Open tech's needed to make digital payments 'open for business'
One of the defining features of the fintech revolution is the need for immediacy. With the cross-industry transition towards offering a wider range of payment options, more companies are realizing omnichannel payment technologies provide a competitive edge.
Overall, fintech is seriously booming. PwC research recently found 82% of financial services companies expect to increase partnerships in the next five years. The same report also identified consumer banking and fund transfers/payments as the two areas most likely to see the biggest fintech disruption.
This is reflected in how providers integrate new payment options. They want a clean and quick integration within their existing system, and open application programming interfaces provide the answer. There are now payment solutions with open APIs that allow both established organizations and startups to more easily evolve their existing business models. Organizations can springboard their services by offering the innovative payment tools they need to establish new ways of doing business.
These payment solutions are feature rich, with APIs allowing businesses in every market, such as health care providers, property management companies, credit unions and accounts receivable providers to enable their customers to make payments online, quickly extend their own payment functionality and roll out new features with minimal effort.
Simplified integration means businesses can adopt technology which provides them with a greater variety and flexibility of payment solutions — such as payment portals and gateways, negotiators, interactive voice response systems and virtual terminals. Open APIs allow these different payment services to be seamlessly integrated into an organization’s existing platform so customers get the same user experience across multiple payment channels. These solutions can be quickly adopted within existing payment systems, as well as easily customized for mobile enablement.
With new payment technology comes new compliance requirements. Regtech often carries the tagline "the new fintech," but it is more a progression of the fintech industry — where regulation must keep pace with the immediacy created by new payment technologies. Deloitte defines regtech as technology that seeks to provide “nimble, configurable, easy to integrate, reliable, secure and cost-effective regulatory solutions.”
With financial institutions grappling with an alphabet soup of compliance requirements — PCI, SSAE-16, HIPAA to name a few — technology can provide guidance through difficult regulatory waters. There are many high-profile cases involving serious litigation for noncompliance, and payment data is some of the most sensitive information a company can hold on file.
Payment partners should be able to support customers in two key ways: With compliance education tools, knowledge and advice; and by offering payment technology integrations with "built-in" compliance, i.e., technology designed to meet industry regulations by a certified partner.
Alongside new payment technology and regulatory concerns, organizations must also manage the risk of cyberattacks. The financial services sector naturally finds itself under close attention from hackers and fraudsters looking for financial gain — new technology means new digital avenues. Organizations are beginning to realize this. According to PwC cybersecurity spending increased 67% from 2013 to 2017.
In the same PwC research, the proliferation of open source technology meant that nearly half (48%) of financial services firms surveyed take advantage of open source software to develop IT services and enhance infrastructure scalability. It was even more eye-opening, however, to find that 45% of those who use open source technologies said it has improved their cybersecurity posture.
When partnering with a payment technology provider, as with compliance certification, organizations need to know customer information is kept safe from falling into the wrong hands. Tokenization is one component of securing payment methods and customer account information when processing via a gateway. Simply put, tokenization is the hashed storage of payment or account information. It is stored within a secure database outside a merchant’s network for use in reidentifying recurring or return customer payments — without the need to represent the card or account information.
New technologies will only continue to grow in popularity with consumers, which will open up new revenue opportunities for organizations receiving payments on a one-off or recurring basis. By leveraging open APIs from compliance certified providers with a proven cybersecurity record, organizations can begin to reap the benefits of the fintech revolution by integrating new services and payment options in a streamlined, but secure, way.