Payments Talk with Laura Townsend, Merchant Advisory Group02nd January 2019
Laura serves as the SVP, Operations of the Merchant Advisory Group (MAG). In this newly created MAG role, she is responsible for delivering on operational optimization strategies on behalf of MAG’s merchant members through collaboration with industry stakeholders which is an integral part of MAG’s overall strategic plan.
Laura is as an independent consultant to the Merchant Advisory Group and the broader retail community with focus on strategic planning, operational optimization strategies, and cost control tactics specific to consumer payments, emerging payment technologies and trends, and corporate cash management. We invited Laura to feature in our ‘Payments Talk’ section of Payments Intelligence magazine and talk about SRC and the potential impact on merchants.
Is there a case for merchants to accept SRC?
SRC is a developing specification and few details regarding the rules and capabilities of it’s implementation exist in the public forum. We now know that EMVCo are has opened a preliminary draft version of the SRC specification for comment, however, there isn’t enough clarity available on the objective and value proposition for merchants to make an educated decision.
What concerns do merchants have about SRC?
There are a few different concerns for merchants, however a primary concern are the implications to the customer experience and integration of merchant branded products within SRC which is unclear. Just as important are compliance of Regulation II rules for merchant routing choice. Each merchant must weigh control over the customer experience along with control over choice and availability of competitive alternatives against the perceived benefits that SRC may provide. We have recommended to our members to thoroughly ask questions and demand answers before making the decision to move forward with support of SRC.
Will merchants have a choice in using SRC, and will it affect merchants of all sizes?
At the onset of the SRC implementation, the global networks have indicated merchants will have a choice in SRC participation. While that may be true for the more sophisticated large merchants, the reality is that ISOs and VARs deliver payment services to the medium and small size merchants and, as a result, these smaller merchants rely heavily on their Payment Service Providers (PSPs) to ensure they maintain flexibility and choice. The first step is to ensure the merchants of all sizes are aware of the pros/cons and considerations for new payment solutions like SRC so they can make an educated decision on their available choices. Finally, as we have experienced in the past with other payment technology implementations, choice is all relative and includes consideration of other implications such as network rules and requirements that are wrapped around EMVCo payment specifications in the implementation such as shift in liability, approval rates, and other related costs.
I suspect that merchants with their own proprietary payment products & platforms could be an SRC initiator; however, it is difficult to see the value proposition for merchants to integrate their proprietary payment products into SRC since they are already quite secure and offer a good customer experience. Otherwise, most merchants will be heavily dependent on their PSPs to play the role of SRC initiator. However, until there is a large selection of competitive alternatives for SRC initiators, merchants will be at a disadvantage and possibly may be required to support SRC as part of the MasterPass migration leveraging Mastercard as the SRCi (by way of example) until other alternatives become available.Laura Townsend | MAG
How are networks planning to integrate with the SRC system?
Mastercard and Visa have already announced their intent to migrate their current Masterpass and Visa Checkout products to SRC in 2019 (delayed from some original announcements suggesting migration by holiday 2018). It is unclear what the merchant lift will be through this migration and whether these merchants have a choice in migration to a platform they didn’t sign up for originally. Unfortunately, the SRC specification is still in current draft form and despite the specification currently being open to public comment through December 3, 2018, Visa is developing its specification and implementation plans based on a non-final draft specification. That said, it is truly unclear how this Visa migration of Visa Checkout will incorporate the considerations of stakeholders that are spending significant time and effort to highlight critical changes required to the draft specification. It is suspect the rationale to pressure a market deployment of an unfinished payment specification.
What are your thoughts on the potential for SRC to require 3-D Secure 2.0 integration?
It is highly likely that EMV 3DS (the new industry self-professed name for reference to 3D Secure 2.0) will be required within SRC. The value proposition being proposed by SRC proponents is increased approval rates and reduced false declines improving the customer experience. The expectation is that EMV 3DS is the network tool to enable a greater level of data exchange to facilitate greater knowledge for the issuer in order for the issuer to make better authorization decisions and, therefore, helping increase approval rates. The only way for issuers to get more data beyond what exists today is through the merchant and EMV 3DS is the mechanism the networks hope will provide that incremental data exchange.
Each network will have data elements that may be required in their respective implementation beyond the EMVCo 3DS specification requirements. As a result merchants need to ensure they understand the level of data required and whether they are willing to exchange that level of data with issuers, how that data will be interpreted across the issuing community, and the implications to the customer experience before they jump into EMV 3DS support. It is also important that merchants understand what compliance programs are in effect for 3DS participation. For example, Visa has implemented a compliance program that depending on merchant performance could result in a merchant falling into non-compliance incurring incremental costs.
How likely is there to be a liability shift to SRC for eCommerce merchants?
Networks have publicly indicated that EMV Payment Tokenization and EMV 3DS will both be integral elements of their respective SRC implementations. Although the suggestion is that both are optional and not a requirement within the EMV SRC Specification, we are certain the network implementations will either require EMV Payment Tokenization and/or participation in EMV 3DS or highly incent that participation with liability shift rules along with a disincentive that will come with non-participation in the form of higher decline rates and lower approval rates. The networks have suggested that issuers may make different approval decisions based on whether the transaction flows through SRC or not. This is expected to be the case even if a merchant not participating in SRC participates in EMV 3DS and/or some other form of highly effective and secure fraud mitigation technologies, merchant tokenization, and sophisticated encryption technologies for their COF.