Managing the complexity of payments, customer experience and risk in the digital age

In the current always-on and globally connected digital environment, leveraging ‘big information’ to improve customer experience, at the same time as effectively managing business risk, sets many challenges. Nowadays, digital businesses have to solve a conundrum related to the consumers who transact in a fast moving “customer not present” environment; they have to balance a great customer experience whilst trying not to increase the risk and, as such, many will consider a number of measures, including:

• Time to make a decision because no business wants to keep a customer waiting - faster is better
• Requesting less data from a consumer than their competitors - to speed up the checkout process

The reality is that, for many use cases, it will reduce consumer experience. Self-imposed constraints and policies surrounding the belief that latency is the holy grail of customer experience can create a poorer experience in many cases. By collecting additional data, businesses can achieve more effective acceptance, whilst managing the growing threats from fraud and cybercrime. Without leveraging additional data, businesses are forcing themselves to make decisions based on incomplete, irrelevant or inaccurate data. So, what does this mean? In reality, it means three things:

• Genuine customers are increasingly declined
• Fraudsters find it easier to be successful as they need to provide less information
• In many cases, genuine customers are subject to further friction due to a subsequent step-up process adding tens of seconds.

Let us look back to when it all started and, logically, we think of cards, the primary payment vehicle for online transactions. We used to have to wait up to 30 seconds whilst a little sonar bar displayed the status and we’d think; “wow this is technology at work”. We accepted it as the norm, often using dial-up modems and driving from a desktop.

Today, we have multiple devices accessing services over superfast data connections everywhere. Being constantly connected is adding greater complexity to the decision-making process due to multiple devices and locations. In the new digital world, more data and insight are available and, as such, can be used in an effective and proportionate way. As such, many organisations believe we, us, consumers, all want a super-fast experience in every aspects of our interactions with them. In some cases, this is what we want. However, there can be consumer pitfalls, such as:

• Have you ever been asked to provide a password that you could not remember resulting in a reset process?
• Have you ever been asked to answer a series of questions where you, as the genuine consumer, cannot provide the answer? (Often, even when you have provided a correct answer you still get declined!)
• Have you ever been asked to provide a one-time password (OTP) which seems excessive for a low-value transaction?
• Have you been asked for an OTP from your bank and then realised you don’t have the device with you?
• Have you been asked to contact a customer service number because ‘your transaction cannot be processed right now’

I suspect the answer to many of the above questions is a resounding YES. With the arrival of PSD-2 (2nd Payment Service Directive) round the corner (dependant how specific markets, banks, entities implement it), banks may require consumers to authenticate with a form of 2-factor authentication at many interventions. The more intelligent approach, which we are talking to many of our clients about, is around Risk-Based 3D Secure Authentication in particular, which follows the following path:

With limited data provided during a transaction, businesses will be required to capture more data to enable an informed decision. This data is available today and innovation continues to astound us by providing compelling insight that adds value to this process. A key issue is in the time taken to collect this data. Adding the collection of these additional relevant data points to make informed decisions in real-time may negate the need for the above “step up” processes.

We constantly come across situations where a business will say “we will not use a supplier if they cannot return data in x milliseconds. Firstly, what in reality does 100, even 500 milliseconds, add in terms of negativity to the consumer experience? Particularly, it happens where failure to collect relevant data results in inaccurate real-time decisions. As such, the process is likely to invoke a step-up intervention being initiated; it takes 30 seconds+ or, in many cases, total abandonment. Secondly, customers may be concerned about a transaction that is completed too quickly, thus resulting in a perception of insecurity.

Conclusively, can digital businesses be more proportionate in their use of additional 3rd party data, in line with the type of transaction or behaviour that is taking place? When buying a new TV, do we really need the transaction to happen that rapidly that, when we blink, the payment has already been made and the product is prepared for shipping? The dichotomy to consider is: ‘would an extra piece of collected data, adding an extra second, be the difference between that transaction being accepted or declined in real-time?’ The answer lies in the revenue line - if a consumer chooses to abandon that transaction and use another merchant, payment card or instrument.

About Andy Lee

Andy Lee is the Founder and Chief Product Officer at Sphonic (www.sphonic.com). Prior to Sphonic, Andy was a leading industry expert in digital risk management having led the fraud team at Lastminute.com, then onto building the fraud team and technology at a start-up bank. He later set up a successful consultancy business, advising leading digital brands on their ecommerce and m-commerce risk strategies.

About Sphonic

Sphonic provide innovative solutions that enable digital businesses to consume additional data through a huge vendor network and intelligent workflows for end-to-end risk management. Sphonic work with banks, retailers, payment providers across the globe with services for KYC/AML, payment risk management and authentication, including 3D Secure.