Crash Course On The Payment Ecosystem | Forter

The current payments landscape consists of many different players who rely on each other to operate efficiently and securely. However, these players do not all have the same roles and goals, nor do they speak the same “language.” At the same time, as demands for richer payment options grow, new types of fraud threaten data security and privacy. 

All of these factors create a complex and often confusing ecosystem that merchants are having increasing difficulty in managing. 

The Payments Landscape Today

Here are just some of the categories of players that exist in the payments landscape:

1. Card Schemes  10. Online Payment Gateways
2. Acquirers 11. E-Commerce Payment Providers
3. Issuers 12. Recurring Billing Payment Providers
4. Payment Processors 13. Tablet POS Providers
5. ISO (Independent Sales Organization) 14. Terminal Hardware Providers
6. Aggregators 15. POS Terminal Companies
7. Mobile Wallets 16. POS Software
8. Mobile Wallet Platforms 17. Closed Loop Payment Networks
9. Mobile Payment Providers

Within each of these categories there are a subset of requirements and players. Let’s take the first category, for example: card schemes

Card schemes are payment networks linked to specific payment cards, such as debit or credit cards. A bank or any other eligible financial institution can become a member of such a network. By becoming a member, one is then able to issue or acquire cards operating on the network of that specific card scheme. Common examples for card schemes include Visa, Mastercard, Diners, AMEX, Japan Credit Bureau, Carte Bancaire, etc.

Now, in order to be able to issue Visa cards for example, the financial institution must be a member of Visa and achieve an issuer bank license. This license comes with its own set of regulations, and Visa will closely monitor the issuer to make sure they are playing by the rules.

In order to be able to process Visa transactions, the entity must be a member of Visa and achieve an acquiring bank license. This license enables the ability for the financial institution to process Visa-only transactions. Should the acquirer want to also process Mastercard transactions, they must also become a member of Mastercard’s network and also be granted a license from them. This license will also come with its own set of regulations, which Visa will monitor closely to make sure the acquiring bank is playing by the rules. Visa will monitor the fraud to sale ratio and the chargeback ratio of the acquirer in his overall portfolio, as well as the separate merchants of the acquirer. Visa can instruct an acquirer to close a merchant account, or can take away the license, if the acquirer does not cooperate with Visa’s requirements. 

So, just within the category of card schemes, we have the following players:

  • Issuing Bank: Who issues cards to the consumers
  • Acquiring Bank: Who issues merchant accounts to businesses that want to get paid by card holders
  • Card Network: Move money from the issuing bank to the acquiring bank

What does this look like in practice?

  1. Galit eats at the restaurant “The Olive Garden” and pays with her Mastercard card issued by Bank of America (Issuer = Bank of America, Card scheme = Mastercard)
  2. “The Olive Garden” contracted with Citi as its acquiring bank (Acquirer = Citi)
  3. Following a successful authorization and capture, the money will follow this flow:

Galit’s bank account (Bank of America) → Galit’s credit card issuing bank (Bank of America) → Card networks (Mastercard) → “The Olive Garden’s” acquiring bank (Citi) → Merchant (“The Olive Garden” restaurant)

This is just one example from the aforementioned categories, but it highlights the number of steps and how the flow of funds actually plays out before arriving at the merchant. 

So what’s the problem?

Because there are so many players who have different roles (and goals) during this process, there are many opportunities where limitations as a result of one of the players may cause the merchant to lose revenue. 

The Players

Just within the example given above, we have the following players:

  • Issuing Bank
  • Acquiring Bank
  • Card Network
  • Merchant

What do they do, and what do they want?

    • Issuing Bank: The issuer decides whether to authorize a transaction. The decision may be related to funds in the consumer’s account (insufficient funds or reaching purchase limits), but may also be related to risk. When the issuer believes that the transaction may be fraudulent, they will decline it. The issuers want to maintain low fraud levels, avoid suffering financial losses due to chargebacks with issuer liability (especially in cases of 3DS transactions), maintain a high approval ratio (to avoid back of wallet syndrome where customers stop using their card due to multiple declines), and to be compliant with card scheme rules and various local regulations such as PSD2 regulations.
  • Acquiring Bank: Acquirers are liable to comply with PSD2 regulation, and are also liable under the card scheme’s regulation to maintain low fraud levels. The fraud levels are calculated on all his portfolio. Overall, acquirers want to maintain low fraud levels, keep a high approval ratio, and maintain compliance with various regulations such as PSD2 and card scheme regulations.
  • Card Network: The network wants to ensure business runs smoothly and securely for all credit and debit transactions that merchants and their customers may have.
  • Merchant: The merchant wants to ensure they maintain a high approval ratio and conversion rate (through diminishing friction for legitimate customers) while maintaining compliance and a low chargeback rate. 

Current Pain Points

The current payment ecosystem allows consumers all over the world to pay to anyone anywhere and anytime. However, at the same time it is a very complicated ecosystem with multiple players who all assess aspects of a transaction differently. 

As transactions are routed throughout the payment system and the many players, there are points at which fraud and risk are assessed and often result in a good and legitimate transaction actually being declined.

This complication, as well as legacy systems, result, too many times, in legitimate users getting declined and failing to complete the purchase. These fraud or risk checks/assessments are based on different thresholds per gateway / card brand / issuer, etc., and data shared between these entities is extremely limited. For merchants, this ultimately leads to many unnecessary inefficiencies or declines at one or more stages in the payment process whether due to unnecessary friction or bank declines.  

This translates to an enormous amount of lost revenue opportunity and also means a poorer customer experience for their consumers. Merchants need help to know how to best process each transaction in order to have the best chance for it to get it accepted and for them to avoid unnecessary friction or declines and poor user experience. In today’s current system, many merchants do not understand:

  1. They are leaving money on the table & losing money in their payments process today
  2. And that they have the ability to impact this and actually increase their revenue

80% of users that get declined while shopping on a particular site will never return. Merchants require a solution that will be able to optimize the entire checkout & payments flow to help ensure that legitimate transactions are accepted and successful.