The payments industry has entered a period of rapid change, driven by the rise of mobile commerce, new acceptance models, and the growing shift toward digital transactions. As merchants embrace innovations such as smartphone-based payment acceptance and card-not-present commerce, financial institutions and payment providers are being forced to rethink how they identify, monitor, and mitigate fraud. These changes have elevated payment risk management from a back-office function to a strategic priority across the acquiring ecosystem.
At the same time, fraudsters continue to adapt their tactics, targeting emerging payment channels and exploiting weaknesses wherever they arise. From mobile card acceptance solutions to the continued growth of online transactions, merchant acquirers must balance innovation with security. Effective payment risk management has become essential not only for preventing fraud losses but also for enabling the next generation of payment experiences while maintaining trust among merchants, consumers, and financial institutions.
Over the last two weeks, I’ve discussed trends affecting the merchant acquiring space that will serve as the core topics, among others, for Mercator’s merchant acquiring research for the year.
In the first post I introduced the series and discussed issues related to mobility that are impacting merchant acquirers. In the second post, I discussed multichannel merchant services and how payment-service providers are scrambling to meet demands in this growing segment.
This week, I look at the third major theme currently at play in merchant acquiring that also touches upon mobility.
Risk Management
The influx of mobile card acceptance solutions has had an effect on the way merchant acquirers manage risk. Devices that convert smartphones to payment terminals have effectively entered the nonbusiness marketplace, enabling private individuals to be card payment acceptors. The aggregators and ISOs that support these solutions typically operate as the merchant of record. As such, the job of risk management-especially when the solution provider is a start-up from outside the stable of experienced payments industry players-is increasingly an upstream activity. For instance, not only is Square required to do extensive monitoring and due diligence on its users, but Chase Paymentech as the acquirer of record also watches Square’s activity with great scrutiny.
The barriers to adoption of mobile card acceptance solutions are relatively slight compared to the complexity merchants can encounter when signing with an acquirer for a traditional merchant account. As more acquirers bring mobile solutions to market or support upstart partners, risk management systems and procedures will need to be assessed and tuned to analyze these new types of card acceptance behavior.
Mobility is not the only market trend affecting acquirer risk management. The spread of EMV and other dynamic authentication methods at points of sale around the world is pushing fraudsters more and more into card-not-present channels. Merchant acquirers and their merchant clients are most exposed to fraud on CNP transactions. Since fraudsters are migrating to the channel of least resistance in the face of EMV, CNP acquirers will need to ensure that risk management systems are up to the task.
It’s no accident that my post about the third trend for acquirers to watch in 2012 coincides with the launch of Mercator’s newest advisory service: Fraud, Risk & Analytics. I’m working on this service as the lead analyst. I’d love to hear from this site’s readers about their current activities in the risk management and data analytics realm as my colleagues and me build our new practice.
