This month, I’ve decided to explore how the ‘Tap to Everything’ revolution is making eCommerce faster, safer, and simpler for an increasing number of consumers.
Tap to Add wallet-led demand
Just four months on since Mastercard officially launched its Tap to Pay (TTP) pilot for eCommerce and in-app mobile payments, Mypinpad is already providing Tap to Add (TTA) and Tap to Pay (TTP) functionality to some of the largest eCommerce providers in the world. So, we thought it was worth taking a closer look at the increasing popularity of TTA functionality, because it’s clearly meeting rising demand for faster and yet still highly secure card provisioning for eCommerce transactions.
The TTA and TTP functionality, which we are rolling out for several customers right now, is principally being used to add credit or debit cards to consumers’ digital wallets (aka ‘provisioning’, the TTA part), often continuing on to a payment (the TTP part). These are part of Card Not Present (CNP) eCommerce payment flows, usually requiring 3DS or CVV authentication if a payment is over a certain amount (demanding additional authentication layers to be dynamically applied).
The innovation brought by TTA/TTP is the ability for a consumer to just tap their own bank card against their own phone to provision a card and complete an eCommerce transaction in the comfort of their home. Our TTA software enables that. Not only is the experience a better one (tapping rather than manually entering card numbers), it is also significantly more secure because Mypinpad, as a PCI-certified solutions provider, can keep the cardholder’s details secret even from the app that they are using – thereby reducing our customers’ PCI-DSS compliance requirements.
In our own app, we give our customers the option to capture the CVV of that card for high-value transactions, and a further optional fallback to enter the consumer’s primary bank account number (PAN) in a secure way.
TTA/TTP also offers a more secure payment method which helps protect customer data and reduces fraud risk. This is achieved by tokenising card data either via Card on File (COF) or Network Tokens, the latter being much preferred since its ‘device-binding’ capability reduces CVV reliance over time. This provisioning-plus-tokenisation model significantly reduces the risk of cardholder data loss, while providing a simple, clear user experience. There’s less risk of digital theft, or abandoned carts.
Tap to Verify / Confirm
Once your card is provisioned through TTA, it becomes easy to Tap to Verify (TTV) as well. So, what’s the merit of TTV in eCommerce today? As more and more transactions are authenticated by mobile devices, new fraud risks have emerged, which must be addressed. For example, many users allow their family members to unlock their phones so their children can play mobile games or their partners can answer messages. However, this reduces the certainty which banks need — that a registered fingerprint is indeed that of the cardholder, rather than that of another family member. Tapping a card mitigates this risk while providing a simple user journey — just tap when prompted.
To ensure that the person doing the transacting is indeed authorised to pay that bill, extra layers of authentication are now being designed into the payments journey. For example, for one major national bank, we recently applied Tap to Verify or Confirm capability via Step-up Authentication. This requires the correct PIN number to be inputted on the mobile device to complete larger-value or suspect transactions. Many eCommerce apps now demand the selected card’s CVV number for additional verification that the buyer has access to (and the authority to use) the relevant card.
Tap to Activate and Tap to Change PIN
Innovative use cases from what many now call the Tap to Everything movement just keep coming. For example, there is Tap to Activate, which makes it possible for customers to securely confirm to their banks that their new card arrived safely and is ready for use. Historically, issuing banks have had to use expensive methods of securely distributing new cards, whereas with Tap to Activate, even regular mail is sufficient.
Going beyond this is the ability to run so-called ‘issuer scripts’ to allow for actual card updating such as resetting counters, unblocking a card or changing a PIN — all from the comfort of your own couch. This saves a visit to an ATM or a shop where physical use of the card is required. Customers can now simply use the banking app they already trust, which now has this new functionality embedded.
Tap to Send/Receive for P2P payments
Further down the road, we see more use cases for Tap to Send/Receive (TTS) where card rails are used for person-to-person (P2P) payments. P2P payment solutions such as Mastercard Send and Visa Direct are not new and have had some success in a limited number of markets. The relatively high cost and low market visibility have limited their adoption. With tapping as the user experience, using a card or another phone, P2P payments could expect a new lease of life with TTS for some use cases.
Tap to Everything is here
Hopefully, some of the above real-world examples and use cases prove that the Tap to Everything vision, which was just that a year or two ago, is rapidly becoming a reality. And it’s touching all parts of the payments ecosystem, from issuers through to eCommerce retailers and customers.
The benefits of exploring the new trend are legion. Tap to Everything is bringing easier card provisioning, slicker and more secure authentication, and fewer eCommerce transaction failures. Chargeback requests are falling, and the customer experience is improving as these changes are being applied. Here at Mypinpad, we see ourselves as enabling the Tap to Everything revolution — which is clearly gathering momentum.
