Community

As a seller, Alcon Labs would be the receiver of payment. Why did it get pursued by regulators going after originators of payment?

Even if this is a disguised sales pitch for the author's company, I find its premise baseless:

• "Although only recently introduced,...". LOL. This Payments Source article lists several active and dead mobile wallets from 2009. I've been hearing that mobile wallets will become mainstream the next year for at least 5 years now. 
• "the trend lines for the adoption of mobile wallet technologies like Apple Pay, Google Wallet and Android Pay resemble ... hockey-stick growth curves." ROTFL. According to this New York Times article, "In the United States, an estimated $8.7 billion in purchases were made with phones in 2015, according to a survey by eMarketer, a research firm. That is a mere 0.2 percent of the estimated $4.35 trillion of in-store sales last year." There are any number of articles that say that mobile wallet adoption has been lacklustre. Can you quote a single source that supports your claim of hockey stick growth based on actual numbers (instead of perennial forecasts)?

Just when risk analytics, geoloc and other technologies are maturing and reducing checkout friction while minimizing false positives, it's sad to hear that they might be banned by new SCA-RTA regulation in EU. 

http://qwt.io/s_ketharaman/OR7P

Would be interesting to see the impact of SCA-RTS on recurring payments. The Indian banking regulator mandated "explicit 2FA" via 3DS for all online card payments a few years ago. Apart from increasing friction and reducing conversion for one-off online card payments, the mandate virtually killed companies whose business model relies on monthly subscriptions (e.g. SAAS, media) - you can imagine the friction involved in individually having to two-factor authenticate 12 payments a year for each subscription service a customer has signed up for. Many subscription-based companies shifted their domicile overseas so that they can use ePGs that don't insist on 2FA; many customers - like me - opted for overseas service providers just to escape the onerous 2FA payments every month. A month ago, the regulator announced exemption of 2FA: Now only the first of the 12 months' payments is subject to 2FA. The remaining 11 monthly payments can happen without 2FA. The subscription industry has heaved a sigh of relief. I wonder how the EU subscription industry will react to SCA-RTS.

Come out of anonymity if you expect me to answer personal questions.

I've been using the preinstalled Email app on my Android smartphone to access all my email accounts - business, Yahoo! and GMail. All was well until the recent Yahoo! data breach. Nowadays, every time I log into my Yahoo! Mail account on the web, I keep getting a pesky warning about the risk of accessing Yahoo! emails from a non-Yahoo! client and request to switch to Yahoo! Mail app for Android. As of now, I can click "No, I understand the risks" and move on. But, I'm quite sure there will come a day in the near future when Yahoo! will stop letting me access my Yahoo! emails via third party client. If this is the state-of-affairs with email, why should banks be pressured to expose banking data with third-party apps? 

Client-side, server-side - this is all tech mumbo-jumbo. As a Joe Banking Consumer, how do I know that the PFM is only accessing the info for which I give it permission? Until PFMs get certified by third-party auditors as to what they access and don't access, I'd rather believe what Jamie Dimon says. 

Merchants protected by 3DS will have bigger worries - like how to pay their bills.

Mitigating Fraud Does Not Pay The Bills

A leading bank tried "App OTP" for online card payments but found poor adoption rate because consumers can't spare the space on their space-starved smartphones for "yet another app", especially one that's used infrequently. Hope DBS has better luck with this option.

The critical success factor is the method of communicating the DCV to the cardholder. Banks in India have typically done it thru' SMS (Mobile OTP). That has proven to be a conversion killer because SMSs don't reach on time or at all (Mobile OTP: Cyanide Or Caffeine For Online Payments?). Some banks have launched their own Mobile OTP Apps but have faced poor adoption because consumers can't spare the space on their space-starved smartphones for "yet another app", especially one that's used infrequently. One bank uses a hardware token to secure its Online Banking transactions but has probably found the option too expensive because the same bank went with Mobile OTP when it came to online card transactions. DCVs displayed on the back of the card itself sounds workable provided banks can absorb the higher cost of such cards.

As a 20+ year "corporateer" turned entrepreneur, @MelvinHaskins + 1.