Author: Xavier Larduinat

The banking industry has undergone a huge transformation in recent years and continues to transform as we head into the realm of real-time, digital first (and physical later) banking and payment. Characterized by the need to do things more cost-effectively, sustainably, faster, and with user experience at its core – modern card program strategies are revolutionizing the sector and embracing these changes will be vital for a bank’s survival.  

To set some context, here is just a short recap of the challenges and changes currently facing the banking sector: 

Online branches growth in popularity:

Can you remember the last time you visited a bank branch in person? If not, then you’re not alone – under the lead of agile fintechs and neo banks, the capabilities of banking apps have improved so much that there are very few reasons for customers to visit in person. In fact a survey from KMPG found that one in five UK consumers haven’t visited a bank branch since before the Covid-19 pandemic – a trend we will likely see continue.  

Fintechs are challenging the status quo:

Recent years have seen digital-first challenger brands give consumers greater choice and flexibility – revolutionizing personal banking. Not burdened by decades of legacy tech to contend with – these brands have managed to quickly design products and solutions that have user experience solely front of mind, and traditional institutions are forced to do the same.  Real-time, quick services, simple yet secure is what is in the DNA of such neo stakeholders in the financial sector. 

Boom in contactless payments:

Recent data that shows that in 2020 the number of people in the UK who registered for mobile payments grew by three quarters to over 17 million. And in December 2021, contactless payments reached its highest recorded level, accounting for 69% of all debit card transactions, and 56% of all credit card transactions – a trend that is expected to continue to rise.  

A Modern Card program and strategy is about unifying and improving the customer’s banking and payment journey with real-time digital card issuance and complete control of all their payment credentials. This blog series will explore why a Modern Card Program is an essential part of this and will address the challenges of bringing it fruition.   

 

Challenge #1: Managing connectivity with payment schemes to successfully deploy EMV tokenization and associated card services   

The growing demand for mobile, user-centric services for card issuance is front of mind for all card issuers, processors, and wallet providers. As we’ve already discussed – the banking sector has been transformed – driven by customer expectation to be in control 24/7, via their smartphones or a modern web interface. People want to order their physical, digital or virtual card instantly, via their mobile app and/or the web, then use it to pay at stores and online.  Cardholders want to be in control of their card’s settings. These services are no longer a nice to have – but an expectation.  

However, when it comes to traditional banks that have been issuing EMV cards for years, the core banking infrastructure in place is often not optimized to support real time services, nor to deliver a rich mobile experience. Beyond tokenization for digital wallets, launching new services such as virtual card issuance and secure display, 3DS, Click-to-pay or pay-by-instalments can be extremely challenging.  

Card issuers can find plenty of technology partners to implement new mobile-centric card services. For digital card for instance, major Payment Schemes provide access to their EMV Tokenization services. However, beyond APIs, managing connectivity with such network services is a real project on its own.  Frequent API updates and rapid innovation rollouts require a very close relationship with payment networks: a relationship that goes beyond the usual scope of work for developers.  

Success for such modern card programs relies heavily on the deployment of modern card issuing platforms, implementing a brand new mobile and web front end but also orchestrating the entire core banking systems involved in the card issuing stack and the card life cycle management (systems managing accounts, transactions, claims and settlement, among many more). 

EMV tokenization alone represent the lion share of such modern card programs services and require deep use case knowledge that can only be acquired by developing a close relationship with the token service providers.  Thales D1 has a unique role of the EMV tokenization market with a preferred partnership with leading payment networks, removing the complexity for developer to re-invent uses cases from scratch, using system APIs with no orchestration across the card payment stack 

By somewhat “tokenizing their relationship” with token services, provided via Thales and the D1 platform, developers can focus on rolling out innovative services for their cardholders while Thales deliver the tool to execute development in record time and cost. 

The post Deploying a Modern Bank Card Program: Part One appeared first on Cybersecurity Insiders.

In the past decade, the banking sector has undergone a massive transformation – putting speed, security, environmental considerations and user experience at its core. This blog post will be looking at how Digital PIN – a modern way to set, deliver or recover an EMV Card PIN code – is part of the modern card program strategy   

The PIN Code as a Card Verification Method for EMV Payment Cards 

The 4 digit PIN Code is a technology that has come to be part of everyday life and was introduced as a Card Verification Method (CVM) in the EMV standard to perform user authentication.  

PIN code verification can be performed online or offline.  The EMV standards allows two additional forms of CVM:  signature and “nothing” for low-amount contactless payments. 

What is a Digital PIN vs Current EMV card PIN code as we know it? 

Currently, when a customer registers for a new EMV card, it will typically be shipped to them in the post. This will be followed by another letter containing the 4-digit pin number that’s been assigned to them.  

Digital PIN refers to a new “digital delivery and management” mechanism: instead of a PIN code being sent in the post, it is delivered via an app (or secure SMS) enabling customers to use their card with seconds of it arriving.  

This virtual PIN delivery looks set to replace paper mailing delivery.  Users can create their preferred 4 digit PIN code right from the app.  Later on they can recover their PIN code when lost, or change the current code for a new one. All these happen instantaneously and give the user more ‘real-time’ control than ever. But that’s not the only way users are gaining more control over their banking. 

Modern card issuance 

A new approach to the payment card lifecycle is becoming more common. It puts the user in control to order, manage and use banking cards, right from the bank’s mobile app 

The PIN code delivery method using a paper mailer was appropriate in a physical first, digital later era when getting a new card took a few days. Switching to a digital PIN delivery solution meets three crucial new trends: 

  • First, digital delivery is instantaneous and therefore more in-line with consumer expectations.  Cards can be activated and used right away, leading to higher transaction rates.  The customer controls both card issuance and PIN management 24/7 from their app. 
  • Second, digital delivery for the PIN code is more environmentally-friendly as it cuts the need for paper mailers.  Given the billions of EMV payment cards delivered worldwide every year, this is a significant environmental win as you can see in this Infographic. 
  • Third, as we move to the people are using more digital cards. The rise of digital wallets and online payments is changing the proportion of physical/digital cards that each individual cardholders uses every day and consequently the need for a digital PIN delivery.    

This is part of the new, global card experience.  Fintechs have led the way and demonstrated the look and feel of modern mobile banking apps, and now the entire market is following suit – Digital PIN delivery is no longer “nice to have”, but critical to the modern card user experience. 

As we are now heading into a digital first, physical later approach to payment credentials, Thales helps financial services players implement modern card programmes with the Thales D1 issuing platform.  This brings simple, UX level APIs that orchestrate the entire issuing stack. It manages both the mobile front end to implement features such as Digital PIN but also orchestrate all the core banking infrastructure to build the three following use cases:   

  1. Set a preferred PIN code 
  1. Securely display the PIN code in the app in accordance to PCI DSS regulations  
  1. Allow fast PIN code recovery in-app  

 

The bank mobile app is going through a revolution and Digital PIN is a visible part of it.   

The post Digital PINS – The Next Step in Digital First Banking appeared first on Cybersecurity Insiders.