Andrew Shikiar, Executive Director at the FIDO Alliance

The global pandemic has pushed the importance of remote access and authentication right up the agenda for many businesses. All those occasions where people would normally show up in person to open a bank account or pick-up some high street essentials were simply not possible for large parts of the year. Even as restrictions have eased across the country, these kinds of face-to-face transactions remain an unappealing prospect or a last-resort to many.

Not surprisingly, this has led to unprecedented demand for online and remote services. This brings with it a host of challenges and opportunities, and we have seen many examples of companies brilliantly adapting and reacting to this new way of life. But one issue that businesses and individuals have been grappling with for years – that of frictionless transactions and authentication – has now been put under a brighter spotlight as it is increasingly critical to get right.

Friction impacts the bottom line

The core challenge facing businesses is how to strike the right balance between giving customers the best possible experience of online service, and the necessary regulatory and security implications that directly affect – and often contradict – that ideal user experience.

We’ve all likely experienced the very real kinds of friction I’m talking about – it’s the account you gave up on registering for, or the purchase you abandoned because the process was just too frustrating.

Friction like this has direct bottom line impacts through the loss of sales and/or disaffected customers –  and it is substantially more pronounced in the current climate. People have less money to spend, they are spending a greater proportion of this reduced pot online, and businesses are competing for their livelihoods to claim their share. Providing a frictionless experience can be the difference between success and failure.

Banking and retail lose out

Nowhere is this problem more keenly felt than in the retail and banking industries. Countless transactions simply don’t happen each year due to issues with passwords or mobile One Time Passwords (OTPs) at the point of signing-up or checking-out.

Data from Statista shows that 69.57% of digital shopping carts and baskets are abandoned and the purchase not completed. And Mastercard’s analysis estimates that up to 20% of mobile e-commerce transactions are abandoned or otherwise fail (e.g., from undelivered SMS OTPs) mid-way.

In addition, independent web usability research institute Baynard found that one out of five consumers abandoned their online shopping carts citing the checkout process as “too long and complicated”. That means 20% of customers taking their custom elsewhere, likely to a competitor, because the process presented too much friction.

Passwords are a major part of the problem

Organisations have struggled to strike that balance between frictionless yet secure online log-ins in large part because of historical dependence on passwords – which simply aren’t fit for purpose in today’s online economy. Passwords were designed to be simple but, as we can all likely attest, they have become incredibly cumbersome and difficult to manage.

The demands placed on consumers to remember and keep track of the array of different passwords they need, and the different requirements of password complexity which varies from provider to provider, is proving to be untenable.

Not only are passwords a major cause of consumers giving up on purchases or preventing them from signing up for new services, but they also fail in delivering on their primary objective: to protect accounts and sensitive data. All too often the password has proven to be a single point of failure, and one that is all too easy for hackers and fraudsters to get hold of – a trend accelerated by the coronavirus pandemic.

Reducing friction

There has been a move toward developing and adopting open standards that enable any online service provider to authenticate users in a way that is both highly secure and almost completely frictionless – with all major platform and cloud service providers coalescing around a common approach.

It’s clear from the way consumers have embraced using their fingerprints and FaceID to unlock their devices that simple, natural gestures work – and that they are often preferred over using a password. By adopting the latest authentication standards, organisations can enable their customers to use these same easy gestures on their every-day devices to prove their identity and approve even the most sensitive of transactions.

The standards also improve security by moving away from the traditional model where your password or similar piece of ‘secret’ information is stored on a server, to one where credentials are stored on an individual’s device. This means they cannot be phished or divulged through other means of social engineering, while also inherently stopping the large-scale breaches that impact millions or billions of users in one go.

Due to these developments, the kind of poor user experience that leads to abandoned shopping carts and lost customers during the sign-up process is completely avoidable. There is now nothing stopping banks, retailers, and a range of other businesses from offering a superior, and low-friction user experience while also maintaining the safety and integrity of the networked economy.

Simon Wilson, Co-Head, Payments at Icon Solutions

Standardisation, regulation and technological innovation means payments are well on the way to becoming instant, invisible and free. This is good news for everybody.

Well, not quite everybody. Banks are now faced with the significant challenge of transforming business models and legacy technology systems to meet the demands of a new era in payments.

Banking is historically a conservative and risk-averse industry where the pace of change varies between sedate and glacial. But now is not the time to ‘wait and see’ and finding the right approach to payments transformation must be the immediate and fundamental priority for banks.

Understanding the need to transform

Firstly, we must ask: Why has payments transformation become an urgent priority?

For one thing, increased competition has seen banks’ market share of the global banking and payments industry reduce from 96% in 2010 to 72% today. Fintechs, challengers, payments companies and big tech have entered the playground and started taking banks’ lunch money, demonstrating a level of innovation and agility that incumbent banks are struggling to keep up with.

And of course, there is Covid-19. We have seen years, if not decades, of change in a matter of months. The crisis has torpedoed traditional and reliable revenue streams such as cross-border payments to accelerate margin pressure, while driving a rapid shift to online banking channels and a massive uplift in digital volumes.

Simon Wilson

Breaking the shackles

In the context of increased competition and unprecedented digitalisation, the banking industry is waking up to the fact that payments are about adding value, not just processing. There is increasing recognition that capitalising on the potential of emerging payment rails, monetising the standardised datasets unlocked by ISO 20022 and launching new external services are huge opportunities to diversify and retain relevance. The introduction of overlay services such as Request to Pay or the European Payments Initiative are also poised to spur on the move to digital payments.

Decades of inaction on legacy infrastructure, however, is limiting options. Banks across the globe find themselves lumbered with expensive, inflexible and unreliable technology estates. The ability to respond to marketplace innovation, let alone lead it, is constrained by the need to devote massive amounts of cash, time and ever-dwindling internal resource to simply keep the lights on.

It is apparent that doing nothing is no longer an option, but transformation is a nebulous concept. There is no one single way to effectively transform. Different organisations have unique considerations based on their technology, capabilities, resource and culture, and there are various routes to take.

‘Don’t outsource your heart, your soul…and your spinal cord’

One option is to make payments someone else’s problem and outsource them. This can be an appealing proposition to get a seemingly perennial cost centre off the books, particularly in the current climate. But speaking at Sibos, J.P. Morgan CEO Jamie Dimon cautioned against the risk of inadvertently “outsourcing your heart, your soul and your spinal cord.”

For it is true that payments are the beating heart and soul of an organisation. Payments represent 80% of all interactions, providing critical customer touchpoints, data and service opportunities. As for the spinal cord, not much can happen when mission-critical payment systems go down.

The big problem, as Dimon notes, is that a lot of companies who have outsourced “have no idea what they are doing.”

Banks can find themselves stuck with equally costly, complex and cumbersome alternatives, falling even further behind the innovation curve and losing control in the process. “You end up paying too much money and then you’re beholden to costs that are going up.” But most importantly, “you’re not even doing a better job serving your client.”  Outsourcing a commodity execution service may well be the right strategic approach for some, but you need to ensure you have the other pieces of the payment process running smoothly and that you really are not leaving money on the table or  developing risk longer term by constraining future choice.

Still, the alternative is not necessarily better. Modernisation needs to happen now, so it is not surprising that enthusiasm for years-long, ruinously expensive and inherently risky in-house transformation projects has dimmed somewhat.

Best of both worlds

Yet it is wrong to say that the only choice is buy or build. There is a middle-ground. A collaborative approach to payments transformation that allows banks to move quickly to seize opportunities, while retaining control, significantly reducing costs and adding value.

This begins with banks understanding their starting point, defining a crystal-clear strategic vision for the role that payments play within the organisation and identifying market opportunities. Indeed, as McKinsey notes, “success for banks will depend on thoughtfully assessing capabilities [and] determining the role of payments in market strategies.”

Banks should then consider low-risk and lightweight options for upgrading legacy infrastructure to meet their strategic objectives, while minimising business impact. Payment platforms based on Cloud-native, open source technology promote flexibility, scalability and independence, rather than restrictive and expensive vendor dependencies.

Collaboration also plays a critical role. Finding the right fintech and service provider partners can allow banks to simplify complexity, reduce manual heavy-lifting and lower their cost base, driving efficiencies that enable resource to be focused on delivering for customers. As Dimon explains, “If I can’t build it better than you can, I’m better off just using yours.”

This combination of strategy, enabling technologies and true collaboration provides a foundation for innovation. It can help drive new revenues, further develop existing business lines and, by moving payments from cost to profit centre, help banks thrive rather than survive.