomers all reporting significant reliance on card-based payments.

However, the definition of a “card payment” is changing. Consumers are increasingly using their cards digitally, with 40% saying at least half of their monthly transactions are done digitally on their mobile phones or computers, according to Raddon.

Mobile card applications are the answer to these changing trends. Today’s digitally minded consumer needs card apps that help them manage their accounts when and how it suits them. Banks can keep customers satisfied and safe by implementing a comprehensive mobile card management solution.

Digital wallet participation enables banks to give cardholders the ability to add a card to their smartphone or wearable. If cards can be digitally issued at the time of account opening, all the better. This process enables immediate card access via the digital wallet and provide an easy, secure and contact-free way to pay. Card apps can also provide control features designed to keep cardholders safe and their financial institution top-of-mind. Consumers can use these apps to protect their accounts, manage their money and take charge of card usage. Their increased peace of mind will drive transaction volume and cardholder engagement, empowering users to fight fraud through alerts for card transactions and personalizing usage controls.

Consumers are concerned about their spending patterns. Providing cardholders with detailed spend insights and enriched transaction information makes it easier for them to understand their spending and make informed spending decisions. An enriched transaction can make the difference between a panicked consumer who is worried about fraud and someone secure in knowing that each purchase is one they’ve made. The transactions should include real merchant names, retail locations for physical purchases, transaction amount and purchase date. It should also include contact information for the merchant, so consumers can make any inquiries about the purchase directly with the merchant.

Every interaction with consumers is a chance to make a great impression, especially on mobile. Consumers appreciate fresh app designs and features that focus on simplicity, including one-touch access to functions. For example, consumers should be able to quickly and easily lock a misplaced card to prevent fraud and unlock it when located. These digital-first, self-service capabilities create an efficient and safe cardholder experience. Banks can leverage existing marketing resources and creative assets to keep their consumers informed about and remind them of secure self-service aspects of the payments program.

Consumer expectations continue to rapidly evolve and drive change. Banks must respond by staying focused on consumer needs and regularly delivering new app features and interconnected payment experiences. The institutions that do will succeed by continuing to provide consumers with convenient and safe digital management capabilities for their credit and debit cards, whenever and wherever consumers transact.

Preparing Cards for the Next Era in Payments


credit-card-9-3-19.pngAdvancements in payments technologies have forever changed consumer expectations. More than ever, they demand financial services that stay in step with their busy, mobile lives.

Financial institutions must respond with products and services that deliver convenience, freedom and control. They can stay relevant to cardholders by enabling secure and easy digital transactions through their debit and credit cards. Banks should digitize, utilize, securitize and monetize their card programs to meaningfully meet their customers’ needs.

Digitize
Banks should develop and deploy digital solutions like wallets, alerts and card controls, to provide an integrated, seamless and efficient payments experience. Consumers have an array of choices for their financial services, and they will go where they find the greatest value.

Nonfinancial competitors have proven adept at capturing consumers via embedded payment options that deliver a streamlined experience. Their goals are to gather cardholder information, cross-sell new services and extract a growing share of the payments value chain. Financial institutions can ensure their cards remain top-of-wallet for consumers by developing a digital strategy focused on driving deep cardholder engagement. Digital wallets are the place to start.

The adoption curve for digital wallets follows the path of online banking’s early years, suggesting an impending sharp rise in the use of digital wallets. A majority of the largest retailers now accept contactless payments, according to a 2019 survey from Boston Retail Partners. And one in six U.S. banking consumers reported paying with a digital wallet within the last 30 days, according to a 2018 Fiserv survey. Almost three-fourths of cardholders say paying for purchases is more convenient with tokenized mobile payments, a Mercator Advisory Group survey found.

Financial institutions can deliver significant benefits to consumers and reap measurable returns by leveraging existing and emerging digital tools, such as merchant-based geographic reward offers.

Utilize
Banks need to provide their cardholders with comprehensive information about how digital solutions can meet their expectations and needs. Implementing digital tools, providing a frictionless financial service experience and helping customers understand and use their benefits can empower them to transact in real-time on their devices, including mobile phones, computers and tablets. Banks’ communications programs are important to encourage adoption and use the implemented digital products and services.

Securitize
Banks will have to balance digital innovation with risk mitigation strategies that keep consumers safe and don’t disrupt transactions. Digital payments are highly secure due to tokenization — a process where numerical values replace consumers’ personal information for transaction purposes. Tokenized digital wallet transactions are an important first step toward preventing mobile payments fraud.

Mobile apps that enable cardholders to receive transaction alerts and actively manage card usage also significantly improving card security. Fiserv analysis shows use of a card controls app may reduce signature fraud by up to 53%, while increasing card usage and spending.

Banks need strategies focused on detecting and preventing fraud in real time without impacting card usage and cardholder satisfaction. This can be a significant point of differentiation for card providers. A prudent approach can include implementing predictive analytics and decision-management technology. And because consumers want to be involved in managing and protecting their accounts, they should have the option to create customized transaction alerts and controls. Finally, direct access to experienced risk analysts who work to identify evolving fraud threats can significantly improve overall results.

A recent analysis from the Federal Reserve indicated debit fraud is running at approximately 11.2 basis points, which compares the average value of fraud to total transaction dollars. In comparison, Fiserv debit card clients experience only 5.08 basis points of fraud.

Card issuers balance risk rules that help mitigate fraud against cardholder disruption stemming from falsely-declined transactions. These lost transaction opportunities can reduce revenue and increase reputational risk. An experienced risk mitigation partner can help banks strike the right balance between fraud detection and consumer satisfaction to maximize profitability.

More Engaged Users Are

Based on these average monthly debit transactions: Gray = Low 12.6, Blue = Casual (medium) 18.3, High = High 21.4, Orange = Super (highest) 28.4
Net Promoter Score = Measure of cardholder loyalty and value in institution relationship
Cross-Sold Ration = Percentage of householders with a DDA for longer for longer than six months but open to a new deposit or loan account in the most recent six months
Return on Assets = Percentage of profit related to earnings

Monetize
Banks can turn digital solutions into engines of growth by creating stronger, more lasting consumer relationships. A digital portfolio can be more than just a set of solutions — it can drive significant new revenue and growth opportunities. By delivering secure, frictionless digital services to consumers when and where they need them, banks can maintain their positions as trusted financial service providers. Engaged users are profitable users.

Digitize. Utilize. Securitize. Monetize. Achieving the right combination of innovative products and exceptional consumer experiences will enhance a bank’s card portfolio growth, operational efficiency and market share.

How Innovative Banks are Eliminating Online Card Fraud

Card fraud has a new home. Just a few years after the prolonged and pricey switch to EMV chip cards, fraud has migrated from purchases where the card is physically swiped to transactions where the card is not present. The shift means that U.S. banks might be on the cusp of yet another move in card technology.

EMV chips were so successful in curbing cases of fraud where the card was swiped that fraud evolved. Fraud is 81 percent more likely to occur today in “card-not-present” transactions that take place over the phone or internet rather than it is at the point of sale, according to the 2018 Identity Fraud Study by Javelin Research.

Technology has evolved to combat this theft. One new solution is to equip cards with dynamic card verification values, or CVVs. Cards with dynamic CVVs will periodically change the 3-digit code on the back of a credit or debit card, rendering stolen credentials obsolete within a short window of time. Most cards with dynamic codes automatically change after a set period of time—as often as every 20 minutes. The cards are powered by batteries that have a 3- to 4-year lifespan that coincides with the reissuance of a new card.

Several countries including France, China and Mexico have already begun adopting the technology, but the rollout in the United States has been more limited. The new Apple Card, issued by Goldman Sachs Group, boasts dynamic CVV as a key security feature. PNC Financial Services Group also launched a pilot program with Motion Code cards in late 2018.

Bankers who remember the shift to EMV might cringe at the thought of adopting another new card technology. But dynamic CVVs are different because they do not require merchants to adopt any new processes and do not create extra work for customers.

But one challenge with these more-secure cards will be their cost. A plastic card without an EMV chip cost about 39 cents. That cost rose to $2 to $3 a card with EMV. A card with the capability for a dynamic CVV could cost 5 times as much, averaging $12 to $15.

But advocates of the technology claim the benefits of eliminating card-not-present fraud more than covers the costs and could even increase revenue. French retail bank Société Générale S.A. worked with IDEMIA, formerly Oberthur Technologies, to offer cards with dynamic CVVs in fall 2016. The cards required no change in customers’ habits, which helped with their adoption, says Julien Claudon, head of card and digital services at Société Générale.

“Our customers appreciate the product and we’ve succeeded in selling it to customers because it’s easy to use.”

He adds that card-not-present fraud among bank customers using the card is “down to almost zero.”

Eliminating card-not-present fraud can also eliminate the ancillary costs of fraud, says Megan Heinze, senior vice president for financial institutions activities in North America at IDEMIA. She says card fraud is estimated to cost banks up to $25 billion by 2020.

“A lot of prime customers ask for the card the next day. The issuer then has to get the card developed—sending a file out that has to be printed—and then it’s FedExed. The average FedEx cost is around $10. The call to the call center [costs] around $7.50,” she says. “So that’s $17. And that doesn’t even include the card.”

What’s more, dynamic CVVs could also create a revenue opportunity. Société Générale charges customers a subscription fee of $1 per month for the cards. The bank saw a more than 5 percent increase in new customers and increased revenue, according to Heinze.

Still, some are skeptical of how well a paid, consumer-based model would fare in the U.S. market.

“The U.S. rejected EMV because it was so expensive to do. It was potentially spending $2 billion to save $1 billion, and that’s what you have to look at with the use case of these [dynamic CVV] cards,” says Brian Riley, director of credit advisory service for Mercator Advisory Group. “If it tends to be so expensive I might want to selectively do it with some good customers, but for the mass market there’s just not a payback.”

Still, dynamic CVVs are an interesting solution to the big, expensive problem of card-not-present fraud. While some institutions may wait until another card mandate hits, adopting dynamic CVV now could be a profitable differentiator for tech-forward banks.

Potential Technology Partners

IDEMIA

Idemia’s Motion Code technology powers cards for Société Générale and is being piloted by PNC and WorldPay.

GEMALTO

Gemalto’s Dynamic Code Card hasn’t been publicly linked to any bank or issuer names, but the company cites its own 2015 Consumer Research Project for some impressive statistics on customer demand for dynamic CVV cards.

SUREPASS ID

SurePass ID offers a Dynamic Card Security Code. The company’s founder, Mark Poidomani, is listed as the inventor of several payment-related patents.

FITEQ

FiTeq’s dynamic CVV requires cardholders to push a button to generate a new CVV code.

VISA AND MASTERCARD

Visa and Mastercard are leveraging dynamic CVV codes in their contactless cards

Learn more about the technology providers in this piece by accessing their profiles in Bank Director’s FinXTech Connectplatform.

How Innovative Banks are Eliminating Online Card Fraud


technology-5-8-19.pngCard fraud has a new home. Just a few years after the prolonged and pricey switch to EMV chip cards, fraud has migrated from purchases where the card is physically swiped to transactions where the card is not present. The shift means that U.S. banks might be on the cusp of yet another move in card technology.

EMV chips were so successful in curbing cases of fraud where the card was swiped that fraud evolved. Fraud is 81 percent more likely to occur today in “card-not-present” transactions that take place over the phone or internet rather than it is at the point of sale, according to the 2018 Identity Fraud Study by Javelin Research.

Technology has evolved to combat this theft. One new solution is to equip cards with dynamic card verification values, or CVVs. Cards with dynamic CVVs will periodically change the 3-digit code on the back of a credit or debit card, rendering stolen credentials obsolete within a short window of time. Most cards with dynamic codes automatically change after a set period of time—as often as every 20 minutes. The cards are powered by batteries that have a 3- to 4-year lifespan that coincides with the reissuance of a new card.

Several countries including France, China and Mexico have already begun adopting the technology, but the rollout in the United States has been more limited. The new Apple Card, issued by Goldman Sachs Group, boasts dynamic CVV as a key security feature. PNC Financial Services Group also launched a pilot program with Motion Code cards in late 2018.

Bankers who remember the shift to EMV might cringe at the thought of adopting another new card technology. But dynamic CVVs are different because they do not require merchants to adopt any new processes and do not create extra work for customers.

But one challenge with these more-secure cards will be their cost. A plastic card without an EMV chip cost about 39 cents. That cost rose to $2 to $3 a card with EMV. A card with the capability for a dynamic CVV could cost 5 times as much, averaging $12 to $15.

But advocates of the technology claim the benefits of eliminating card-not-present fraud more than covers the costs and could even increase revenue. French retail bank Société Générale S.A. worked with IDEMIA, formerly Oberthur Technologies, to offer cards with dynamic CVVs in fall 2016. The cards required no change in customers’ habits, which helped with their adoption, says Julien Claudon, head of card and digital services at Société Générale.

“Our customers appreciate the product and we’ve succeeded in selling it to customers because it’s easy to use.”

He adds that card-not-present fraud among bank customers using the card is “down to almost zero.”

Eliminating card-not-present fraud can also eliminate the ancillary costs of fraud, says Megan Heinze, senior vice president for financial institutions activities in North America at IDEMIA. She says card fraud is estimated to cost banks up to $25 billion by 2020.

“A lot of prime customers ask for the card the next day. The issuer then has to get the card developed—sending a file out that has to be printed—and then it’s FedExed. The average FedEx cost is around $10. The call to the call center [costs] around $7.50,” she says. “So that’s $17. And that doesn’t even include the card.”

What’s more, dynamic CVVs could also create a revenue opportunity. Société Générale charges customers a subscription fee of $1 per month for the cards. The bank saw a more than 5 percent increase in new customers and increased revenue, according to Heinze.

Still, some are skeptical of how well a paid, consumer-based model would fare in the U.S. market.

“The U.S. rejected EMV because it was so expensive to do. It was potentially spending $2 billion to save $1 billion, and that’s what you have to look at with the use case of these [dynamic CVV] cards,” says Brian Riley, director of credit advisory service for Mercator Advisory Group. “If it tends to be so expensive I might want to selectively do it with some good customers, but for the mass market there’s just not a payback.”

Still, dynamic CVVs are an interesting solution to the big, expensive problem of card-not-present fraud. While some institutions may wait until another card mandate hits, adopting dynamic CVV now could be a profitable differentiator for tech-forward banks.

Potential Technology Partners

IDEMIA

Idemia’s Motion Code technology powers cards for Société Générale and is being piloted by PNC and WorldPay.

Gemalto

Gemalto’s Dynamic Code Card hasn’t been publicly linked to any bank or issuer names, but the company cites its own 2015 Consumer Research Project for some impressive statistics on customer demand for dynamic CVV cards.

SurePass ID

SurePass ID offers a Dynamic Card Security Code. The company’s founder, Mark Poidomani, is listed as the inventor of several payment-related patents.

FiTeq

FiTeq’s dynamic CVV requires cardholders to push a button to generate a new CVV code.

Visa and Mastercard

Visa and Mastercard are leveraging dynamic CVV codes in their contactless cards

Learn more about the technology providers in this piece by accessing their profiles in Bank Director’s FinXTech Connect platform.

Is Amazon Go Safe from Mobile Fraud?


mobile-fraud.png

With the introduction of Amazon’s new brick and mortar grocery store, Amazon Go, standing in line to pay at the cashier is a thing of the past. At Amazon Go stores, the customer’s mobile phone detects what items they have placed in their basket, and simply bills their account when they exit the store using a sensor. This is a massive shift in the way commerce is experienced. Despite the novelty in innovation, with the prevalence of identity theft, mobile fraud and credit card phishing, Amazon Go needs to provide consumers the assurance that this new, innovative payment experience is safe and secure.

Here’s how the new Amazon Go stores could impact the security of credit cards in existing Amazon accounts, as well as the potential impact of “invisible payments” on the banking industry, and what Amazon Go will likely do to enhance fraud prevention and mobile payment security.

Securing Existing Amazon Accounts
If you look at the total number of existing Amazon users, the platform has roughly 1 billion total credit cards on file. That’s a potentially huge security concern for Amazon Go, since fraudsters will likely try to phish those accounts. Those seeking to commit fraud in an Amazon Go store are more likely to sign up for a new Amazon account with a stolen credit card, since it is easier than penetrating Amazon’s existing security network. Rodger Desai, CEO of Payfone, illustrates this point:

“Whenever you buy something online, merchants and their processors look at where you’re sending the goods. When fraudsters change the “Ship To” from the address your bank has on file, it’s a clear signal that something may be amiss and requires further vetting. With Amazon Go, those traditional warning signals go out the window. So I can just login as “you,” walk out with stuff, and bill it to you. I think it further exacerbates a very weak identity authentication system. This is true for omni-commerce in general. Buying online and picking up in-store has the same new vulnerabilities.”

Amazon Go will need to utilize various methods to prevent mobile fraud. Technologies are being developed that analyze how people walk and hold their phone as they move in and out of the payment gate. After establishing a baseline for each customer, the software can then spot potential abnormalities as people exit the store and alert as potential fraud.

The Future of Invisible Payments
Amazon Go is attempting to set a standard for invisible payments that could then be applied to different industries and scenarios. What banks need to recognize is that there’s an underserved demographic of people for whom every second of the day is precious. A parent who would rather spend time with their children than wait in a grocery line, or a student who could squeeze in a visit to the gym if they didn’t spend so much time shopping. While the internet saves consumers money by giving them access to price comparisons, invisible payments (like the Amazon Go model) via mobile save people time.

It’s worth noting that invisible payment adoption probably won’t be equally distributed across the board; the older generation might not see that much use for it and prefer the perceived security of paying at the cashier. It is the younger demographic, and on-the-go professionals, who will be the most impacted by invisible payment technology moving forward. The key, Desai emphasizes, is establishing trust with the consumer and being “very conscious of how you’re supporting them” despite the risk that can accompany this payment experience.

Fraud Prevention & Mobile Security
A major security issue will be the provisioning of new accounts, where people might purchase a stolen credit card number on a black market website, then set up a new Amazon Go account on a burner phone to make purchases.

It remains to be seen how Amazon Go will cope specifically with this challenge, but there is an opportunity for banks and fintech companies to play a role in both identity fraud and mobile intelligence. Purchases made on phone numbers and/or devices that have only existed for a couple of days might trigger a fraud alert, for instance. It will be this familiarity with consumer purchase tendencies, and established track records with phone numbers and devices, that Amazon Go will likely use to detect fraud. At the end of the day, verifying mobile identity will be the critical authentication factor for Amazon Go.

A Quicker Way to Get Debit and Credit Cards to Your Customers


credit-cards-11-30-16.pngAs consumers continue to embrace online and mobile banking channels, financial institutions are reevaluating the branch’s role in modern banking. Historically, branches have served at the forefront of the financial institution and customer relationship. Even though digital account solutions provide new levels of convenience and flexibility, the branch remains a vital channel facilitating interpersonal interactions between financial institution and customer, and fosters greater in-depth communication between the two.

Instant issuance is establishing itself as a proven program to attract more customers to the branch. Instant issuance systems allow financial institutions to print credit and debit cards on-demand inside the branch, for new customers or when an existing customer needs a replacement card. When branches enable on-demand printing of credit and debit cards, both issuers and customers win. Banks that take the additional step in providing permanent payment cards on the spot realize a much stronger return on investment in terms of customer acquisition, satisfaction and loyalty.

New programs, like instant issuance, draw customers, especially millennials, because it reduces the wait time in receiving access to their funds. Contrary to common perception, cash is a large draw for millennials. According to a GoBanking Rates survey released in 2016, 60 percent of millennials still prefer to be paid in cash, which means the millennial reliance on debit cards will remain strong, presenting a natural opportunity to actively engage millennials more effectively in their branches.

While millennials may appear to operate much differently than prior generations, their core expectations are much the same. They seek convenience and want their financial institutions to provide new and innovative technologies that keep pace with the technologically driven world in which they live.

In today’s world, where bank customers are subject to card data breaches with alarming regularity, protecting customer data is paramount to the success of any financial institution initiative. Instant issuance provides an opportunity for financial institutions to lead the conversation around EMV® integration and security. EMV provides heightened security by embedding microprocessors inside debit and credit cards, replacing the magnetic stripe card.

Financial institutions that implement scalable, cost-effective solutions that are EMV-enabled are better able to educate customers on changes to the transaction process. As EMV adoption has been a source of uncertainty and concern for financial institutions, retailers and consumers alike, instant issuance provides a convenient method for providing much-needed knowledge around the shift.

Instant issuance proves to be a secure and affordable way for financial institutions to realize the value of their branch investment. By drawing customers into the branch and getting credit and debit cards to market quicker, issuers are keeping payment cards top-of-wallet and increasing interchange revenue.

As the branch continues to reassert itself as a strategically important banking channel, financial institutions that leverage instant issuance as a strategic differentiator and recognize its role in driving customer activity within their branches will be better positioned to exceed customer expectations.

To learn more about millennial payment trends, download the whitepaper, “What Small-to-Midsize Financial Institutions Can Learn From Millennials.”

EMV® is a registered trademark or trademark of EMVCo LLC in the United States and other countries.

Real Time Payments and the Untapped Opportunity of Corporate Credit Cards


credit-cards-11-7-16.pngCorporate credit cards are already a great source of revenue for banks. And there’s a lot of room for growth, both in terms of interchange revenue and value that banks can provide to their business customers. If banks look at how their customers currently use corporate credit cards, they’ll find an untapped opportunity to expand their usage.

Using corporate credit cards for accounts payable (AP) has obvious benefits: Businesses can time their payments to vendors more precisely, take advantage of the working capital extension available through their credit line, and benefit from rewards and cash back programs. In addition, compared to checks—the most common way in which businesses make AP payments—credit cards have very low occurrences of fraud.

The use of corporate credit cards in AP should be an integral part of a business’s cash management strategy, but it is not. MineralTree recently conducted a survey to assess the current state of corporate credit card use in the accounts payable function and uncover reasons why more AP spend is not being moved to corporate cards. You can read the full survey report here.

Key Survey Findings
Over a two-week period in late summer 2016, almost 200 finance and AP professionals completed an online survey exploring the state of credit cards in their business. Some of the most significant findings of the report include:

  • More than one-third of respondents are not using corporate cards for vendor payments.
  • The reasons businesses give for not moving more AP spend to commercial credit cards is varied and plagued with misconceptions.
  • Impacting the bottom line is the number one benefit cited by respondents for moving more spend onto commercial credit cards.

The Shift in Accounts Payable
To truly understand the state of credit card use in AP, respondents were asked which types of payments were made on their corporate credit cards: travel and expense payments, vendor payments (AP), or both. Only 50 percent of respondents use cards for both. More than one-third of respondents only use their cards for travel and expenses.

The chart below shows the number of vendor payments made by businesses who exclusively use their card for travel and expenses. About 80 percent of respondents make 50 or more vendor payments every month. Businesses who make more than 50 payments per month can strongly benefit from AP and payment automation and the ability to easily pay their vendors with credit cards.

For those businesses already using cards, adding AP spend onto cards is relatively simple. Finance policies are in place and department heads know the process for submitting and recording expenses.

These businesses can easily expand their policy to include vendor payments and improve their AP process at the same time. Ultimately, this will increase the “card-able spend” and the finance team will add additional value to the business by bringing in significant rebates. At a modest 1 percent cash back, companies earn $10,000 for every $1 million in card spend. Banks should recognize this as a significant opportunity and start marketing cards for AP purposes. Offering complete, packaged cash management solutions that solve problems as business clients see them will encourage them to move AP spend onto cards. The banks who do this early will find an untapped opportunity for new revenue through merchant fees and use of the card’s credit line.

Becoming an Apple Pay Bank: Should You Do It?


1-30-15-Emily.pngThe leadership team at Fremont Bank, based in Fremont, California, tries to stay on top of financial technology. “We’re directly across from the Silicon Valley,” says Chris Olson, Fremont’s chief operations and enterprise risk officer. Apple Inc. is headquartered just half an hour away in nearby Cupertino, so adoption of Apple products in the San Francisco Bay Area is high, he says. When the bank’s payment processor, Atlanta, Georgia-based First Data Corp., demonstrated Apple Pay to bankers in November 2014, Olson put in Fremont Bank’s application right away. The next month, the $2.7-billion asset bank became the 23rd financial institution to partner with Apple Pay.

Apple Pay launched in October 2014, but its market is limited, for now. It can only be used by iPhone 6 users within retail stores, and within apps for the iPhone 6, iPad Air 2 and iPad mini 3. The process is relatively painless: Consumers add their credit cards to Apple’s Passbook, which stores digital documents like tickets and boarding passes. To pay within a store, the customer holds the iPhone near the retailer’s point-of-sale terminal and authorizes the sale with a secure fingerprint biometric. Apple Pay users surveyed by market research firm Infoscout in December 2014 found paying the Apple way to be more convenient, faster and more secure than swiping a credit card.

As of January 20, 2015, only 54 financial institutions were listed by Apple as participating issuers, representing less than 0.5 percent of the banks and credit unions in the U.S. but 90 percent of credit card purchase volume, according to Apple. In other words, the biggest credit card issuers have signed on. More institutions are expected to follow.

The Apple Pay platform builds on tokenization, which essentially replaces a customer’s credit card number with a more secure identification. Banks and retailers have been working toward this as the industry shifts to EMV standards to address cybercrime. The adoption of Apple Pay at $118-billion asset Regions Financial Corp. was due in part to this shift. “To be able to put tokenized transactions in place in a digital wallet, [Apple Pay] aligns underneath our EMV strategy,” says Tom Brooks, head of retail products at Regions.

Payment processors play a key role in making Apple Pay a reality for community banks. First Data takes partner institutions through the process, working with Apple and other key players—Mastercard, VISA or American Express have to create the tokens for the bank—and reviewing the institution’s policies and parameters for transaction approval, says Stephen Hug, vice president of product management for First Data.

First Data’s role as a facilitator contributed to the speed with which Fremont Bank was able to partner with Apple Pay. For a bank going it alone, “that process will take six months. It took us six weeks,” says Olson.

Will Apple Pay result in a mutually beneficial relationship for the technology giant and its partner banks? Many big retailers are notably absent from Apple’s list of participating merchants, including Wal-Mart and Target Corp. Sporadic adoption by retailers coupled with a limited pool of iPhone 6 users means most consumers still haven’t caught on with Apple Pay. For banks with an expansive customer base or locations in tech-savvy markets, Apple Pay might make sense. At Regions, many customers already used their cards for their iTunes accounts, says Brooks. The Birmingham, Alabama-based bank has not disclosed how many of its customers use Apple Pay.

Fremont Bank’s location near a technology hub meant bank leadership was willing to bet that consumers in its market would be willing to adopt Apple Pay. But adoption has been low, just “a handful of actual transactions,” says Olson. “We’re just babes in the woods on this right now. We’re hoping to continue to talk to our customer base…and try to educate people on the benefits of using Apple Pay.”

Apple keeps a portion of the fee for both debit and credit card transactions, but declined to provide numbers for this story. Zilvinas Bareisis, senior analyst with research firm Celent, estimates those fees to be around 15 basis points for credit transactions and up to 3 cents per transaction for debit. Fremont Bank doesn’t issue credit cards—it partners with First National Bank of Omaha, expected to soon be an Apple Pay partner itself—and costs seem to be low. Fremont Bank paid First Data $5,000 up front to become an Apple Pay bank. Other fees, paid to First Data and Visa, are related to tokenization. Fremont Bank pays Apple half a penny per debit card transaction. Olson estimates that each debit card registered with Apple Pay costs the bank about 13 cents per month, but the bank does not pass those costs on to customers.

One thing’s clear: Banks can’t be on the fence about Apple Pay. If Apple Pay gains traction in the future, banks that are early adopters will likely become the default choice for consumers with multiple credit and debit cards, meaning a big bank credit card will likely trump small banks and their debit cards, if those cards are added to Apple Pay later. For Apple Pay to be successful for banks, it needs to drive more customers to the bank, and banks need to see more transaction volume to make up for the shift from a traditional credit card payment to Apple Pay. Without that increase in volume, income “just moves away from regular plastic cards to mobile and Apple Pay,” says Bareisis. “The bank loses out.”