Time for Next ‘Killer Punch’ from EU Regulators on Interchange?

Key legal challenges – what happened?

Five years ago, EU regulators devised the controversial Interchange Fee Regulations (IFR), capping Mastercard and Visa consumer-card interchange fees.

The EU Regulators cited their experience in regulating anti-competitive practices: to fuel innovation and change. The EU now needs to assess what has been achieved against its 2015 aspiration. The regulatory review process is underway, but what has it concluded to date including next steps?

How will the EU regulators act with interchange in a post IRF / PSD2 Europe? Here comes IRF2?

What did the IFR review achieve?

Initially, the IFR quelled concerns of EU and national Regulators and those of key merchant lobbying groups across Europe. It challenged the interchange rate levels, the methods of calculation, and it simplified the complex card scheme qualification criteria in place at that time.

Mastercard and Visa brought legal challenges but struggled to present robust defences. Some believe they missed the opportunity to explain more eloquently that even cash has a cost. But in the end, some common-sense prevailed, leading to interchange fee rate reductions.

Consumer debit (and prepaid) rates decreased to 0.20%, even in markets where typically this had been a fixed fee. Consumer credit rates lowered to 0.30%. But there were challenges:

  • Mastercard and Visa presented different timelines for fee reduction.
  • Acquirer systems were not ready, which led to manual workarounds.
  • Merchants were concerned by the changes (fixed fee to ad valorem and in how caps and different cards were treated.
  • Merchants were not prepared for ‘interchange plus plus’ pricing and did not like manual workarounds.
  • Issuers across the EU were not prepared for the revenue reductions.
  • Commercial cards and other consumer card brands were excluded.

These challenges were compounded by other high-profile legal actions against the schemes by the EU and national regulatory bodies too, as well as from merchant groups.

An additional change for merchants in October 2019 seemed positive when Mastercard and Visa reduced interregional rates for consumer POS transactions to 0.2% and 0.3%, and additionally inter-regional CNP transactions accepted in Europe down to 1.15% for consumer debit/prepaid and to 1.50% for consumer credit. Again, commercial cards were excluded.

Has it worked?

As with Schrödinger’s work, the IFR review has ‘worked’ and also ‘not worked’ depending upon your perspective. It has undoubtably introduced unintended consequences and controversy.

Yes, it worked….

IFR debates have led to global changes in the approach to interchange fees; and led to greater scrutiny of acquirer and scheme fees. It contributed to the PSD2/Open Banking initiative and evolved greater trust and transparency and new payments thinking. More recently, it led to the UK Payment Systems Regulator (PSR) undertaking a market review of card acceptance costs (reporting H1 2020) along with other EU National Competent Authority reviews.

But in reality…… no, it really has not worked….

The IFR review has led to years of delays and destructive legal cases between the EU regulators, major merchants and the international payment networks. The result appears to be a reduction in interchange fees but has been largely ‘cancelled-out’ by increased scheme fees and ergo acquirer fees. As these were outside the IFR scope, these many ‘new fees’ have been passed onto the merchant. Merchants blame acquirers, as their card processing costs increased, as have the revenues and profits of some acquirers and the card schemes.

Card issuers lost revenues as the result of lower interchange rates, replacing these in many cases with card fees, account fees and transaction fees, higher borrowing rates and reduced ‘free borrowing / repayment periods’; along with removing or weakening many cash-back / reward programmes.

Next steps 

We now need to complete and assess the findings of another regulatory review:

Strategic considerations?

  • What price changes have consumers seen from any Merchant cost changes?
  • Has competition, choice and innovation in European payments been realised, as originally sought by EU regulators?
  • Has the reduction in interchange rates, as part of the overall merchant commission, been simply replaced by other fees, that were and remain out of scope of the original IRF?
  • Have regulatory bodies learnt any more about the true costs of cash and other non-card payment methods?
  • Have the IRF reductions undermined the European Regulator promotion of PSD2 initiatives and alternative payment methods? Is there viable competition to cards now, e.g. account to account payments / credit transfers and PISPs?
  • Is there greater transparency on merchant fees?
  • Has individual country National Competent Authority (NCA) enforcement/ guidance been seen and sufficient?
  • What have we learnt from loopholes, vagueness and omissions in EU IRF regulatory language?

Impact on card usage?

  • Has IFR led directly to increased consumer card spending?
  • What has the effect been upon displacing cash at merchants?
  • Has the prohibition of surcharging on cards been simply replaced by discounts for cash, merchant steering of consumer payments and/or minimum purchase amounts?
  • Where surcharging on cards outside of scope is permitted, how has this been performed and what was the effect?
  • Has interchange fee reduction derived benefits such as increasing contactless payments across Europe?

Regulator next steps?

  • The EU regulator should now see a clear way to make further sweeping changes.
  • A cap should be considered for the total fees (including interchange) paid per transaction, especially poignant for higher-value card transactions?
  • The regulator should rule also on commercial card rates
  • Further regulation, including broader review of acquirer pricing and scheme fees to issuing and acquiring clients should now be proposed?

We should not be satisfied with the EU regulator actions of five years ago either. The European Commission was tasked in 2015 to assess the IFR effectiveness by 2019, They struggled to find and appoint research consultants, only appointing Ernst & Young (EY) in late 2018. The long-awaited review and publication of results has been delayed until 2020.

Back in 2015, when EU regulators pulled this programme together, they and we did not know what we know, see and experience now. We still have uncertainty, lack of clarity on what benefits have been achieved, the unintended consequences of these changes and continued marketplace evolution.

The EU regulators really must act. They have no choice. What we can be assured of though, is that we WILL be surprised, changes will be significant, complex and ever more impactful, and as ever stakeholders will fight and then find ways around restrictions. The payments marketplace will both continue and evolve. So, let’s have some fun with the journey!

Riskskill.com is a leading Europe-based payments and risk management consultancy, with an impressive international track record of helping payments businesses to find and mitigate payments challenges and risks, competing in a fierce world and dealing with regulatory and scheme changes. Riskskill.com works with clients to put in place strategies and programmes of work to make payments businesses or functions more profitable, less susceptible to losses, risks and regulatory issues and compliance problems. Its people are widely accepted as some of Europe’s leading payments and risk experts and they are frequent commentators on the issues involved. The key team have a wide experience in banking, insurance and the financial services and payments sectors and are thought leaders at the forefront of many industry wide and international debates.

Riskskill.com is an approved Visa Inc. GARS Reviewer.

For further information, please contact:  Bill Trueman or Kevin Smith at Riskskill.com


Bill Trueman and Kevin Smith

Principal Consultants, Riskskill


Contactless Card Payments Limit Increased From £30 to £45 in UK

UK contactless card payment

Contactless payments limit in the UK increases from £30 to £45 is being seen as Another blow for cash payments in United Kingdom. This will off course help the customers to save time during checkout at retail stores.

After much speculation, the contactless payments limit in the UK increases from £30 to £45. It has been under discussion for some time but recent Covid-19 developments have accelerated the decision and communication processes.

Effective from 1 April 2020, there will be a lengthy and phased migration for consumers and across merchant sectors. This will be further complicated by the retail temporary closures as a result of the steps to manage Covid-19.

All stakeholders, especially cardholders and merchants should welcome the increase. There will of course be concerns about fraud on contactless payments, but we should remember that current fraud figures show fraud on contactless payments is just 2.5p in every £100 spent.

For more information visit https://www.ukfinance.org.uk/contactless-limit-change-faqs

Kevin Smith is a Senior Payment Services & Risk Management Consultant & Industry Advisor at Riskskill.com and permanent member of AIRFA. He helps businesses in the payment sector perform better, in complying with regulation, doing more business, challenging partners and/or helping to put things right when they go wrong and if/when regulators, card-schemes and other parties start to challenge what our clients are doing.


Onboarding and its Challenges

Onboarding and its Challenges

Onboarding is already a complex, competitive and ever-evolving process: but is about to become `THE CHALLENGE’ over the next year. But why? And how can we be sure?

We will discuss here:

  1. Some of the current regulatory changes and why these are such a great thing for those of us with onboarding functions
  2. How in the coming year or two, these changes will have a major impact upon onboarding functions, and
  3. What we should look-out for and what we can start doing.

We are having to make major changes to our businesses and more will be needed as further legislation continues to ‘hit-us’. But it is mostly GOOD regulation. We are entering a period now of high-disruption and high-regulation – see below for a UK market example.

The graphic below indicates the balance between disruption in the financial services environment and all of its stakeholders. It is the view of UK Finance[1], the UK Banking industry trade association, and their thoughts on ‘the future of payments and banking’.

Kevin Smith - Risk Review Specialist
Kevin Smith

For all of us, it would appear that we are accelerating into a period of both high national and international regulation as well as high market disruption through new entrants and competition, innovation, data availability and enabling technologies. This is a good thing because it means that the marketplace will evolve in a controlled way and we should rather want to be in such a marketplace than the others shown above. But it is worthy to note that this high regulation is in the main a very good thing because:

  • The legislation is positive rather than punishing – it clarifies who does what, where, how and why,
  • It prevents abuse and misuse of the global payments infrastructure and any ‘more localised’ deployment,
  • It supports consumers and their needs – protecting end-users of the payment system,
  • It encourages further innovation and market development,
  • It is designed to support competition and to challenge the status-quo in the markets.


PSD2 is very prominent because of Strong Customer Authentication (SCA) implementation and enforcement at the moment, BUT PSD2 and broader European financial services regulation have also given us Open Banking and push as well as pull payments with the opening-up of banks to new payment organisations such as PISPs[2] and AISPs[3] and their new regulatory registration category.

GDPR was seen as a surprise to many and a headache to most last year, but it really is ‘the best thing that has happened to information management’.  It leads to a greater understanding of our data, our data needs and it requires us to ‘do our jobs’. It reminds us that it is not necessarily our data and that we need to justify why we process the data in the way we do. It enables us to deploy better practices, develop new products and services and to use information sources better to help us know our customers. In turn, GDPR has helped us refocus on the importance of Information Security Management Systems (ISMS) and further this year to comply with ISO 27001 and now additionally with ISO 27701 (a current urgency).

The current and ongoing UK Government-initiated evaluation (and similarly across the EU) of the operations and activities of company registers, highlight the concerns that Governments themselves must also continue to improve the data available and to deliver access to reliable, trusted data.

Money Laundering regulatory changes globally are also now creeping up upon us – but we will say no more about these challenges here as they envelop us.

In the UK, the Payment Systems Regulator (PSR) was established three years ago and is in the process of overhauling the payments regulation with the drive towards more innovation, inclusion and competition. It is now part-way through a deep review of the merchant acquiring marketplace and practices, the economics and the profitability of the big players and other stakeholders. We can expect the PSR to make rulings that will again focus us upon applying greater transparency, and in creating competition and innovation in payments.

Bill Trueman - Risk Review Specialist
Bill Trueman

Key to a lot of regulation in this area is making access to services easier, simpler and faster; removing barriers to entry and services more innovative. So, we can expect this review and further disruption to include regulation mandates (especially the UK PSR requirements due to be published in Q1 2020) around:

  • More shared data across the industry,
  • Faster onboarding – with increased focus on both initial and ongoing merchant underwriting,
  • Mandated acquirer ‘account switching’ service (i.e. to be able to change acquiring partners with greater ease),
  • Data sharing to facilitate this,
  • Easier, faster and more accurate due diligence,
  • Mandating innovation and competition in favour of smaller, newer, innovative technologies,
  • Greater transparency in the application of merchant contracts, operational support, and providing ‘value-add’ services to manage merchant and systems risks.

Accordingly, the challenges for acquirers, and their trusted processing partners, over this coming year (2020) will see a need for us to become smarter, faster, much more automated, more innovative and accommodating to new technologies and solutions in an ever-evolving and faster way. Those who do this quickly and efficiently will survive, those who do not or cannot: will struggle and start to suffer.

Merchant onboarding has often been a ‘race to the bottom’ and must now start to become a ‘technology race’. The challenge will be to stop giving ‘lip-service to innovation’ and to now adopt and meet the onboarding challenges to:

  • Automate (and cleverly) the sanctions / PEPs screening functions,
  • Make greater use of bureaux data for businesses,
  • Make use of stronger and better technology to use the many existing and newer data for merchants, individuals, web-presence, payment solutions, etc.,
  • Secure timely access to critical data across multiple jurisdictions,
  • Gather more data from the web and other trusted sources about businesses, business performance, their people and their customers,
  • Understand businesses better, and bringing compliance and business due diligence into the sales team and other front office rather than seeing it as a ‘back-office function’ only; and the responsibility of risk, credit and compliance teams alone.
  • Develop stronger credit risk skills, risk management understanding and exposure measurement and management both at underwriting and at every stage or significant change in the merchant life-cycle.

We are certainly entering a period where onboarding WILL become even more important and more competitive and the biggest challenges will be for acquirers and their partners to focus upon and to ‘up-their-game’ to compete and innovate in their application of risk management in general, but in particular in their onboarding.

The current Regulatory changes and impositions are a very good thing and will be the catalyst for further innovation, disruption and change in our industry today – and also for the industry that we will evolve over the next few years and into whatever form it may morph into!

Bill Trueman and Kevin Smith work as Riskskill.com to help businesses in the payment sector perform better, whether in complying with regulation, doing more business, challenging partners and/or helping to put things right when they go wrong and if/when regulators, card-schemes and other parties start to challenge what our clients are doing. They are industry commentators and also help companies in the industry establish direction, strategy and new ways of doing things.

[1] UK Finance https://www.ukfinance.org.uk

[2] Payment Initiation Service Provider

[3] Account Information Services Provider


RiskSkill Attends WebShield’s RiskConnect Conference 2019 in Warsaw

Webshield RiskConnect Conference 2019 Warsaw

The team at Riskskill were both honoured and pleased to attend and support our friends at Web Shield and yet another successful networking conference for risk management people, this time at RiskConnect 2019 in Warsaw.

Over the 19th and 20th November, Web Shield hosted some 250 risk practitioners from across Europe and many from further afield.

There was a superb group of presenters at the event, who rewarded the audience with powerful presentations; such as:

– Keynote presenters from Süddeutsche Zeitung (Obermayer and Obermaier – who were the original ‘Panama Papers’ 2017 pulitzer-prize winners) who signed copies of their book at the conference.

– Mastercard and Visa executives who presented their visions and key changes to global chargeback and fraud rules.

– USA-based; Better Business Bureau: on the extent of global Deceptive Marketing Practices (also the title of a new publication from our hosts at Web Shield)

– G2A.com and the Belgian Gaming Commission: who presented massively engagingly upon loot boxes.

– The Royal Canadian Mounted Police talking about significant investigations into malpractice

– Deloitte and Deloitte RegTech Lab, MarketScape, Nethone, Bankingblocks, Ethoca and Crystal Blockchain all produced extraordinary presentations about current, interesting and informative topics, as did great people from Web Shield too – who also announced the launch of its multi-language training academy courses on risk management.

Fuller agenda and details on the event can be found on the Web Shield / RiskConnect website.

Bill Trueman from Riskskill moderated a lively and fascinating panel discussion on Day-1 on the rapidly emerging and poorly understood issue of loot boxes (aka loot crates) and the various views taken by individual national regulators, the card schemes and the ultimate need for a greater understanding and potential need for further clarifying regulation. The panel comprised Peter Naessens (Belgium Gaming Commission), Olav Leonov (G2A) and Markus Prause (Web Shield).

Webshield RiskConnect Conference 2019 Warsaw attended by Bill Trueman

Kevin Smith moderated a panel discussion on Day-2 on the thorny topic of deceptive marketing. The panel comprised Steve Baker (Better Business Bureau), Kyle Smith (Ethoca) and Iveta Korenciakova and Chris West (Bankingblocks). They provided further guidance, experiences and emerging challenges that pulled together a lot of the content from their earlier presentations and the entire event overall. The discussion highlighted the growth and global expansion of the ‘tricks’ used against consumers and the risk of harm (or worse) that, for example counterfeit products can cause, as well as those of unlicensed pharma and neutra products – and their often inert, harmful or even illegal ingredients.

Webshield RiskConnect Conference 2019 Warsaw attended by Kevin Smith

Christian Chmiel chaired the event in his usual calm, confident and professional manner. The common theme remains industry collaboration in what is becoming an ever complex and diverse environment.

The quote of the conference, first introduced by Peter Bayley from Visa was: “What are the brakes on a car for? …. To make the car go faster”

Books from Christian Chmiel and Markus Praus, edited by Joyrene Thomas – also available at the conference): https://about-fraud.com/author/christian-a-chmiel/
Panama Papers book on Amazon: https://www.amazon.co.uk/Panama-Papers-Breaking-Story-Powerful/dp/1786070707/ref=sr_1_1?keywords=panama+papers&qid=1574442501&sr=8-1

Bill Trueman and Kevin Smith are leading payment, risk & fraud specialists who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit websites at RiskSkill, and AIRFA.

RiskSkill Attends CIR 10th Annual Risk Management Awards 2019

CIR 10th Annual Risk Management Awards 2019

Bill Trueman on behalf of RiskSkill was delighted to attend the CIR Risk Management awards last week with Joyrene Thomas (pictured), when we supported Christian Chmiel (also pictured) and saw him collect yet another award for the ‘Webshield’ solutions and their ongoing quest to help merchants with their risk management efforts. Webshield is very much an integral part of the industry. We were all looking forward to attending the RiskConnect.eu event in Warsaw next week.

Winners of CIR 10th Annual Risk Management Awards 2019 were declared on 6 Nov 19 organized by comedian Zoe Lyons at the London Marriott Hotel, Grosvenor Square.

These Awards celebrate the excellence in the field of risk management – recognising the expert, products and programmes in the risk sector for a decade.

For more information visit https://www.cirmagazine.com/riskmanagementawards/winners19.php


Data Protection Watchdogs Round on Facebook Libra Currency

Facebook Libra Currency

The bucking of the process order here concerns me greatly. Any other business, company and/or industry has a process to follow. This process that should be followed is that the company involved must establish its business plan and business and with that it must complete an application and with that approach the appropriate licensing authorities, regulators and/or government agencies in the jurisdiction in which they intend to operate and apply for appropriate registration, regulation and/or licensing.

What has happened here? Has this already happened here? The licences have been progressed and this is now a response to those applications? I doubt it.

It would seem that the data protection people have seen this announcement and are either a) Afeared that these people are going to go ahead without and of this compliance and outside the law of all jurisdictions including tax authorities! OR b) That the data protection people want to help fast-track the processes.

Either way: I am worried and so should everyone else be – that these people are getting privileged access to regulatory time when they do not pay for it through taxes: or that our regulators should feel the need to be so proactive.

Bill Trueman is a leading payment, risk & fraud specialist who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit his website at RiskSkill, apart from this he is also joint chief executive of AIRFA.

To Read More Visit Source Article: https://www.finextra.com/newsarticle/34211/data-protection-watchdogs-round-on-libra

Facebook Libra Currency – A Serious Threat to Global Banking System?

facebook libra currency

On Facebook’s Libra Currency : “I agree with Donald Trump’s Stand”

It is not often that I feel like agreeing with a world leader / game-show host; but I do. But only on the threatened introduction and launch of the Facebook Libra currency.

Payments are complex and there is a huge need for supervision and regulation. Especially, when things start to get challenging or when they go wrong. Our work, involves helping companies to do the right things, so we know just how tough this can be for every company, irrespective of experience.

So, we should all agree with Donald Trump (a shudder here), and for a couple of key reasons we must all make sure that payments and Banking are performed correctly and legally and appropriately licensed and to properly governed organisations to avoid:

A. An ‘Idiocracy’ future – with Facebook et. al.

B. The Tax / Government issues


In the 2006 film ‘Idiocracy’ – ‘Joe’ is transported to a dumbed-down future, where the President of the USA doesn’t read or write – and influence stems from a ‘fizzy drinks’ maker and TV game-shows. Should we really cede control to social media companies?

The companies behind Libra, that form the Libra Association , are giants in their own industries . They wipe-out competitors, and direct our lives with their products/ services. As citizens, are we happy for this Facebook-led association of big business to develop and deploy a crypto-currency using blockchain distributed ledger for its rails. Do we want them to harvest all of our shopping and payments information. Do we want them to collect more ‘lifestyle data’, which they will inevitably sell to others with or without our permission?

We know who run these ‘Libra’ companies, but should we worry that they have complex global corporate structures that collect, lose, sell, and abuse our data today, avoid paying taxes, and evade government enquiries. Even this month, Facebook was fined $5billion. But it took years and cost multiple $millions to do.

We should worry also that the initial Libra documentation shows a big intention to control, maybe even to ‘own’ our ‘identities’.

The Tax / Government Issues

We can all dislike taxes, but:

– They are necessary to pay for welfare, social, health service, community, law enforcement etc. But also to watch over and regulate businesses.

– Taxation also comes from corporates including from Banks and other regulated businesses.

– The tax affairs of the Libra ‘gang’ are very nefarious and hidden in the most tax efficient jurisdictions.

– Regulation also requires companies to have capital, to safeguard money and look after ‘people’, to have an ombudsmen and compensation schemes…… and much more.

We all want faster, cheaper, more secure and convenient payments and banking: but we should also want our money (and that of our aging parents and our children etc.) looked after, not to lose everything overnight, not to have our data misused or lost (again). We need oversight, someone to challenge those who look after our money and we must have laws to protect us from Facebook (et. al.). They might (perhaps) be able to deliver ‘faster’, ‘cheaper’, ‘convenient’ to us; but we have to look at the complete picture.

Our leaders should make sure that whoever wants to start operating financial services and other regulated sectors should keep them within strongly regulated risk and operating frameworks.

We should also worry about:

a) A move towards single global payments and currencies. Would this be linked to say the USD / USA? (Where is Facebook? How do you complain? Will you get an answer?)

b) When governments lose their control over their fiat currencies (e.g. Italy and Greece) will they start to lose control of economies, finances and then political decisions. To Facebook?

c) Will bond markets, currency markets, labour movement, currencies, international payment networks, Interest rates, tax jurisdictions, insurance, pensions be next?

d) Governments need time to adopt/change complex issues properly and sometimes we/they need to understand the ramifications before we re-boot 400 year old industries.

e) Does currency union lead towards political union……?

For the first time in my life, I really want regulation, control, governance, transparency and oversight. This is a BIG issue.

Go for it Donald!

Bill Trueman is a leading payment, risk & fraud specialist who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit his website at RiskSkill, apart from this he is also joint chief executive of AIRFA.

E-Money Risk, Fraud & Compliance Advisory Service by RiskSkill

About RiskSkill’s e-Money Compliance Services

Mobile Payment Fraud Prevention

RiskSkill help businesses avoid €multi-million fines and embarrassing brand damaging mistakes from regulatory non-compliance and process and regulatory mistakes. We help clear up the mess when we are called in later.

E-money Licence Changes:

Recent new financial services legislation in the UK, has led to the Financial Conduct Authority (FCA) introducing a Payments Systems Regulator from April 2014. The ECB, and the European Commission are also proposing ways to regulate and police the whole e-money arena, as are the international card schemes. The FCA is now also starting to review and audit the e-money licences they have granted previously and for observance with ALL regulations and also best-practices.

We believe that the FCA have seen that the governance of payment systems, including e-money issuers, is a difficult and continuous task and needs several layers of supervision and oversight in the way that other payment methods have already established (e.g. through the regulations of the international card schemes).


As an e-money licence holder, you need to ensure that your organisation and all of its agents, including passport holders, are fully conversant with and engaged in all due diligence in customer selection and identification, transaction/event screening, suspicion reporting, record-keeping, corporate assessment of exposures and risk, and the Base II (and III) capital assignment to the exposures. Having reporting to the FCA, a clear payment strategy and ABOVE ALL understanding and observance of laws relating to payments in all areas of operation are all also essential.

The main legislation that is pertinent is the meeting of the requirements of the Money Laundering regulations for all countries in which an e-money licence holder, and its agents and Passport Holders, operates. Not doing what is right by the European Money Laundering directives is the quickest way of losing money, being fined, suffering crippling bad media attention, or losing a market – or a full e-money licence (which will happen when firms are reviewed).

emv chip and pin online payment fraud


In advance of the FCA performing its own validation on individual license holders (and making high profile examples of those who are not fully compliant), you need to:

A. Make sure that all your processes, operations and compliance teams are all fully observant of all applicable regulatory requirements, laws and best practices.

B. More importantly though, are you confident that your third party agents are also fully compliant?

We Can and Will Help You In: 

1. Determining your current state of preparedness and identify areas for attention and action before the FCA requests an onsite review of your business.

2. Review the state of compliance and preparedness of your third party agents or passport-licences and report to you on them as the principal e-money licence holder?

We can provide you with our credentials when you need help, as we are a team of payment industry specialists, that have previously worked in many banks and card schemes, and now help organisations assess their current operational status, and become and remain compliant. We have also worked extensively with the rules, regulations, legislation and best practice across the sector, in the UK and across Europe and advise payment organisations on market strategy and direction rather than simply focusing on ‘tick-box’ auditing.

Contact RiskSkill for our Services for all Risks, Fraud and Compliance solutions for e-money, e-payment, internet payments, e-funds, e payment systems, online payment and digital cash’s safe transactions. RiskSkill is also a permanent member of AIRFA an independent and global risk and fraud advisors organization.

How to Protect from Being Victim of Mobile Payment & Internet Banking Fraud?

All About Safe ‘Mobile Payments’ and Internet Banking Transactions

What is Mobile Payments and what are the top 10 things that we should be doing to stop us from losing all our money?

Bill Trueman - Risk Review Specialist

Well as technology moves forward we’re now increasingly using our ‘mobile devices’ – we used to call them phones – to make payments. In its simplest form it is calling the bank to make a payment to someone; or using an iPhone/android app to contact our Bank to make a payment, or pay for something with a credit card. Looking forwards there’s the prospect that our mobiles will become the main payment device in shops and cinemas etc. We will probably just ‘tap and go’ for small transactions. There is naturally then a lot of evolution that has happened and this will continue as everyone from credit card companies to banks jump on the bandwagon. In response phone companies are rapidly integrating device and software technology to make payment by phone easier and easier.

The pace of technology protection for consumers is also developing, but not as fast as the growing number of solutions or providers that are involved. Things like encryption, virus protection and chips and PINS, secret codes and memorable passwords etc are all protections, but the weakest point in the chain is you and me as the users. We are only human, and have to be careful too. More of us will run the risk of having our identities stolen, and with them have all our money stolen and our lives invaded by the people behind these attacks.

How can we Protect Ourselves, and Make Sure that we do not Become the Victims of Mobile Payment and Internet Banking Frauds?

  1. Don’t think that it will not happen to me.Because it will. With more technology use, and easier access to our data, and through more routes, the identities of people in their teens and twenties is increasingly becoming more of a problem as they are the group most eager to embrace new technology.
  2. Stop people from getting to our technology.There are password locks on most devices now. Use them. And make sure that they are not easy to guess, no “PASSWORD”, “0000”, or “Mary” if you or your best friend or dogs are called “Mary”.
  3. Do not keep data on your devices that could be used by others.Invest in an app that password protects your data / details. They only cost a small amount, and make sure that the details are then stored encrypted. If you have to store details on the device without these things, put them behind a code that only you can understand.
  4. Keep key information in different places.A lot of fraud and losses occur because people are still ‘silly’ with their details. Keeping a PIN with the card number, with address details and/or personal details that will help a fraudster. Whilst the advice used to be ‘do not write your PIN on your card”; now it should be ‘do not keep the log on details and password with the web access address!
  5. Beware of Phishing emails.Many fraudsters, half way across the world get your details from you WITH YOUR HELP. They make an email look like it is from your bank, a delivery company or someone else you are expecting emails from – like Paypal, the tax office, Facebook or Ebay; and then present you with a screen to sign on with your password. Then they have your private details. Be extra cautious of such incoming emails.
  6. Beware of sharp talking callers.Many frauds still start with crooks who call/text/email you or me and explain that there has been a problem on your account that has been blocked, and to disclose your card details/PINs addresses or other information, in order to unblock the account. Remember, if they want to ID you, who contacted who? Identify them first.
  7. Do not make payments in a hurry or when you do not want to.This is when we make mistakes and expose ourselves.
  8. Only use machines that you know.Internet Cafes can be infiltrated, have software added, hardware added or any combinations. DO NOT MAKE PAYMENTS from other people’s machines unless you really know what you are doing and you have a safe, end-to-end secure conversation going on; that you know that you are not being overseen, that there is no hardware/software running etc. And do not enter / remember passwords on any machines, especially not strange machines.
  9. Avoid using the same passwords.Obvious that one isn’t it, but so many people do!
  10. Look after all personal details.Be protective with personal details. Do not use your PINs, card numbers, card expiry dates, addresses, phone numbers or mother’s maiden names etc. in public, in earshot of others. Type PINs and passwords covered up, and always assume that someone is watching or that there is a micro-camera installed by crooks anywhere that you are putting, reading or typing personal details.

Remember, that as the technology and connectivity leaps forward it is the fundamentals and people issues that become the biggest weaknesses, and we all have to work to ‘mind the gap’ that this leaves open; until we have remote/mobile real-time DNA testing – which is a long, long way off.

Bill Trueman is a leading payment, risk & fraud expert who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit website at RiskSkill, apart from this Bill is also a permanent member of AIRFA.

How do we Need to Attack the Fraud Losses as They Arise and Rise?

corporate fraud prevention

Increasing fraud losses are one of the main concerns of most of the organizations worldwide. But if we take care of some points then we can minimize such fraud losses. I am mentioning some important points to minimize such fraud losses in any organization.

  1. Ensure that management are fully behind the need to address the problems and prepared to invest in the solutions even if they will take more than a few months to see pay-back. Often the payback for these things is a matter of weeks, because left without a solution the fraud rises exponentially. We often need to invest to prevent this….. again.
  1. Make sure that the problem is being measured; and any which way. There is no point in investing in a ramped up a POS identity validation or rule-sets in a solution if the problem is in the e-commerce field, and equally little point in spending money on a overseas issue or a portfolio review if we do not identify our new customers properly. So we need to measure the problem to focus our attentions on the solutions needed, but also to ensure that the right management can see the trends and start demanding the right investment in the right direction.
  1. Often we see such problems where there is investment and there is measurement and management, but no-one on the board is responsible i.e. has ‘ownership’ of the rising losses that start to kill the profitability. Someone has to be responsible and someone’s head has to be about to roll if they do not get addressed. And if someone does own the problem, usually they take action and make sure that the right things happen. Hopefully.
  1. Lastly, if the culture is not there, things suffer and fraud goes up and up and up. People have to be hungry to find the liars and cheats and attack them. People have to demand immediate action and take the fight to the crooks and cheats, and we have to be hungry to address the IT challenges, rule corrections, falling staff levels, loss of focus in the management team. We also have to work as teams and both be able to deal with the problems as we find then, to LOOK for the problems that seem to underpin the problems but also to have the function in the business to PREVENT the next possible attacks.

Bill Trueman is a leading payment, risk & fraud expert who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit website at RiskSkill, apart from this Bill is also a permanent member of AIRFA.