Making a case for payment initiation services (PIS)
It’s a cheaper, faster and more secure method for online payments, so why aren’t payment initiation services (PIS) being more widely used?
PIS is a central plank of open banking and one which is opening new possibilities for consumers and businesses. Underpinned by the second Payment Services Directive (PSD2), it allows businesses to initiate payments directly from the customer’s bank account – with their permission, but without the need to use a credit or debit card. It effectively makes bank transfers a viable alternative for everyday shopping.
There are several benefits to that, and the most commonly highlighted is the cost. Businesses can take payment without the high fees associated with credit card transactions or mobile point of sale solutions. Moreover, businesses get paid sooner. PIS uses Faster Payments for the transfer, which is quicker on average than both Bacs and CHAPS payments. In almost all cases, the money is transferred between the customer’s and the business’ accounts within minutes.
The less often cited advantage of PIS is security – but it’s central to the payment method’s appeal. Credit card details are a frequent focus of data breaches and a key risk for companies. Last year, British Airways was fined £183 million under the General Data Protection Regulation (GDPR) for a security incident exposing card numbers, expiry dates and Card Verification Value (CVV) codes.
Under PIS, retailers never collect this information – or, in fact, any of the security information for financial transactions. The customer is passed to their bank’s website or app for the payment. That means they benefit from the bank’s security, including multi factor authentication using fingerprints and PINs, for example. It also means this is the only place customers input this information. The business making the sale never collects it.
It’s the ultimate in secure payments because you can’t lose what you don’t have.
Making the most of it
Which brings us back to the question of why it’s not more widely used. In February, we can estimate there were about 100,000 online PIS payments. For comparison, the month before (the latest for which figures are available) there were 217 million online card transactions – 80 million of them on credit cards and 137 million on debit cards.
In part, of course, that’s down to familiarity and the fact open banking and PIS payments are relatively recent developments. However, uptake of PIS lags even in comparison to open banking account information services (AIS). In February, again, there were about 320 million AIS connections – instances of people using apps and other websites to use their account information. This is partially because not all payment service providers (PSPs) offer PIS functionalities, making it difficult for merchants and vendors to adopt the technology on a wide scale.
Another part of the explanation for these disparities is the very security and customer assurance PIS provides. In contrast to AIS, where permission to access account details can be valid for 90 days, customers must individually approve every single PIS transaction. That also means going through bank security each time, rather than the lighter touch credit card checks (often just typing in the CVV number). That makes PIS more secure, but also adds friction to the process.
That will change in the next 18 months, though. Partly in response to the scale of fraud, the rules are changing; from September 2021, card transactions over £30 will require an additional method of authentication, such as a PIN or fingerprint scan. This will put PIS on a level playing field to credit cards. When you add forthcoming changes that are expected to allow variable recurring PIS payments, the attractions and versatility of PIS only increase. Consumers are also heavily incentivised and rewarded for using credit cards. Cashback, rewards and discounts all encourage people to make purchases with their credit cards. If similar schemes were incorporated by businesses using PIS, which would benefit them as well as their customers, adoption levels could increase significantly. This will require regulators to get on board, but the security benefits should convince them that it’s worthwhile for everyone involved in a transaction.
That shouldn’t detract from what can already be achieved, though. Combining AIS and PIS, businesses can enjoy significant flexibility. Utility providers, for example, could use it for bill collection from those without direct debits or where the direct debit fails. An AIS can determine the best time to request the direct debit or when to send an official notification for payment with a PIS form attached. More generally, PIS delivers significant savings in costs, much better speed and improved security. And it does all of that – for those that use it – today.
Sponsored insights by Yolt Technology Services (YTS)