11 months ago



MERCHANTS AND BILLING SERVICES PCM: What challenges do merchants managing subscription billing have that typical merchants don’t have to face? Roney: In general, merchants that provide subscription billing have to handle challenges like managing failed transactions, keeping customer payment details updated, upgrading and downgrading service packages, handling the combination of discounts of subscriptionbased programs with regular purchases from the same customer, and specially for merchants that operate over multiple locations with different currencies, managing exchange rates and applying the correct price. If those challenges by themselves were not enough, customer awareness on the importance of online security is constantly increasing. Therefore, whenever storing payment data from a customer, merchants need not only to comply with regulatory requirements, but most importantly, provide such assurance to the consumer as well. PCM: What are some interesting ways you have seen merchants overcome these challenges? Roney: The solutions for these challenges can be quite diverse, and they are facilitated by the flexibility that online environment offer. Sometimes, the solution for these issues can be even facilitated by services that are offered directly by the merchant’s payment service provider. Some payment service providers offer tokenization services that allow the merchant to replace the customer data (including card number) by a token. By having to store just this token, which is only useful and can only be processed by the payment service provider, the cybersecurity risks the merchant is subject to is significantly reduced. Another example of an interesting solution is the application of risk engines to determine whether or not a subscription service should be interrupted in case of a failed transactions. In case a credit card is “blocked” and replaced by a new one, the card on file information stored by the merchant will need to be updated. In case the consumer forgets to update this information the recurring payment will fail, what could lead to service interruption. As service interruption may lead the customer to question the continuation of the subscription, merchants are applying customer scoring techniques to choose whether or not allow the service continuation for a short timeframe to allow the customer to update the card details. PCM: How does EMVCo tokenisation being offered by the payment networks impact subscription billers? Roney: The service offered by the schemes can be really helpful to solve the problem I mentioned in the previous question, about outdated card on file details. Such services enable an issuing bank to inform that the original card number associated with a token needs to be updated. This can significantly reduce the amount of failed transactions due to outdated card on file information, as the tokenized information used for transaction initiation will no longer be linked to a blocked, cancelled or expired card. 8 EXPERT INTERVIEW

PCM: What are some of the new technologies you see coming up in the new year and how will they change the outlook for subscription billing merchants? Roney: There’s currently a lot going on in this space, but I believe it may be worth to mention two trends. The first one is 3D Secure 2.0. Although the first version of this protocol is usually associated with some criticism, this new version introduces new features like nonpayment use cases, which could be used for instance for authenticating card on file transactions or enabling card details to be used for future transactions. This authentication layer could represent less risk in this type of transactions which can potentially result in lower transaction fees. Next to that, the second trend is definitely the new possibilities introduced by PSD2 and the emerging payment initiation services. I expect that these services will pave the way for new methods of enabling subscription or recurring payments with increased customer authentication, oversight and management possibilities on its subscriptions. RONEY CASTRO Roney Castro is a Principal Consultant at UL’s Transaction Security division. He is responsible for knowledge development within the banking and payments domain and has extensive experience in Payments (EMV, Mobile and Cloud-Based) and Authentication and Identification related technologies such as Biometrics and secure documents. PCM: Are there any additional trends or themes you are seeing in subscription billing? Roney: Not directly related to subscription billing, but a trend that will impact this modality of payment is the growing number of connected smart devices and IoT. Merchants will need to be able to manage payments and orders that are triggered not necessarily involving a consumer action. For instance, smart devices that could detect products reaching their expiration could automatically trigger an order for new items. To manage this, merchants would need to enable a whole new set of features on the customer account level, and set new policies for consumer consent on such transactions. This is necessary as not only new challenges for subscription billing will be introduced, but also the challenges discussed in the previous questions will be amplified. UL TRANSACTION SECURITY DIVISION UL guides companies through the complex world of electronic transactions. UL is the global leader in safeguarding security, compliance, and global interoperability. Offering advice, training, compliance and interoperability services, security services, and UL Test Tools, during the full life cycle of your product development process or the implementation of new technologies. UL’s people proactively collaborate with industry players to define robust standards and policies. Bringing global expertise to your local needs. 9

PCM Vol.3 Issue 12
PCM Vol.3 Issue 11
PCM vol. 3 issue 10
PCM vol. 3 Issue 9
PCM vol. 3 Issue 8
PCM vol. 3 issue 7
Money 20/20 Europe_PCM
PCM vol. 3 issue 6
PCM vol. 3 issue 5
PCM vol. 3 issue 4
PCM - MRC Vegas 2017 Issue
PCM vol. 3 issue 3
PCM MPE 2017 Special
PCM vol. 3 issue 2
PCM vol. 3 issue 1
PCM Vol. 2 - Issue 11