The past decade has seen a veritable revolution in retail payment systems, with the development of online and mobile payments, and new peer-to-peer systems. More is to come; potentially much more. The speed of this process and the outcome will depend in part on the way such systems are regulated.
Since the first promissory notes were issued by bankers in 14th century Italy, payment systems have sought to balance parties’ desire for convenience and speed with the need to ensure that payments are valid and secure. Over the ensuing centuries, various innovations, including bills of exchange and checks, were developed that offered alternative means of effecting payment.
Among the most significant innovations in the 20th century was the development of payment cards. This began in 1914 when Western Union first offered charge cards to some customers. In the 1920s, many larger U.S. stores followed suit – several using a system called “Charge Plate.” These simple, “two-party” charge cards were a formal way for merchants to offer short-term credit to regular customers, which would typically be paid off in full at a specified date.
While some merchants no doubt accepted cards from other stores early on, Diners’ Club established the first full-fledged payment network in 1951, followed by American Express in 1958. These “three party” cards enable consumers to acquire goods in multiple stores, with payment being made by the card issuer, to be repaid by the card owner at a later date.
In the 1960s, two groups of banks established their own payment networks, which eventually became MasterCard and Visa. These “four party” systems (and other similar networks) work as follows: (1) the consumer obtains goods or services from (2) the merchant, (3) the merchant’s “acquirer” (usually a bank) then acquires funds from (4) the card issuer (i.e. the company who issued the card to the consumer and to whom the consumer will owe payment). Meanwhile, the entire process occurs over a platform operated by one of the payment networks.
Payment cards enable consumers to make purchases they otherwise wouldn’t make for lack of cash in their pockets. Credit cards also enable consumers to make purchases for which they don’t have funds in their bank accounts. As a result, consumers are better able to time purchases to coincide with their felt needs. Payments using cards also tend to be quicker than those using cash and they reduce the opportunity for till operators to steal money. This increase in convenience and security benefits both consumers and merchants.
In the past few years, several new payment systems have been developed. Among the most successful is M-Pesa, which enables one party to send a payment by encrypted text message to another party from their cell phone. M-Pesa, which began in Kenya and Tanzania, and is now operating in Afghanistan, India, South Africa, and parts of Eastern Europe, is particularly valued by people who do not have formal bank accounts, since it enables them securely to hold funds on deposit and transfer them at low cost to other M-Pesa users. In Kenya, transfers of between 10 KSh (about $0.1) and 49 KSh between registered users currently cost 1 Ksh ($0.01), while the cost of sending between 501 and 1,000 KSh is 15Ksh. These are much lower than the costs of using a conventional (three or four-party) payment network, especially for smaller transactions.1
In the U.S. and Europe, several companies have established their own mobile payment networks that, like M-Pesa, enable users to transfer funds via a common intermediary to other users. Among the most popular is VenMo, which was started in 2009 and bought by PayPal in 2013. While these systems are commonly referred to as “peer-to-peer”, they are actually peer-repository-peer, or PRP, systems, since the funds are not moved directly from one individual to another but are moved from one users’ account to another users’ account held by the same repository.
One reason PRP transactions can be offered at lower cost is that payments are generally not guaranteed by the network operator (whereas conventional credit card networks typically guarantee payment to a merchant even if they are unable to collect funds from the card holder). That significantly reduces the risk faced by the network and reduces the need to expend resources combatting fraud and theft.
However, as some users have found to their cost, the lack of protection against some types of fraud opens PRP payments systems to abuse. One common scam is for a purchaser to offer to pay for an item, such as concert tickets, in two tranches from two different accounts, initiate payment for both tranches and then, once the tickets have been transferred from vendor to purchaser, reverse the payment for the other tranche before the money has been received by the vendor.2
PayPal itself operates a multifaceted ecosystem of online payments, enabling low-cost transactions between owners of PayPal accounts as well as acting as an acquirer of credit card payments for merchants (acquiring funds from the card issuer). Another recent entrant, Square, also acts as an acquirer, offering processing with lower monthly fees than most other acquirers.
When acting as acquirers, PayPal, Square, et al. effectively operate as a layer on top of existing payment networks. But they offer certain advantages over older payment interfaces, including convenience and security. PayPal stores payment information securely on its servers and facilitates online transactions without requiring users to re-enter their credit card data, thereby reducing the potential for so-called “man-in-the-middle” attacks (basically, theft of information by other people with access to the network) when undertaking transactions on open networks. Meanwhile, Square transmits data securely and inexpensively, reducing opportunities for credit card information to be captured and stolen by merchants or hackers. In light of the problems experienced by Target and other stores in which the card details and other personal information of millions of shoppers was stolen, these are significant advantages.
The new generation of near-field communication (NFC) mobile payments being rolled out by Apple and Google store credit card information online – not in the phones – and so are able to transmit payment information (in the form of tokens) securely without substantial risk of man-in-the-middle attacks. Samsung’s system uses a different mechanism that relies on localized encryption of credit card information, which is also very secure. These mobile payments systems operate as a layer on top of existing payment networks (and charge a fee for the so doing). But as they become more popular, the incidence of fraud and theft should decline, which will in turn reduce the costs to payment networks, enabling them to reduce their fees.
In addition, Chase and some other banks have begun to offer their own payments solutions. These appear to be very similar to three-party schemes developed by Diners Club and American Express. But while those older three-party schemes tend to be more expensive than the four-party schemes, ChasePay claims to be much less expensive.3 One crucial difference is that ChasePay is only available to JPMorganChase customers – and is only available through the use of smartphones, which likely have lower risk of fraud and theft than conventional cards.
The cost advantages of mobile payments come in part from the enhanced security inherent in many modern smartphones. However, if the U.S. government were to succeed in compelling phone manufacturers such as Apple to develop a hack that would give them a back door into the phones, that advantage would potentially be significantly reduced. There are ways around this – for example by requiring the use of multiple tiers of security codes but these would make the use of phones for transactions more cumbersome and likely undermine their use for the majority of purposes.
While mobile payments in principle offer security and cost advantages, implementation entails up-front capital expenditure. To incentivize a shift to mobile payments, networks may choose to subsidize the installment of devices capable of receiving such payments. However, to do so they will need to be able to recoup their investment. Traditionally, card payment networks have done this through the interchange fee. However, increasingly governments are imposing caps on these fees: in the US, as part of the Dodd Frank Act, such fee caps were imposed on debit card transactions for cards issued by banks with assets of more than $10 billion; in Europe, much lower fee caps have now been imposed on all four-party cards (debit and credit). These fee caps will act as a direct disincentive to roll out mobile payments.
Another payments innovation that is receiving considerable attention is Bitcoin, which in addition to being a means of payment in its own right (and a pure peer-to-peer one, at that), can also be used as a transitional medium of exchange. In principle, Bitcoin and similar private digital currencies offer cost advantages compared with transacting in fiat money but so far uptake by merchants has been slow, making them less convenient. Part of the problem may be that most digital currencies, including Bitcoin, are open source, so there is no “owner” who could profit from subsidizing merchant interfaces and thereby expanding the network.
In addition to digital currencies, the blockchain – the encrypted distributed ledger that underpins bitcoin – is seen by many as having the potential to enhance the security of payments and lower their cost. Several banks and payment networks are involved in projects seeking to realize this goal.
In summary, retail payments are undergoing a phase of rapid change, with new technologies providing higher levels of convenience and security, with attendant lower costs. These changes will benefit both merchants and consumers. However, the rate of change will depend very much on the regulatory environment: attempts to interfere with security and pricing of services will hinder development and rollout of new technologies.
If governments force mobile phone companies to create “back doors” into smart phones, as the U.S. government has been seeking with Apple, they will effectively hand the keys to those phones to criminals. And if criminals are able to break into smart phones, then the ostensible security advantages of those phones will be drastically reduced – potentially undermining their use for payments.
In Europe, the caps on interchange fees have likely contributed to the slow roll-out of Apple Pay there. In the U.S., Apple charges 15 basis points per transaction. In the EU, credit card interchange fees are capped at 30 basis points and debit card fees at 20 basis points. Clearly the US fee model is unlikely to be viable in the EU, so Apple will have little incentive to support the adoption of Apple Pay there. The same presumably applies to other mobile payment systems.
- Warren Coats wrote at greater length about M-PESA here: http://www.compasscayman.com/cfr/2012/01/11/The-Technology-of-Money/
- See e.g.: http://www.slate.com/articles/business/moneybox/2015/09/venmo_scam_and_fraud_why_it_s_easy_to_get_ripped_off_through_the_mobile.html