Delivering the same payments experience in-store, by mobile, call centre or online and keeping ahead of the fraudsters at the same time can be challenging – especially as shoppers adopt new payment methods, reports Penelope Ody
Where payments and fraud are concerned, delivering a seamless cross-channel experience may seem in theory to present few technological challenges, but in practice contains a host of pitfalls for the unwary. Problems range from insecure wi-fi and poorly integrated fraud control systems to complex refund issues and PCI-compliance. At the same time, received wisdom suggests that customers want an identical payments experience whether they buy online, via mobile or call centre, or in-store – and this requires a significant process change for many retailers.
“Consumers today expect retailing to be multichannel,” says Akif Khan, director for products and services at CyberSource, “and that is most obviously seen in the growth of mobile. Merchants provide payment options using mobile apps – but how do they screen for fraud across multiple channels?”
A fraudster with a stolen credit card, for example, may be deterred from using it on a website as they don’t have the 3-D Secure password, but they could then try their luck via a mobile app or call centre, so retailers need to have some means of checking whether an attempt has been made to use the card in a different channel.
As Dr Khan also points out, many retailers use the same fraud detection tools across all digital channels that they apply to standard online purchases – such as tracking an IP address or looking for abnormal shopping behaviour.
But on a mobile these parameters are not ‘standard’ – shoppers buy at anytime not in the ‘usual’ daytime office hours and the IP address may vary depending on the geography in which the mobile shopper happens to be. Typically, when travelling it may appear to be that of the head office of the mobile network provider. Standard 3-D Secure systems can also be difficult to use on a mobile’s small screen so are bypassed by the apps.
“Our research suggests that 78 per cent of merchants who have m-commerce operations are using existing ecommerce fraud tools to screen their mobile channel,” says Dr Khan. “A single fraud platform is ideal – but you need to create specific rules to match the channel and consumer behaviour within that channel.”
Justin Fraser, sales and marketing director for Europe at Secure Trading agrees: “Mobile shopping is 24 by seven as your phone is never more than a foot away, so robust fraud systems have to be adaptive as consumer behaviour is changing all the time. A mobile phone is not a secure device from a PCI perspective and consumers are also perhaps not so aware of security issues with mobiles. Maybe there needs to be an education programme to highlight the risks.”
Using a mobile to make payments in a wi-fi hot spot, where transmissions are open and at risk from hackers, is part of the problem. Free wi-fi in-store can be another. “Some retailers have just been dipping a toe in the water when it comes to offering free wi-fi,” says Paul Leybourne, head of sales at Vodat. “So they’ve just been putting in a basic router for wi-fi, which is very easy to hack into and also doesn’t segment corporate and guest traffic. Open wi-fi is like opening the office door. You need to be able to restrict what guests can and cannot do on your network.”
Restrictions can range from limiting bandwidth to denying access to competing websites by restricting users to the corporate site or certain brands only. For payments processing the wi-fi system also needs to be PCI compliant – and that obviously applies both for shoppers using their own mobiles to pay in-store or for payments made via tablets used by staff.
While monitoring fraud and ensuring payment security consistently across channels has its problems, what about the payment systems themselves? Do shoppers really expect to use the same payment methods wherever they shop – or is it more to do with returns and refunds?
Launched in May 2012 with Oasis , PayPal now has nine retailers, with around 900 outlets, live in the UK accepting payments via the system in-store at point of sale. In the US PayPal is already up to 23 retailers and 18,000 outlets and similar growth plans are in the pipeline for this side of the pond.
“We’re having a very positive response from retailers,” says sales manager Jason Batten. “Customers can pay online with PayPal and when they return items to a store they can now have the money refunded direct to their PayPal account.”
Implementation for retailers is said to be easy with no need for investment in additional IT technology, while for shoppers it is simply a matter of presenting the PayPal barcode on their mobiles at point-of-sale. PayPal is currently also trialling a pre-payment system with McDonald’s in France. Shoppers pay for their orders using PayPal when ordering via a mobile or online and specify a collection time; they can then bypass the queues and collect their order from a pick-up point when they arrive at the outlet.
Presenting a barcode on a mobiles is not a problem for most larger retailers, but not all independent shops use barcode readers so for these retailers accepting PayPal in-store would require some investment. It’s a similar story with contactless payments – whether using a contactless payment card, stick-on system of the Barclays Pay Tag variety, or one of the growing number of mobile phones enabled for NFC – including versions of Blackberry and Samsung’s Galaxy – retailers will generally need an NFC-enabled reader and cost justification for the investment may be questionable with contactless card payments typically limited to transactions of £20 or less. However, many newer EFTPoS devices come with integral NFC capability. Ingenico, for example, has the technology embedded in most of its current range of readers. “Take up of NFC is still quite low,” says account manager Russell Masterton, “as the system isn’t really fully mature yet.”
The UK Cards Associations lists more than a dozen retail chains where contactless cards are accepted on its website. Almost all of them are either fast food outlets or retailers – such as Boots , Tesco or Marks & Spencer – with a significant takeaway food business, as clearly that £20 transaction limit restricts usage.
Despite the growth of PayPal, most other electronic wallet systems are also in their infancy with a growing choice of systems – from the likes of Google, MasterCard and Visa for consumers to choose from. Rohit Patni, European vice-president sales and marketing at YesPay, is an enthusiast for the technology but admits that take up is slow. “We’re not yet seeing any major demand for using electronic wallets in-store via a mobile phone,” he says. “It’s very different for shop’s using and taking mobile payment on tablets where transactions are certainly increasing. I would expect to see wallet apps becoming more popular by the end of this year.”
Whatever those future in-store payment options might be, they have to be both cost-effective for the merchant and convenient for the consumers. With ecommerce payment methods that can vary, depending on geography, from basic credit card to direct bank debit to electronic wallet to prepaid cash, offering these in-store could not only stretch the existing till systems but also staff skills.
“We’re seeing increasing convergence between channels and that could also apply to payment types in future,” says Phil McGriskin, chief product officer with WorldPay, “with more cash payments online and electronic wallets or direct debit payments in-store. It’s obviously important for retailers to choose a payment services provider who can offer as full a range of payment options as possible from a single contract.”
McGriskin points to WorldPay’s recent acquisition of YesPay – best known for its in-store payments processing and electronic wallet developments – as symptomatic of this convergence trend. “It’s a significant development for us,” he says, “taking us into new payment markets through point of sale.”
“Ecommerce payment options can be complex,” says Tony Bryant, head of business development at K3 Retail, “and even more so when you start looking at refunds. How will a retailer cope with refunding payment to an electronic wallet when an item bought via a mobile is returned to store? Many of them can’t even get click and collect right so how are they going to manage multiple payment options. The technology is not a problem – it’s staff and business processes that will need to change.”
CROSS-CHANNEL RETAIL JOURNEYS
With consumers regularly channel hoping on their shopping journeys, electronic wallets are not the only payment method that can confuse the unwary sales assistant. Ukash, for example, is seeing increased use of cash payments via mobile while some users want to put Ukash ‘money’ into their PayPal accounts or onto pre-payment cards. “It seems that basket abandonment rates increase on mobile if the user is re-directed to a payment page,” says David Hunter, CEO at Ukash. “Our merchants tell us that that they therefore like our system for mobile as they can accept the 19-digit Ukash number without having to redirect the shopper and that reduces the risk of abandonment.”
Ensuring that sales staff know how to handle all these various options clearly has to be on the training agenda. What happens, for example, when a Ukash customer returning online goods to a store demands real cash as their refund rather than a credit to wallet or prepayment card?
With a raft of alternative payments used across Europe – from direct bank transfers to cash on delivery – returning goods to stores could clearly present even more awkward scenarios for sales staff in future.
Speaking from Experience
“PayPal is being proactive in taking a leap from ecommerce into the physical world, but if large enough numbers of consumers ask for a particular payment option in-store then marketing directors will do something about it – especially if PayPal can demonstrate that it can increase footfall.”
Justin Fraser, sales and marketing director Europe, Secure Trading
“Electronic wallet providers have an aspiration for their wallets to become cross-channel but making a refund to a wallet can be a challenge for retailers – to start with, they have to identify which wallet, of several possible ones, the holder might have used.”
Dr Akif Khan, director for products and services, CyberSource
“In some geographies, notably South America, local credit cards are restricted to use in the domestic market, so if customers want to buy from an overseas website they have to use an alternative payment. It’s proving a growing market for us – and cash payments are increasing in the Eurozone too.”
David Hunter, CEO, Ukash
Interest in mobile payments has increased significantly in the past year, although many retailers still lack suitable wi-fi systems to enable such cross-channel activity in-store. Concerns are also growing over the security of public wi-fi and ‘hot spots’ where mobile payments can be easily hacked.
Finding a Hotter Solution
Cross-channel shoe retailer Hotter started life back in the 1950s as a slipper manufacturer. Today it has a thriving catalogue business, website, 46 stores in the UK with up to 20 more planned for 2013, and growing operations in the USA, Middle East and Russia. While its catalogue dates back to 1996 and its website had a major upgrade in 2009, the store estate has only really developed in the past three years.
With its comparatively short crosschannel history, the company has been able to implement a single payment solution across all its channels using systems from K3 Retail and Verifone, which now incorporates the Commidea managed payments solution.
As well as providing an integrated solution at point of sale the same system is used to handle online payments and catalogue orders making cross-channel activity simple and seamless.
“The business strategy at Hotter is to support our customers’ expectations whilst interacting with a multichannel organisation and to improve the information that we rely upon when working with our customers,” says David Ainsworth, head of IT at Hotter Shoes. “One of the changes required to support this objective was to implement a single payment provider across all sales channel, so we made the decision to find a vendor who could provide us with a streamlined and integrated payment solution. An additional benefit was a reduction in the PCI-DSS scope due to the tokenisation of payment information which has reduced the cost and timeframe for achieving PCIDSS compliance.”