MaxPay's Alexandr Mikhailenko unpacks some of the dominant themes for payment processing including rising fraud and BNPL.
Payment processing is complicated, yet rewarding. And experienced merchants have grown accustomed to the ever-changing finance industry and its requirements. 2022 won’t be an exception in this regard, as new challenges await.
But forewarned is forearmed, so our team of experts at Maxpay put down a list of the most high-priority issues businesses can face in payment processing this year, particularly in Europe.
BINs getting longer
The Bank Identification Number is the first six digits of a card number used to determine the financial institution that issued it. Well, some major changes are about to occur: Mastercard and Visa need to comply with ISO/IEC 7812-1, Identification cards – Identification of issuers – Part 1: Numbering system and set the BINs to be eight digits long starting April 1, 2022. The old six-digit-long BINs will function as well.
Doesn’t seem like a big deal at first, but some companies participating in payment processing need to be aware of changes, especially if they manage the transaction routing or use services of third-party providers. After all, BIN usually is a part of such operations as transaction processing, fraud detection, chargebacks, reporting, and other merchant services.
How to prepare for the change
Contact your acquirer or a payment service provider. Find out if they are ready for the new standard implementation. And, moreover, if they have the necessary tools for supporting both six- and eight-digit long BINs.
Fraud risks and chargebacks aren’t going away
The issue is always prevalent for merchants. Especially since the spike in e-commerce operations due to lockdowns. More people went shopping online, and fraudsters followed. The trend hasn’t changed in 2022: fraudulent transactions occur as scammers use people in vulnerable settings created by the pandemic. And customers themselves cancel purchases and request chargebacks - uneasy times raise doubts.
What can merchants do?
Acquirers and fintechs come up with new tools to reduce risks and fraud, as the problem remains timely. Contact your financial provider to find out which anti-fraud/chargeback tools it offers.
One of such recent relevant products is Verifi’s Rapid Dispute Resolution. The solution allows issuing automatic refunds to certain clients, so they don’t request chargebacks. Merchants themselves decide, which categories of customers to include in the automatic refunds list, set the main preconditions for that. The RDR simplifies payment processing for many companies - can confirm, as we provide this service on our platform, along with other time-proved anti-fraud solutions.
Сharges for transaction reattempts
Visa and Mastercard are grouping the main decline response codes. It presents additional risks for merchants - a company may be charged if it reattempts transactions declined for certain reasons. If automated, repeated payment attempts can be extremely costly. Meaning it’s another metric merchants need to track when it comes to payment processing.
In response to the new challenges, some payment systems developed the tools to shield merchants from the fees. Maxpay uses the Covery anti-fraud platform for this purpose. Covery detects possible charges for the transaction reattempt and prevents a business from undertaking it.
Maxpay itself can recognize and detect such response codes and provide merchants with our response codes, using which they can make decisions and improve on their strategies for this issue.
With instruments like this, the reattempt limits problem will disappear, and we highly recommend finding an online merchant account that provides such services.
The new PCI DSS version is upon us
The PCI DSS is something you have to abide by if you take part in card data storage and/or processing. The PCI DSS v3.2.1 has been around since 2019, but the 4.0 version is to appear in the first quarter of 2022.
For now, the complete list of requirements for its implementation is unknown, but some changes will definitely occur. It is expected that the new version will require entities that deal with card data to implement the necessary security tools for serverless and cloud storage. The card encryption requirements are also likely to be strengthened.
What does it mean to merchants?
Of course, there will be a transition period for setting up all the necessary changes, but the PCI DSS v 4.0. is something you better be prepared for in advance. Carefully assess if your company is ready for the expected requirement changes, consult your risk analysts, make sure your financial provider is getting ready as well. We at Maxpay, for instance, not only keep up with the latest PCI DSS requirements but help clients in achieving them as well.
Buy now, pay later on the rise
Buy now, pay later is one of the payment methods that has been around for some time, but the pandemic boosted its usage. BNPL, for one, offers customers alluring payment conditions, and others use it due to lack of money, or as an alternative to a credit card.
But for companies that deal with payment processing, there might be issues. First of all, you need to find a reliable provider of such a payment method and get through the installation process. And, what’s more important, Europe and other countries are planning on getting BNPL payments under tighter legislative control. The move is fueled by some clients getting into debt because of said payment method. Dealing with new regulations is always resource- and time-consuming.
What to keep in mind
Buy now, pay later is a promising payment option, but merchants should also keep in mind the risks it can bring from the regulation standpoint. For now, we advise you to evaluate the markets you work with - is it worth implementing the BNPL for your company now, and if your financial provider offers such an option.
The continuing PSD2 adoption and 3DS 2.2
The implementation of the Revised Payment Services Directive has been going on for some time, bringing much-needed digitalization to European financial services. But at the same time, many adjustments had to be made.
For some merchants, the 3D secure adoption created issues. According to Forter, in some European countries, the transaction abandonment rate due to 3D Secure reaches 15 to 20%, and up to 22-25% of transactions do not pass subsequent 3D Secure authentication.
How can you improve the situation?
The 3D secure version 2.2 is much more user-friendly, compared to previous versions of the protocol. The downside is that your bank/PSP should be able to provide this version of a protocol.
For one, the 3D secure 2.2 offers:
• All the benefits of the previous versions and compliance with the EU directive PSD2.
• Whitelisting. The ability for the client to add an online store or other company they send money to the list of trusted ones on the issuer's side.
• The decoupled authentication feature, meaning that clients verify the transaction via other channels they find more convenient, rather than the merchant's website/app.
• Delegated authentication features, which allows third-party providers to perform authentication on their part, simplifying the process.
These should significantly improve the customer experience and reduce the percentage of cart abandonments at the check-up. At the end of the day, the PSD2 is mandatory for European ecommerce businesses, and the best possible option to ease the adoption process is choosing the most up-to-date solutions for it.
The views and opinions expressed are not necessarily those of AltFi.