Visa Europe Reexamines Card-Not-Present Risk as Mobile Matures

Register now

Mobile commerce is blurring the lines between card-present and card-not-present transactions, possibly even making the distinction—and the difference in pricing—irrelevant.

In a world dominated by consumers carrying smartphones with access to a variety of native apps with payment capability, just because a consumer doesn't transact at the actual point of sale terminal, doesn't mean they aren't present.

For instance, Jonathan Vaux, executive director of Visa Europe, purchases movie tickets on his phone if he goes to the theatre and there's a line at the cash register. This transaction would be categorized card-not-present since it's done on a mobile device, and the merchant would pay higher fees.

Differentiating between card-present and card-not-present, face-to-face versus virtual "is just looking at the payment at that point of time, but most of these journeys are way more complex," Vaux said.

"Our definition of card-present and card-not-present will need to be looked at; the total cost of those transactions will be very different over time," Vaux said.

Today, a merchant might pay 1% on an in-person transaction and 3% to 3.5% for an online purchase. But these specifications may soon shift to a model that examines whether the cardholder, rather than the card, is present at the time of purchase, said Dave Birch, director at U.K.-based Consult Hyperion.

The decision will mostly come down to how much confidence the merchant, bank and card scheme has in the shopper's identity, said Vaux. And that hinges on authentication, which puts Apple Pay in a great position, since the mobile payment system requires Apple's Touch ID fingerprint sensor for authentication before a purchase.

Geolocation will also become a bigger part of mitigating fraudulent payments.

"The trend to increasingly shop online on a mobile device enables far more initiatives to help all parties be more assured as to the origin and likely the authenticity of the person doing the transaction," said David Poole, business development director at myPINpad, a company that allows merchants to collect and manage PIN codes on a mobile device for authentication. A merchant using myPINpad's service might ask consumers initiating large purchases to further authenticate themselves by typing a PIN into their mobile device.

The number of merchants developing mobile applications that store payment credentials so merchants can pull money from a consumer's card or bank account is only increasing. This gives the customer a more streamlined experience, one where the payment is nearly invisible (think Uber).

"The reason you have card-on-file at the moment is effectively a hack," said Birch. Merchants, especially those that sell subscriptions, didn't want to ask the customer to log in to re-enter payment details every month. But with the rash of security breaches in recent years, more merchants would prefer not to store payment information.

Birch sees a future where all payments are cardholder-present through a move to push transactions. Instead of merchants, such as a gym or cable provider, pulling money from a card on file at the beginning of the month, they'll send a notification to a customer's mobile device telling them it's time to pay. The customer will then authenticate to their device, likely through some kind of biometric identifier, and then click OK to push the transaction.

And because the likelihood of fraud in that scenario is low, the merchant fees for that transaction will also decrease, Birch said.

But fraud risk isn't the only reason card-not-present transactions have historically been priced higher, said Vaux. Differences in processing costs, exception handling and chargeback and investigation costs have also added to the higher rate, he said.

"As more security gets added to cardholder-not-present transactions, the price differential will shrink," Birch said. In the interim, though, Birch predicts the fees for card-not-present transactions that have enhanced security around them, such as Apple Pay, will drop nearer to the levels of card-present transactions.

And even further into the future, "the cardholder-present rate will be lower than the card-present rate … because there's less chance of fraud," Birch predicts.

For reprint and licensing requests for this article, click here.
Technology Mobile payments Data security Analytics