Most of you techie’s out there had a physics class at some point and can recall the Observer Effect in Quantum Physics: the act of observation can change the measured results. Observation in payments has become the second largest driver of margin and has enabled many new specialists…. so I thought I’d outline some broad thoughts and tell a few stories.
Why is observation important? Payment behavior is truth marked data of what a consumer actually did (offline). While I may search for Ferrari’s, or visit dealership (mobile location) what I actually bought is much more important in predicting behavior and evaluating risk. Purchase data is the most valuable data for that reason (and issuing banks had a lock on it.. Until about 5 yrs ago). The lock has been broken and payment data has become the “missing link” to unite heterogeneous data sets.
As I wrote in 2014 Risk – Carving it up in Payments, Data Games and Changing Economics of Payments, margin in financial products (and banking itself) is driven by a bank’s ability to assess: identity, trust, and risk. The broad dissemination and linkage of data has enabled new means to identify a consumer and predict their behavior/response (including risk). This dissemination has leveled the playing field, reduced economies of scale, given rise to specialists that can act on this data to create better products within an improved customer experience.
Anonymity was a hallmark of payments. Larger banks had information advantage, and were unique in their ability to assess risk of an individual/account and associated transactions (see blog Perfect Authentication – A Nightmare for Banks). However, Banks provided a HUGE incentive for merchants to build organic risk facilities as merchant bore 100% of the fraud loss for CNP transactions (see blog). Third party data sets on: consumer, instrument, device and transaction proliferated.. And top tier merchants like Amazon, WalMart and Target reduced fraud losses to 3bps. These new data sets are in play, as are the tools to link YOUR DATA to them.
Payment Anonymity is now COMPLETELY broken (blog). How did this happen? Here is one example: within the advertising ecosystem, location data leads to home address which connects to identity (property records), and IP address (from your home wifi) + all device identifiers (accessing home wifi), to cards used on those devices and online purchase information. This person to card linkage (enhanced by credit bureaus) is used by Retailers, through mapping services like LiveRamp, to deanonymize card information and create new CDPs. These CDPs serve in marketing, risk and performance functions. For example in marketing, merchants now know each consumer, their brand preferences and all channels (where they spend time) to tailor advertising and activate audiences (see data leakage). The observers are changing the environment.
Identifying and authenticating consumers remotely has always been a challenge. Traditionally authentication has been a combination of 1) who you are, 2) what you have, and 3) what you know. Identity (certainty) is the #1 factor in payment risk management, for example in account opening 90% identity uncertainty and 10% on financial risk.
Now that data (once isolated) has become become both distributed AND connected (through a common identifier). This enables authentication based upon behavior. Lending products can be both targeted and pre-approved based upon behavior with “instant enrollment” (ie. irrespective of your FICO score). New specialists connect identity and the “best” data to inform: creation, distribution, pricing, enrollment, underwriting and risk of new financial products (ex BNPL).
…and you thought Chinese efforts to track based upon your walk was creepy..
The larger the behavioral data set, the better the certainty of your identity and the behaviors that can inform a risk score. In this way Amazon is far better positioned to act as lender to both consumer AND merchant based upon your past history (see Amazon and Walmart are cracking the code for finance).
The “Observers” of Commerce are now able to be BETTER BANKS.
Financial Product Impact
Banks were the original “big data” business (see blog). But now banks are at a disadvantage in connecting their data from a compliance perspective (GDPR, CCPA, OCC, …etc). Banks are constrained where non financial services players are not. Legacy bank utilities which score both person/transaction atrophy and competitors prosper with broader/fresher data unencumbered by compliance.
As described above, authentication based upon behavioral/mobile data enables instant. One size fits all products like “cards” now face competition from integrated and embedded “instant” credit services that can score on current behavior (ie Affirm’s BNPL). The cost to acquire a new customer plummets as specialists precisely target qualified customers. Unregulated (or lightly regulated) entities move faster and attack focused niches powered by “partner banks” that provide the necessary license/sponsorship (ex Meta/TBBK).
The payment networks are not dead. Distribution of data, allowing a greater number of parties to authenticate a consumer and assess risk, would logically imply that the barrier to entry for a new payment network has diminished. However, the ability to create a functional payment network is much different than the ability to create a business model which supports (and incents) all the participants. V/MA have become the ubiquitous common carrier across consumers, merchants and banks.
HOWEVER, there is a very broad threat to core banking (favoring NeoBanks) and traditional products. The one stop financial super market strategy (ie Citi’s Sandy Weil) is gone, as is any sort of generic “multi product consumer brand”. Large banks no longer have a data advantage and bank products have become unbundled (see blog) infrastructure (see Embedded Payments) where brands no longer matter. What matters? Consumer experience, value bundles or highly specialized services that are best in class. Consumers now expect financial services to be instant, competitive and available when and where they need them (see Walmart, and Google Pay – Plex).
Is this “open banking”? I don’t think so (my blog Open Banking/Open Payments). Open Banking/PSD2/OBWG is about forcing the big banks to open their “data doors” to enable faster switching between banks and new intermediaries that can operate on bank data. Banks get to own the dross of the central deposit account, all the risk plus customer service. Intermediaries get to act on bank data but are still constrained in how they connect bank data sets with 3rd party data.
The US, LATAM, Africa, ME and SE Asia (ULAMS.. I just made that up) are evolving differently than EU/China/Japan and other GDPR like countries. Within the ULAMS banks do not hold a data advantage and in many cases regulators are frustrated with existing banks history in serving the mass market (see India UPI example). The key for market success includes: supportive regulatory environment, bank sponsor, or an advanced market for securitization of loans. US, Brazil and India are examples where all 3 are present.
Loss of Privacy
From a societal perspective there has always been a trade off between identity, trust and data sharing (deep discussion in Transformation of Commercial Networks). Traditionally, Banks have held unique data which powered their role as the premier broker of trust (or vis-versa). Today consumers trust Amazon, Apple and Google more than their bank (see Trust Survey – 2021). Consumers build trust based upon value, interaction and frequency. They understand the importance of data in these relationships.
Are consumers willing to “publish” every transaction? NO! Trust is domain specific. For example, I trust Google to keep search requests to improve future search requests.
Story – I remember back in 2009 Citibank created a JV with Microsoft called Bundle. Their innovation was to tell your friends what you spent on your credit card (it didn’t work out). This sharing had no context in a larger value proposition.
Within crypto, a distributed ledger suffers from issues of both anonymity and privacy (see research paper). Ledger intelligence companies like Elliptic help law enforcement trace the source and destination of crypto.
A privacy friendly alternative to cards and crypto would be a Central Bank Digital Currency (CBDC). These would operate on a private “closed” ledger amongst the central bank and accredited financial institutions. The challenge? No one is pushing for it. Facebook’s Diem would also solve the privacy problem but while they are ready to go.. They are in political hell trying to get it approved (article).
Today PayPal/Amex lead in privacy. They are the only payment networks that merchants/advertisers have not yet “cracked”. Re Paypal, the bad news is that most PayPal transactions are done online, allowing merchants to know who you are independent of payment (due to the CNP fraud dynamic highlighted above). So if you want privacy.. use an Amex card and an iPhone. See related blog Authentication in Value Nets.
Where is the margin?
#1 2,000bps. Orchestration of CX
- Examples – Amazon, Google Pay, Shopify, Stripe, Walmart, Target, …. And a shameless plug my NewCo which is in softlaunch.
#2 1500bps. Targeting and Changing Consumer Behavior based upon data.
#3 800bps. New Products based upon unique risk and identity data.
#4 400bps. Specialists providing actionable risk and identity insights.
#5 100bps. Networks = universal rails: products, participants and consumers
Network Story – I’m a big fan of BNPL players. Amazon’s partnership with Affirm is huge. My favorite quote is from the WSJ. “Amazon is looking for “commitments to underwrite competitively to widen the acquisition funnel,”. WIll BNPL impact card volumes? I don’t see it.. Not in a 5 yr view. Not only are these sub prime transactions, an AU bank head told me that over 80% of AfterPay’s balances were paid via a bank card
Modern data science, combined with new “common IDs” enable connected data sets. Once isolated low value data has is connected within a value chain, providing incentives for more observers. Many markets remain insulated from the effects of GDPR (and similar efforts). FinTech’s future in creating financial products powered by new data is very bright. Traditional banks will be impacted by their loss of data and trust advantages.
The head of Treasury at one of the largest US retailers said “when a consumer shops at my store and uses a payment instrument I approve of.. I own the risk of that transaction AND their satisfaction with that merchandise.. They trust [me] not the bank, or Visa/Mastercard”.
Will governments work to restrict information that impairs banks and enables fintech? The EU is certainly taking that approach. What do consumers think? A segment of consumers accept the trade off (data/privacy/value). There are others that do not. A new bank product centered around privacy and anonymity might not be a bad thing.
I founded Commerce Signals in 2012 based upon the assumption that consumers, regulators, banks, …etc. cared deeply about privacy. We believed that any data exchange must be explicitly permissioned based upon a consent with the consumer and an understanding of both WHO is using the data and HOW it will be used. My team and I went all in on this. What did we find? Marketers won. While Banks, payment networks and consumers did care (and took action) merchants were giving ad networks 100% of consumer data (with SKU). If something is infinite supply it has no value. That is what the data world looks like today. The winners are those that can identify the combinations of data sets that deliver the most actionable insight.
For in the sciences the authority of thousands of opinions is not worth as much as one tiny spark of reason in an individual man. Besides, the modern observations deprive all former writers of any authority, since if they had seen what we see, they would have judged as we judge.”
― Galileo Galilei , Frammenti e lettere