Should Banks Create Payment Systems?
Or Leave It To The Experts?
The rise of mobile apps contributed to making payments increasingly easier to perform. But that is not all it did.
New apportunities bring new hackortunities.
Financial institutions are experiencing a steady flow of cyber-attacks, system failures are recurrent, data and money being lost constantly. Media coverage of these events has determined companies to re-evaluate and prioritise their security. There is an enormous amount of funding that goes into the development of safer payment methods.
The Ponemon Institute has conducted a study regarding Data security in the Evolving payment Ecosystem, involving 748 US based IT and IT security, product development, risk management professionals, as well as other players in payments systems, and their findings are worrying. 59 perfect of them expect the risk of data breach to increase with the development of mobile payments systems.
The result of the survey showed that 68 percent of respondents said they feel that the pressure to switch to new payment systems is putting their customers at risk of data breaches.
14 perfect don’t think that the switch will affect their security, and 18 percent were unsure.
As browser- based banking is losing ground in front of mobile apps, banks really need to level up their payments game.
Banks are struggling to have the best mobile payment systems, constantly developing new features with the purpose of making customers’ life easier. This also helps them to increase their mobile presence, which in today’s market is vital.
Smartphones are now payment terminals and wallets, slowly replacing the traditional bank card.
These kind of payments are huge time-savers. No more having to write your card number every time you pay for something online. It sounds convenient and fast and it’s already here, but it’s essential that they are kept up to date from all points of view.
Banks: Financial or Software Development Companies?
Basically, there are two options: developing in-house payment software, or externalising it to a technology company.
Each of these options have their own pros and cons, and a few criteria must be carefully considered before making a decision.
Time
In-house
Since development is far from being the bank’s main activity, it will take more time than it would to a software development company.
On the other hand, if something must be fixed in the app, you can simply go to the developer’s office and solve the problem.
Outsourcing
The execution time is definitely shorter in this case, but if an issue appears on the way and the software must be fixed, it is more time- consuming to get it done.
Costs
In-house
On the short term, it is less expensive for banks to create their own systems, but on the long run, the maintenance and update costs will be a waste of money and resources.
Outsourcing
A custom made software solution is indeed more expensive to get, but on the long run the initial cost doesn’t seem like such a big investment because any maintenance and support costs are usually included in the initial package.
Security
In-house
The security aspect is debatable. On one hand, banks are up to date with the evolution of financial fraud attempts, which gives them a slight advantage over tech companies. On the other hand, a technology company has the skilled resources to mitigate the risks.
As the Ponemom institute found out, companies are the main actor responsible for the payments’ security (45 percent), closely followed by the credit card brands (40 percent). Only 14 percent of them considered the provider of the payment technology liable in case an event happens.
Outsourcing
Allowing another company to access sensitive information such as customer data and bank accounts would make any bank reluctant, but as long as a good security system is in place, everything should be fine.
Also, a technology company specialised in the development of cyber-security products is without a doubt more likely to come up with a better solution and is able to mitigate the risks and reduce the damages in a more efficient way.
Staff
In-house
Even though developers are relatively easy to employ, it is not that easy to find one that has the right cyber-security knowledge and experience.
A viable option for when a company doesn’t have the right knowledge is to bring in an expert. This way, there is no long term commitment (which also reduces costs) and the knowledge exchange not only benefits the internal developers, but the whole company.
Outsourcing
Since they already have a development activity in place, technology companies most definitely have the right employees with the right set of skills for their activity.
Control
In-house
Having your solution developed in-house means you have a higher level of control over how the application is designed and structured. It is highly verifiable and during the development process, the software can be tested much more often.
Outsourcing
As opposed to in-house development, an important issue that arises when outsourcing the development of a payment solution is quality control. The bank can’t make sure that the code is well written in case of an unpredictable event where the in-house developers have to make changes.
Customer trust
In-house
From this point of view, studies indicate that customers trust the payment systems provided by banks more than those of other companies.
“Mercator consumer research indicates that consumer have significantly greater trust in the security provided by banks,” Sloane said in an email to ARC. “But this is only one aspect consumers consider. Availability on the consumers device, ease of use, acceptance at merchant locations, and value added features are also going to sway what solution consumers adopt.”**
In October 2015, Mercator released a survey conducted on 3,000 people which states that 29% of them have more trust in mobile payment apps from their bank.
Outsourcing
Customers don’t trust software companies with their sensitive data as much as they do with banks.
So?
Trust brings responsibility. As customers trust their banks the most when it comes to making payments, they also consider them as being in charge of the security of their data.
There is no perfect answer as to whether banks should create their own payment systems or employ a development company to do it for them. Each bank has its own unique characteristics and their solution should be tailored to its needs.
At the end of the day, it’s all about considering the benefits and the disadvantages and whether the offer meets the demand’s needs.
