Card payments in times of a pandemic

"The tide lifts all boats, even those with holes in the hull" – thus goes a German stock market saying, verbatim.
In our case, of course, this does not refer to any catastrophic flood scenario, but rather to positive exogenous effects on payments and an entire industry.
 
The last year and a half of the global pandemic was just that for card-based payments – a tide lifting up almost all parties involved. Transaction figures for card payments went through the roof; some even say that food retailing in particular had four Christmas seasons. Especially the girocard, which is preferred by many Germans, has benefited from this. The number of transactions increased by 4.7% in the first half of 2021 compared to the same period in the previous year, while total sales increased by 2%. The girocard was thus used considerably more, while shopping cart sizes did not change significantly. (1)

The same is true for the increasing prevalence of contactless payments. While the card schemes and issuers have spent years and enormous sums of money promoting the use of the NFC function of cards and reducing customer inhibitions, the pandemic has pushed its popularity to a "new normal" in one fell swoop. As many as 64% of all girocard transactions were contactless in the first half of 2021.1 Customers have finally understood this long-established function and made it a de facto standard – no amount of advertising could have achieved this in such a short time.

The development of the enormous increase in girocard transactions is exciting to observe insofar as there are more and more institutions that are questioning the previous co-badging strategy (i.e. girocard in combination with V Pay/Maestro) and in some cases are moving entire portfolios to the native debit solutions of the major card schemes (Mastercard/Visa Debit). This transformation in the German card market will essentially continue over the next few years and, in the long term, challenge the dominance of the girocard in Germany. With this in mind, it will also be interesting to observe to what extent the acquiring market in Germany – so far dominated by the large network operators – develops.

An important driver in this context is a European payments initiative currently being promoted in Germany. EPI (European Payments Initiative) is intended to provide a pan-European card solution that will enable payments in stationary trade and e-commerce within the European domestic market across borders and independently of international schemes. The current plan is to connect existing national card systems and ideally roll them out in all European countries. EPI is focusing on instant payments as the new European standard and would like to offer a mobile wallet in addition to the card solution. However, leaving Europe in the future will then mean relying on the global brands once again.

If we look at e-commerce, a similar picture presents itself: in Germany, the newly merged payments solutions paydirekt and giropay as well as Kwitt and girocard have been bundled under the "#DK Initiative" in order to present a powerful payments solution. The challenges are similar to those of EPI and success is only realistic if the different interests of many parties can be united.

All these initiatives and changes to the existing systems are continuously challenged by new FinTechs that occupy relevant niches in payments. Here, socially relevant topics, such as the recent "True Name" on credit cards, are also being implemented quickly and with effective advertising.

In summary, it can be said that the pandemic has so far proven to be an accelerator of many existing developments in card-based payments and has triggered changes that will shape the industry for years to come. It remains to be seen whether the specific effects of the pandemic will be followed by the gradual stabilisation of a "new normal" or whether the rapid transformation will continue and lead to fundamental changes in the market.

Authors: 


Sebastian Litschke 

Jonathan Kutkuhn 

(1) girocard mid-year figures 2021 (German): https://www.girocard.eu/presse-mediathek/pressemitteilungen/2021/girocard-halbjahreszahlen-2021/

More convenience for EBICS customers

When it comes to making things more convenient for corporate customers using the EBICS protocol, there are a few hurdles to overcome. The first challenge is configuring the communication parameters to reach a desired EBICS bank server, the next is the complicated exchange of EBICS keys via INI letter and bank key activation.

If we as customer product manufacturers could get help from the EBICS Company for the first task, i.e. the configuration of the communication parameters, we would quickly be able to make the second task, the key exchange process, much easier for users of the EBICS protocol.   

 This scenario could be implemented quickly by the EBICS Company providing authorised and registered manufacturers with a list of all EBICS banks, their technical access and host ID, and the last known bank key as a hash value. Then the customer product manufacturers could integrate the provided values into their EBICS customer applications and considerably simplify the configuration of the technical EBICS access for users. User input errors with lengthy support requests would be a thing of the past and users would have one less hurdle to overcome to use EBICS.

With the data provided by the EBICS Company, the verification of bank keys in customer products could also be simplified. This would reduce the complicated process of EBICS key submission and bank key checks to a minimum. Indeed, it is conceivable that customers would then receive an activation within a few minutes and could immediately begin using EBICS communication. The effort required to activate the EBICS access would then be comparable to the activation of online banking for private customers.
Dear EBICS Company, would you consider creating an EBICS bank list? Like the one DK has been providing in a similar form for FinTS bank servers for years?  

Author: Michael Schunk

Request to Pay – the economy needs this standard

On 15 June 2021, the new European standard for electronic payment requests Request to Pay (RTP) transformed from a theoretical construct to a practical reality. On that day, the SEPA Request to Pay (SRTP) rulebook came into force. The Euro Banking Association (EBA) in particular had been working hard on the project. It is only understandable that the organisation also wanted to know whether there are many companies in the economy that want to use RTP in the near future. In September 2020, EBA launched a large-scale survey of companies across Europe with PPI as a partner. The results recently published under the title "Request to Pay: What Corporates Want" are not surprising in their tendency, but in their consistency. Almost 100 per cent of the companies are interested in using the standard. What is important for them above all is uniform usability throughout Europe. Not surprising – after all, 70 per cent of the companies surveyed also want to use RTP for cross-border payments.

The main part of the survey revolved around the companies' assessments of the use of RTP in the fields point of sale (POS), e-commerce, e-invoicing and recurring payments. Here, too, attitudes towards the standard were clearly positive across the board. In all the areas surveyed, over 80 per cent of participants could at least imagine using RTP. In the area of e-commerce, the quota was even over 90 per cent.

At the same time, the EBA and we wanted to know what could make RTP even more attractive for companies. The answers revealed a number of possible improvements. The main aspects are standardisation of procedures, offering value-added services, end-user acceptance, risk management and clear prospects for the future. 

The latter also includes the most frequent requests for additional features: quickly achieving a high market penetration, integration into standardised, fully automated processes that are, for example, embedded in ERP systems, as well as use in combination with instant payments or other payment guarantee options. Of course, no vendor wants to let a customer leave with the goods if they do not have the money yet. If, however, buyers had to wait until the corresponding amount was credited to the seller's account, the acceptance of RTP, especially at the point of sale, would probably be close to zero. In this case, it might be necessary to examine whether the notification of the accepted or instructed RTP can be designed as a legally binding payment guarantee.

The companies surveyed see an additional benefit in the possibility to include structured remittance information in the data record. This facilitates the allocation of incoming payments to specific transactions within a goods management system and is a prerequisite for fully digitalised, largely automated invoicing and payment processes. Furthermore, companies see RTP as a good opportunity for significantly more direct downstream communication between sellers and buyers of goods and services: for example, 43 per cent can imagine transferring warranty or return information with the data record.

In total, companies from 20 European countries took part in the survey, two thirds of which generate a turnover of 50 million euros or more. A download link to the free final report "Request to Pay: What Corporates Want" as well as further information on RTP can be found here: https://www.ppi.de/en/payments/request-to-pay/success-story-eba-request-to-pay-survey/

Authors: Eric Waller, Anuschka Clasen

EBICS 3.0 in the home stretch

By 22 November this year at the latest, the time will have come. From that day on, German payment service providers are obliged to offer their corporate customers EBICS 3.0, to be precise EBICS 3.0.1, alongside the previous version 2.5. For Switzerland, SIX has also issued a recommendation for the support of EBICS 3.0 from November 2021, and in France, EBICS 3.0 can already be officially offered by financial service providers since January 2018.

The Deutsche Bundesbank has announced that it will switch completely to EBICS 3.0 from 22 November 2021 for a transitional period of one year. EBA CLEARING has a similar position regarding its EBICS services.

What does the EBICS changeover mean for all those involved in EBICS?

Financial institutions and financial service providers are preparing for November 2021. EBICS 3.0-capable systems are already in use in many cases. It is possible that EBICS 3.0 has merely not yet been activated.

For the transition period from EBICS 2.x to EBICS 3.0, the specified or agreed BTF and order type mappings must be stored on bank side and corporate customer side. They can be discontinued later if no order types or FileFormat parameters are specified for new EBICS business transactions in the future. 

All parties should consider the crypto life cycle (see crypto life cycle on https://www.ebics.org/en) for EBICS before migrating to EBICS 3.0. This includes minimum key lengths, key procedures, and TLS requirements that must be met. Due to the key procedures it defines, EBICS 2.3 will automatically expire on 22 November.

All this requires the latest EBICS software. Corporate customers should therefore arrange for an EBICS 3.0 update of their EBICS clients at an early stage so that they can react to the EBICS changeover of the financial institutions. In order to avoid a time-consuming reinitialisation, corresponding EBICS and key updates should already be completed on client side before the bank-side shutdown of key procedures and lengths as well as EBICS versions. The key updates may be required to migrate to EBICS 3.0.

Since the text-based customer protocol (order type PTK) is no longer specified for EBICS 3.0, financial institutions may no longer offer it for EBICS 3.0. If the customer protocol monitoring of corporate customers is still based on the PTK, an early changeover to the XML-based HAC is recommended for them.

Corporate customers can also look forward to a few new functions that EBICS 3.0 provides. These include the technical double submission check, the optional specification of the original file name when uploading and the EDS flag (EDS= electronic distributed signature), with which the corporate customer can directly control whether the submitted order should undergo the EDS process or be checked directly. 

Those are some of the relevant points that I would like to share with you to help you cross the finish line successfully. Ultimately, it is important to be prepared for the approaching EBICS changeover and to take the necessary precautions.

And what about you? Have you already started your final sprint to EBICS 3.0?


Author: Michael Lembcke

Request to Pay – a revolution without revolutionaries?

Technically, the European payments market could be in a mood for celebration - after all, the first concrete regulation for a pan-European electronic payment request came into force on 15 June 2021. The SEPA Request to Pay (SRTP) Scheme Rulebook defines the parameters for all participating financial institutions. Once this system is set up, companies simply send their customers a digital data record with the details of the payment request. The payers can transfer the included information such as IBAN, sum or remittance information into their banking system with a mouse click and then only have to authorise the transaction. 

Few reactions

Experts see RTP as a potential revolution in the European payments market. However, the participants for the revolution have been lacking so far. Efforts to launch products based on RTP are hardly discernible. The question arises as to the reason for this reluctance. Are financial institutions worried about a lack of demand? Is the implementation too complicated or too expensive for them? And what can help financial institutions if they want to launch SRTP products?

There is no lack of interest

The demand is there among the ultimate addressees, i.e. the private and corporate customers of the banks, at least on the business customer side. A survey by the European Banking Association (EBA) in cooperation with PPI clearly shows this. Regardless of which potential application scenario European companies were asked about, the willingness to use RTP in their own company was generally well over 80, sometimes over 90 per cent.

Manageable effort

Of course, a new payments standard does not come for free and cannot be implemented overnight. If a corresponding project is approached with the classic waterfall methodology, a duration of 18 to 24 months is to be expected. With modern means such as agile development, however, this period can be shortened. The key is to have a clear strategic idea of what an RTP product should be able to do. Furthermore, it must fit into the long-term business plans of the financial institution. The actual costs depend on the specific circumstances. But they are likely to be similar to those of an instant payments introduction. Institutions that have already introduced this service have advantages, because some of the important aspects for RTP have already been taken care of. They then only have to apply about 30 to 40 per cent of the mentioned cost framework.

In any case, the investment should pay for itself quite soon. After all, RTP products and services strengthen customer loyalty and can help institutions win back market shares. Especially since at least no major player has yet announced plans to enter the RTP market. 

Launch the first projects soon

Financial service providers should definitely take advantage of this. Minimum Viable Products (MVP) are suitable for a quick market entry. An alternative is cooperation with one or more business customers. Companies in particular should have a strong interest in RTP, as the use of the standard can save considerable sums in billing process costs.

Sooner or later, an entire product world will emerge around RTP – that much is foreseeable! Institutions that enter the new market early on can look forward to this development with joyful anticipation. We are happy to support financial service providers with the implementation. We have summarised the basics in the latest white paper "How Request to Pay becomes a success story for financial service providers", which is available for free download here.

Authors: Eric Waller, Anuschka Clasen

Digitisation of the account life cycle? Simple with eBAM and EBICS!

B07? B13? Though these designations may look like airport gates for an upcoming flight, they mean something else.

Perhaps you have already seen them in the planned changes for the BTF to order types mapping table of DK (Deutsche Kreditwirtschaft). They refer to two of the business transactions for Electronic Bank Account Management (eBAM) newly introduced in 2021. In a previous article, we already discussed the topic eBAM in general and argued in favour of standardised use within the framework of the RDT agreement.

eBAM provides messaging for account opening, management, closure and reporting. The focus is on an existing customer relationship. Otherwise, there would be additional challenges to consider.
eBAM combines concrete potentials for account management in the corporate customer sphere. Manual activities, media discontinuities and a generally paper-based procedure are currently predominant there. Opening an account or changing a power of attorney means a great deal of effort on both the customer's and the bank's part and takes days or even weeks to complete. Not to mention the lack of standards across different banks.


Electronic Bank Account Management enables the digitisation of account management processes. As shown in the figure, the paper-based processes and media discontinuities are replaced by standardised ISO 20022 XML formats (acmt.*), which are exchanged between the corporate customer and the financial institution via an electronic channel. The prerequisite is that essential bank and account master data, powers of attorney and other documents are managed in appropriate systems of the corporate customer. Document attachments and digital signatures are also supported, as these may be required in certain cases.

There is no need for a new channel, as the eBAM messages can also be transmitted via EBICS. In addition, they are already authorised in the EBICS channel. Such processes are well-known and well-established in payments, e.g. in the transmission of credit transfers and status reports. Transfers via other channels is also conceivable.

Within the institution, the necessary processing can be carried out faster and more efficiently through automated support. 

A few financial institutions have eBAM offerings on the market, but some of them are limited to individual use cases or channels. On the other hand, corporate customers such as the treasury departments of large companies are clearly interested in precisely this kind of digital account management. In particular, they want to have a better overview and reduced processing times, and at the same time manage their accounts with ease.

There are also great advantages for the financial institutions. The complexity of IT and processes can be significantly reduced and process costs lowered. 

eBAM has various points of contact in the business and IT areas, which means that questions have to be considered holistically during concept creation and implementation. This also applies to related topics such as KYC (Know Your Customer), electronic signatures, regulations or process management.
For the implementation of eBAM in IT systems, it must be considered which tasks are to be carried out in the bank server and which in the downstream systems. What should be taken into account with the new formats and their current and future versions? How can message validation and feedback generation take place? How are eBAM messages processed and transferred to the master data systems?
Based on the TRAVIC product suite, PPI can offer financial institutions the appropriate functionalities to facilitate the introduction of an eBAM offering. This includes the acceptance of messages in the EBICS bank server TRAVIC-Corporate as well as the central processing in a specific eBAM component at the interface between TRAVIC-Corporate and the downstream systems. Web-based account management in the corporate customer portal TRAVIC-Port equally offers potential for a dedicated eBAM offering. And via real-time notifications, the TRAVIC-Push-Server could be immediately notified of important events.

By offering technical and business expertise from a single source, PPI can provide holistic support for eBAM introduction on request.

I am convinced that the importance of eBAM will continue to grow. Those institutions that act early will be able to secure timely market advantages through innovative offers.

What do you think?

Author: Thomas Stuht, D.Eng.

Our money must go digital

 

Imagine the following scenario for the future: a company runs out of certain material, which is only available from a supplier abroad. At the latest 24 hours later, supplies of the material must arrive, otherwise the production will be stopped. This issue is detected by a computer system. It orders new goods completely autonomously from the supplier's system, where they are immediately sent on their way, also completely automatically. Customs declaration, transport organisation, etc. – all of this is taken care of without human intervention. At customs, a computer scans the goods, concludes that everything is in order using specified parameters and requests the customs duties from the ordering computer system. The computer system would execute the payment immediately – but it can't, at least not at the moment. Finally, a person must authorise the payment and, usually, it takes at least one banking day for the customs to register the receipt of the funds.

This example illustrates the limitations of our current payment system: relatively long waiting times, complicated authorisation procedures and a lack of delivery-versus-payment functionalities. While this may have been acceptable in the past, it poses serious problems for the future. Because the future belongs – among other things – to the Internet of Things (IoT). By 2025, an estimated 75 billion devices will be linked via networks.  The potential for new business models is huge, from automatic customs clearance without human intervention, or rental charges for agricultural machinery billed according to the actual payload, to the self-ordering refrigerator.

However, many of these business models will be hard to realise if the current limits of payment systems remain. Digital currencies can lay the foundation for automation and overcome these limitations. The European Central Bank (ECB) is considering the introduction of a public digital euro – a digital form of central bank money that is to promote financial inclusion and be available to the citizens as a digital and secure means of payment. Still, even if this were to be decided in 2021, according to the assessment by the ECB's director Fabio Panetta as well such a currency would hardly be a reality until 2026 , especially since it is not yet known whether the digital euro will have the characteristics necessary for IoT business models. Given the growth of the IoT, this will be too late and too uncertain.

The solution to this dilemma lies with private initiatives. It is already possible to connect the SEPA system with an application based on distributed ledger technology (DLT) via a technical bridge solution. This method can be used, for example, to implement pay-per-use solutions: payments are triggered via the SEPA system and programmable payments can be mapped on a DLT. However, this so-called trigger solution does not eliminate the limitations of SEPA because a human authorisation is still needed. The machine or IoT device cannot bill itself. The system break in payment processing can be avoided if a digital means of payment is issued and processed directly on a DLT, instead of using conventional payments. 

A DLT-based digital currency does not necessarily have to be issued by a central bank. Banks or financial institutions can also create solutions for so-called programmable payments. One example are euro-based stablecoins – digital tokens backed by a specific monetary value. At present, there is still no regulatory basis for euro stablecoins and they have a high counterparty risk. However, with the planned EU directive "Markets in Crypto-assets" (MiCA) this is likely to change and stablecoins will become tokenized e-money. An alternative is tokenized scriptural money that financial institutions could issue. Unlike the stablecoin, it would have the advantage of not having to be 100 percent covered. Nevertheless, according to the current rules, such a currency would not be multi-bank capable and would thus entail very significant restrictions.

In whichever form this happens, the digital currency will become reality. This is the only way for the German industry to fully benefit from the potential of the IoT. Even more far-reaching automation in goods logistics or increasingly popular asset-as-a-service models are hardly conceivable in the long term without fully autonomous payments in real time. Details on the use cases and further details on the design of digital currencies can be found in the joint white paper "The future of payments: programmable payments in the IoT sector", which was written by PPI together with the partners Cash on Ledger, Digital Euro Association and Frankfurt School Blockchain Center. For a free download click here.

Authors: Anja Kamping, Philipp Schröder


EBICS key: how long is the key to success?

On 21 April 2021, an EBICS manufacturer workshop of the German Banking Industry Committee (DK) took place. In terms of content, the core adjustments to EBICS coming with version 3.0.1 were presented. However, much more interesting for me are the cryptographic adjustments presented at the same time, which will become mandatory for EBICS customer systems in November 2021. EBICS uses 3 RSA key pairs for communication: one pair for authorisation signatures, one pair for authentication of the EBICS fragment, and one pair for encryption/decryption of messages.

For EBICS V2.5, this adjustment means that authorisation signatures (A keys) must have at least a 2048-bit key length. For authentication (X keys) and encryption (E keys), a compromise of at least 1984 bits was decided. The reason for this is probably that Seccos smartcards with keys of this length still exist in the market. The so-called DS key of these Seccos cards has a 2048-bit key length and is located in the special area of the card chip protected by an alternative PIN. 

In addition, it was again confirmed to all participants that with the use of EBICS 3.0.1, all keys used for authentication (X00x), encryption (E00x) and authorisation signature (A00x) may no longer be shorter than 2048 bits.

For the customer product manufacturers, this means that a key extension process must start in the foreseeable future so that all customers can easily and simply switch to the new EBICS 3.0.1 version as of November. If this does not happen, a switch to EBICS 3.0.1 is not possible with the existing – too short – keys.

Customer products that do not offer key changes fall behind here; their users then have to generate new, longer keys in a time-consuming and complicated process, then have their access reset at the financial institution and then resubmit the keys and the INI letter to their financial institution. After that, it is a matter of waiting until the EBICS access is activated again.

EBICS customer products which offer their customers a key change still have to deal with the challenge that with EBICS 3.0.1, only X509 certificates may be used in EBICS communication. The customer products use completely new internal processes for this. The implementation must therefore be well planned and will generally not be easy. However, TRAVIC-EBICS-Kernel by PPI AG helps by providing the necessary functions for an easy switchover. It would be advisable to change from the previous key format (RDH2) to the PKCS#12 format (p12 file) for key files in the course of this.

A challenge arises for smartcards, because they often do not have the necessary key lengths and may have to be replaced, if this is possible at all. 


In conclusion: 

It is time to address the users of EBICS who use short keys so that they can update their keys in good time before the switch to EBICS 3.0.1 or before November 2021, generate their new keys and ideally submit them to their financial institution signed with the previous keys. Users who do not want to communicate with the key requirements applicable from November 2021 would face a fatal dysfunctionality of the EBICS access.

Author: Michael Schunk


Is the perfect wave coming?

When it comes to outsourcing in payments, I am currently somewhat reminded of a surfing competition in which the participants keep paddling around in vain, looking for the right wave. The calm seas are partly due to many financial institutions that regard payments as their core business and shy away from outsourcing at the centre of their own business activities. On the other hand, the supply side of appropriate services has been limited so far - so no dice there either. Equens Worldline is currently the only company to offer complete business process outsourcing (BPO) in payments. The banking operations centre BCB, a subsidiary of Deutsche Bank, is in the process of withdrawing from the market.

Regulation compels changes

But now the surf – i.e. the market – is starting to stir. For one, there is the pressure to change. Due to regulation and technical requirements, it has become immense. New requirements by the regulatory authorities are almost constantly rolling in towards financial service providers. Implementing them keeps the IT departments permanently on their toes, especially since they result in no small tasks. Most new regulations entail the same effort on the IT side as the implementation of a new SEPA standard, for example. The core business suffers from this, especially since IT experts are not exactly available in abundance, so staff increases are only possible to a very limited extent.

Technical requirements exceed current system capabilities

This shortage on the personnel market also indirectly plays a role in the second cause of the need for change: the technical pressure. The demands on banking IT have changed fundamentally. What is now in demand is 24/7 service and, above all, real-time capability. This "instant" phenomenon of needing to execute and track payments immediately and instantly presents banking IT infrastructures with huge challenges. Depending on which legacy systems are still working and which head monopolies possess the relevant knowledge, a technical outsourcing solution can become more and more economically appealing – and other trends are moving towards outsourcing, as well.

Technological leaps boost supply

The supply side is also making waves in the market water. Platform solutions in particular, but also connectivity technologies, have made such leaps in recent years that a number of providers are entering the market surrounding payments outsourcing. As a rule, these are specialised service providers, for example software providers like us at PPI for technical outsourcing or financial service providers like Broadridge for a complete BPO. The latter, for example, rely on their appropriate experience in the securities business. 

Regulatory authorities discover service providers

Experience and know-how are important because supervisors are also tightening the reins on external service providers for payments of financial institutions. Due to national and European regulations that have already come into force or are in the planning stage, financial institutions are forced to expand the circle of service providers to be supervised, to watch them closely in the future and to check to what extent the partner can actually guarantee their services. This goes as far as direct provisions for contract creation. Providers of outsourcing solutions could soon receive a visit from the authorities, too. In the future, the latter may want to check to what extent the companies also comply with the regulations that apply to financial institutions and whether they are in a position to fulfil their reliability assurances.

Who will ride the wave?

We hear that the first banks have already taken advantage of the stronger surf to ride the wave towards outsourcing. Others have already set foot on the board, at least to stay in the picture. Even if many of the industry's big players tend to forego riding the outsourcing wave and many public or cooperative players have already hopped aboard with their associated data centres anyway, the call of the outsourcing surf grows louder and louder. Who will answer it?

Yours,
Hubertus von Poser

Payments by card: specificities of the French market

The electronic payments ecosystem in France is made up of a wide range of players (banks, cardholders, merchants, laboratories, manufacturers, issuers, processors, card networks, regulators) with a specific payment system based on EMV (Standard Europay Mastercard Visa) technology. The multilateral cooperation agreement signed between the members allows users to access all the approved facilities (EPTs, ATMs, etc.) of the payments system members.

In France, bank card payments are transmitted to the authorisation systems via the CB, Visa or Mastercard card networks; cleared by the CORE clearing system of the French STET initiative, then settled by the settlement service of the Banque de France / European Central Bank / Bank for International Settlements. Some operations can be carried out via the domestic CB network (if the French cardholder carries out transactions in France), or via the international Visa or Mastercard networks (for international payments or for French bank cards that do not have the CB application).

 


In France, a distinction is made between immediate debit cards and credit cards (deferred debit). Somecards have systematic authorisation (online), others are offline. A French card co-branded Visa or Mastercard is accepted all over the world. Foreign bank cards co-branded with Visa or Mastercard are also accepted in France due to the principle of interoperability or agreement between the financial institutions. However, before June 9, 2016, when a French customer paid with their CB bank card supported by Visa or Mastercard, the electronic payment terminal (EPT) automatically selected the domestic network (CB). But since that date and to present day, the cardholder now has the option to choose between CB, Visa and Mastercard (European Regulation 2015/751).

The issues concerning bank card payments are expressed through several challenges (structural, organisational, technological and regulatory (1) ) that are imposed on the players, forcing them to review their organisational structures and chains of operations to make them compliant with European regulations. These challenges have led to a broadening of the scope of electronic banking and the emergence of new forms of banking activities. The bank card can now be used to carry out several types of transactions with varying levels of security: mobile payments (NFC / QR code), contactless proximity, biometric (facial recognition / fingerprint), etc.

In 2019, 54 million debit cards and 39.3 million credit and payment cards were issued, of which CB cards accounted for 27.5 million, or 70% (France Cards & Payments: Opportunities and Risks to 2024 p. 33; 52; 60). According to the same source, 77% of cards in circulation in the French market are co-branded and only 23% are purely international network cards. The top five financial institutions accounted for 86% of transaction value in 2019 (France Cards & Payments: Opportunities and Risks to 2024). In 2018, there were more than 1.8 million electronic payment terminals and almost 55 thousand ATMs in France (Statista, 2021).

Although card payments are still the most widely used payment method in France (2)  and will continue to grow in the years to come, PSD2-related regulations have created a technological and strategic revolution that will allow the various players (new entrants, financial institutions, etc.) to free themselves from the interbank networks and offer innovative services at lower cost. In fact, they will rely on the Internet infrastructure and not on private structures. Based on these new operational models, these new services (mobile payments in proximity, P2P (peer-to-peer), etc.) are developing to serve new use cases with a new user experience (Payments Cards and Mobile, 2021). The ISO 20022-based Request to Pay complements these payment methods as a powerful end-to-end payment tool offering an opportunity for new services and bringing more value to customers.

The proliferation of multiple channels and the increasing dematerialisation of payments could open up new opportunities for acquiring with increased competition on the acquirer side, which will undoubtedly lead to lower fees and better service. All of this will be closely linked to the ability of the solutions to operate together, because it is in the merchant's interest to have as many payment methods as possible on the same device at the lowest cost, so as to optimise the possibility of offering the customers their preferred payment solution.

 

Author: Tite-Voltaire Soupene

(1) Strong authentication (PSD2 Directive, 2018); Card payments (PCI DSS); Interchange fees (EU Regulation 2015/751). 
(2) In 2019, more than half the French population, i.e. 58,6 %, preferred to pay via bank card. (Statista, 2021)