Everything Payment Service Providers (PSPs) Need to Know About Fraud Prevention
The online payments sector is one of the fastest-growing industries as more and more people start shopping online and use online payments. Payment Processing Solutions’ market size is expected to reach $62.3 billion by 2024.
The biggest change drivers are Gen Z-ers. They are the first generation, which was growing up with a computer. Hence, for them using cash or even credit cards seems more peculiar than paying for things online.
A recent survey shows that 70% of Generation Z uses mobile banking applications at least daily or weekly, while a staggering 80% uses smartphones to make purchases!
It’s excellent news for payment providers that there’s a massive need for their services. However, Gen Z-ers are also very demanding. They desire the payment process to be effortless. Moreover, it shouldn’t challenge them to type passwords or take extra verification steps.
Thanks to their high requirements, Gen Z stimulates innovation and the development of online payment providers and id verification software. They become more user-friendly and personalized. However, sometimes user-friendliness comes at the price of compromised security. But does it have to be this way? In this article, we will take a closer look at KYC, safety, and risk mitigation for Payment Service Providers. We will also learn how a proper KYC service provider can solve this dilemma.
What or who is PSP?
In this article, I have already mentioned PSPs or Payment Service Providers several times. So who are they and what do they do?
Payment Service Providers are organizations that provide online marketplaces a way to accept electronic payments. Electronic payments may include credit & debit card transactions, wire transfers, real-time bank transfers, or direct debits.
In simple terms, PSPs are the ones who make e-commerce possible by providing a simple way to pay for products and services.
Keeping security in mind
If you are a marketplace or any other platform that needs help from a PSP, it’s vital to keep security and fraud protection in mind.
Most importantly, when choosing a PSP, make sure that it has all of the necessary certifications, meets Payment Card Industry Data Security Standard (PCI DSS), and follows the regulations of AML Compliance Program.
Besides, PSPs are not the same. Many of them provide similar basic functionality, but their additional features differ a lot. Some of the better PSPs offer extra security and fraud protection measures, such as KYC verification, address verification, adverse media screening, and backlist screening.
What is SCA?
One of the payment security measures is SCA.
SCA or Strong Customer Authentication is a new requirement for authentication of online payments that was introduced in 2019 in Europe. This measure was a part of the infamous PSD2.
This specification expects authentication to use at least two of these three methods:
- Entering passwords, pins, or anything else that a user can retrieve from his or her memory.
- Submitting a confirmation from a device that a user has.
- Using fingerprints, face recognition, or any other biometric authentication.
SCA has to be done for almost every payment with a few exemptions.
- ✔ Purchases under 30 EUR.
- ✔ Fixed amount subscriptions and merchant-initiated payments.
- ✔ Trusted beneficiaries.
- ✔ Phone sales.
Moreover, if an organization has very low fraud rates, it will also have an opportunity to be exempt from SCA. To do so, the fraud rates have to be:
- ✔ 0.13% or less to exempt payments below 100 EUR
- ✔ 0.06% or less to exempt payments below 250 EUR
- ✔ 0.01% or less to exempt payments below 500 EUR
KYC for PSPs
For PSPs to grow, they need to apply robust security measures even more. PSPs must make sure that their customers are real and not using their services to launder money or finance terrorism. They also have to mitigate the risks of potential theft and other financial crime. Otherwise, regulators will issue fines or even shut down organizations that might act as a tool that fraudsters use to perform criminal activities.
Payment Service Providers must carefully perform Know Your Customer (KYC) and Know Your Customer’s Customer (KYCC) procedures alongside the Anti Money Laundering (AML) checks and Transaction Monitoring.
KYC is a procedure that makes sure that clients are real people and assesses their risk based on multiple factors.
KYC process can be easily integrated into any onboarding workflow using a fitting AML and KYC service provider.
First, PSPs have to evaluate their merchants during the onboarding process. When doing so, Payment Providers should assess the following categories:
- ✔ Merchant transaction level
- ✔ Industry and segment risks
- ✔ Average transaction amount
- ✔ The geographical location of operations
Besides the initial onboarding, PSPs should keep monitoring the merchant as they can drastically change their business model or increase their transaction volumes.
PSPs should constantly look for abnormalities, such as changes in geographical locations, suspicious senders or receivers, and unusual transaction amounts. To do so, PSPs must verify the merchant’s clients by performing KYCC.
Following these steps will allow merchants to have a clear understanding of risks that each merchant possesses, making it easy to onboard merchants that match your risk appetite.
KYC that raises conversion
As we have previously discussed, Gen Z-ers not only seek online payments; they also want them to be fast and seamless. Regulations that require SCA or KYC don’t seem to be helping with that. However, there’s a way to solve this dilemma.
Identity verification services such as BASIS ID use modern Machine Learning algorithms as well as seamless widgets, which were designed with a user in mind. This, in turn, makes onboarding very simple for your users. Registration takes only a few minutes, while verifications happen in real-time. BASIS ID provides maximum security and fraud prevention while raising your conversion by going after every single user.