Why does Payment Efficiency Matter?
Processing payments is a multi-partner, multi-step endeavor,...
Payment processing describes the series of steps that take place allowing one party to deliver money to another in return for goods and services, normally via a credit card. In the physical world, people buying and selling things often simply exchange physical cash, which is, if not especially secure, at least simple: one party hands the other banknotes, the other supplies the desired item. Payment processing, however, involves several different participants and a number of discrete, distinct, and sometimes complicated steps.
When transacting a sale with a credit card, the entities involved are:
First the merchant must obtain an authorization code from the customer bank, which confirms the bank is willing and able to supply the requested funds; then the merchant must close the transaction by requesting to close the authorized transaction.
Getting the authorization is the complicated part. It consists of the following steps:
Note that at the end of this process, the merchant technically is only in possession of an authorization, not the funds they expect to be delivered to them. On a regular basis - generally daily - either the merchant or, increasingly, their PSP will gather up all the unclosed authorizations, pass them back through the same series of players, at which point the customer bank will transfer the approved funds to the merchant bank. In principle, unclosed authorizations can expire, resulting in the merchant being unable to acquire the expected funds - but this is a rare occurrence.
Often, the authorization received by the merchant is no more than an indication that, all things being equal, the deal will be successfully closed. In instances where the merchant requires certainty, they may request an authorization hold, which, if granted, reserves the requested amount of funds from the buyer’s funds so that they are sure to be available when the merchant goes to close the transaction. The example most consumers are familiar with is the pre-authorization provided to hotels and car rental companies: the vendor doesn’t yet know exactly how much they are going to charge, but they want to be sure that at least a bare minimum amount is available when the time comes.
Authorization holds provide security for the merchant, but they are not only not well-loved by consumers, they also carry an additional process burden: card networks and customer banks do not look favorably upon merchants that do not close out authorization holds in a timely manner, and are especially likely to impose penalties if consumers raise chargebacks for them (a chargeback is when a consumer asks the card issuer, rather than the merchant, to reverse a charge).
With the high volume of entities that participate in each payment processing transaction, efficiency and effectiveness can often be at odds with one another!
One of the largest resource hogs of the whole process is regulatory compliance: every entity that participates in the payment processing procedure must adhere to the PCI-DSS standard, which governs the collection, storage, and handling of personally identifiable information (PII) on behalf of consumers. Keeping as much of one’s payment system out of scope as possible is always desirable, as it keeps the cost of regulatory compliance low; this is why most merchants choose not to store PII on their own servers, but rather outsource the collection and storage of this information to either full-service PSPs (also known as aggregators) or to third-party tokenization providers.
Similarly, the most efficient way to transact business with credit cards for a merchant is to use a single PSP, which may provide a broad array of services, from PII collection and storage to security systems to currency conversion services for global deals. However, committing to a single PSP leaves merchants with a dangerous single point of failure: if that one PSP suffers an outage, goes out of business, or even opts to close its relationship with the merchant, disaster can hit all at once.
Larger merchants, therefore, will opt to contract with more than one PSP so that they can eliminate the single point of failure, and at the same time take advantage of different rate cards to optimize their cost to process payments.
Processing payments is a multi-partner, multi-step endeavor,...
A risk assessment is a dedicated process evaluating the likelihood of a damaging event happening....
Unlike a vendor at a physical market stall, who can exchange goods for physical cash, merchants...