Friday , November 22, 2024

The Double-Edged Sword of Tokenization Helps Issuers But Also Poses a Subtle Threat

By John Stewart

The rise of tokenization into a major payments business helps enable enterprises like Apple Pay and Android Pay but could also pose a threat to the financial institutions that have historically issued the majority of the cards consumers use most often.

That threat lies in the fact that, with wallets, physical plastic cards become digital tokens and a major third-party consumer brand inserts itself between the issuer and its cardholder. That’s an entirely different relationship from the one banks have carved out over the years with their credit and debit programs.

“It’s a complex dynamic,” Zilvinas Bareisis, a London-based senior analyst for researcher Celent, tells Digital Transactions News. “If I’m paying with Apple Pay, the bank brand is secondary. The reality is, it’s not quite the same as putting down a card with that [bank] brand printed there.”

With the year-old Apple Pay program specifically, banks also pay for the privilege of allowing a third party to enter into that once-intimate issuer-cardholder relationship. Apple Inc.’s contract with issuers imposes a host of requirements on financial institutions, including a fee of 15 basis points on credit card transactions and a half penny on each debit payment. But the loss of brand power could ultimately outweigh even the financial costs, Bareisis argues. “That loss of relationship is the biggest loss [issuers] would experience,” he says.

At the same time, the major card networks have, for the time being at least, gained a strong position in the relatively new role of token service provider. While Celent expects more players to assume that role over time, for now Bareisis says issuers have expressed some reservations about the potential for ceding too much authority to the networks in the nascent wallet business.

To be sure, issuers also have much to gain from participating in wallets. The flexibility offered by tokenizing the card credentials opens up a wide array of benefits for both banks and their customers, including improved risk management. Tokenization replaces actual card account numbers with a random string of digits that would be useless to data thieves.

“There are lots of reasons to like these tokens,” says Bareisis. “Card credentials are less exposed and there’s more control over how the card is used.” Unlike a physical card, for example, a token can be coded to be good for only a particular number of transactions and for a particular use, say 12 times for a monthly gym membership. That gives cardholders more flexibility and helps issuers reduce risk, Bareisis argues.

Another important factor is that Apple Pay is no longer the only game in town. The recent launches of Google Inc.’s Android Pay and Samsung Electronics Co. Ltd.’s Samsung Pay services offer issuers third-party alternatives. And with the Android Pay application programming interface, issuers could integrate the wallet’s capabilities into their own branded wallets, an option not available with Apple’s closed system. “You can build something of your own utilizing the Android Pay APIs,” says Bareisis, who predicts, “Banks will make more use of that.”

But issuers whose cardholder base includes a significant share of iPhone users will likely have to support a range of third-party wallets. “If you have customers who have iPhones, you’re not going to get to that base unless you offer Apple Pay,” Bareisis notes. And it’s not likely Apple will go the route of open APIs any time soon. “So far, they’ve shown very little interest in doing that. I don’t really see that changing,” he says.

For the near future, at least, Bareisis recommends issuers support multiple wallets to suit the wide variety of consumer payment needs. Apple Pay and Android Pay, for example, are suitable for in-store and in-app payments but don’t support peer-to-peer payments, a market served by alternatives like Google Wallet or PayPal Holdings Inc.’s Venmo service. “We’ll see more banks experimenting with different approaches,” he says. “The days when you could have one solution for everything, that’s not realistic any more.”

Check Also

APP Fraud To Reach $7.6 Billion by 2028 in Six Countries, ACI Says

Authorized push payment fraud could reach $7.6 billion in six markets, ACI Worldwide Inc. says …

Digital Transactions