To keep commerce running smoothly, paying for a product or service with a credit or debit card must be easy, efficient and safe. Because the process is so critical to both businesses and their customers, it’s highly regulated—and constantly changing. As quickly as technology changes, fraudsters adapt. For this reason, most businesses are well advised to consider alternative, more secure payment options on a regular, if not frequent, basis. Payment alternatives should be consistent with the guest population being served. While Baby Boomers may prefer the traditional ‘swipe’ method, younger populations are more likely to be looking for a contactless experience for perceived speed and convenience. Knowing your audience is important when deciding whether to offer payment alternatives. Consider which alternatives will not only serve your guests, but will also fit into your existing operational workflow while providing the utmost fraud protection.
The Advent of EMV and NFC
Chip card transaction speed has been a source of frustration among both businesses and consumers since EMV was launched. Even though the transaction delay is measured as a mere several seconds, the perception is that the chip card transaction takes much longer. Operators see it as keeping other guests waiting longer to be served. Some are opting to keep magnetic stripe for the sake of moving guests through lines efficiently, as is the case in many quick-serve environments. It’s critically important to understand the risks associated with magnetic stripe transactions and to take the necessary steps to secure transaction data. For security, the key is to ensure the new solutions offers P2PE (point-to-point encryption) and is PCI-validated.
Contactless payments (NFC) using mobile wallets such as Apple Pay™ reduce payment friction. NFC transactions are perceived by the guest as being quicker. With a simple tap of their card, phone or watch, the guest doesn’t need to wait before putting away their card or phone.
New technologies will continue to challenge the balance between data security, transaction fraud risk and the guest experience.
- What is my business risk for counterfeit card fraud? For some businesses, the risk of fraud is low. Knowing the business’s current risks provides guidance in understanding what solutions, and what levels of payment transaction security, are necessary. There isn’t a “one size fits all” model.
- Should payment terminals be guest-facing? The answer will depend on the guest experience you intend to provide, which depends on the guest profile and your operational workflow. Terminals that are guest-facing don’t necessarily create a security risk, rather the business’s data security protocols and the payment solution itself have more to do with fraud risk level.
- How should I manage online payments? The cost and the friction created when requiring a CVV number may be considered more important when selling a gift card, for example. However, this same requirement may not make sense for holding a dinner reservation.
Quick Chip or M/Chip provide a similar experience as NFC by allowing the guest to dip their card and remove it immediately. This creates the perception of quicker service and even allows the line to move more quickly.
Additional mobile payment options are emerging which change the guest interaction entirely. These upcoming mobile applications will allow guests to skip the line by checking into their hotel and paying using their card on file. Guests can also pay for their fine-dining meal at their convenience and depart without waiting for the hard copy check. These applications allow the guest to review their charges and make payment from their mobile device
All payment options have some risk associated. Every transaction launches a complex, automated, and integrated process involving not just merchants but also banks, acquirers, payment processors and more. A host of changes—new technologies such as smartphones and digital wallets, shifts in buying habits, and consumer demand for more businesses to accept card payments—have created a fierce battle within the industry. No longer a set of isolated processes, today’s entire payments ecosystem is just a component of the broader commercial landscape—playing an integral role in fraud management and data privacy as part of a comprehensive IT security framework that must span the Internet, mobile devices, social networks and cloud services.