How to solve the top 4 compliance problems faced by payment application developers
The payments ecosystem is a thriving industry. In a 2017 global payments report, McKinsey & Company predicted payments would become a $2 trillion business by 2020. With the electronification of our payment transactions, the combined usage of debit and credit cards has nearly doubled from 5 to 9 percent and the global usage of cash transactions has fallen from 89 to 77 percent over the past five years. There has also been a rise in mobile commerce with the rise of smartphones. This year's report mentions, "mobile commerce accounts for 48 percent of digital commerce sales globally as of 2017, and is forecasted to reach 70 percent by 2022 (tripling to $4.6 trillion)” (McKinsey & Company, 2018). With more consumers and merchants using and processing electronic payments there is a urgent need to ensure the safety and regulate transactions. Payment compliance does not come without its challenges as the testing and certification processes can be tedious. These problems involve the high cost of testing, complicated testing & certification processes, limited external testing and capability for merchants and acquirer’s terminal readiness, and lack of granular reporting and debugging.
High cost of testing
Testing and certifying your payment products can be very expensive. The cost of the testing tools and allocating the testers and developers needed to bring your payment products up to compliancy is expensive. In the current market, the high costs of testing and certifications are not ideal for smaller sized merchants due to the expensive cost of the testing tools and services needed. There is also a lot of upkeep to maintain the latest version of the many tools that are required for testing. Some merchants cannot afford a custom self-test platform (STP) that requires individual maintenance and development.
Complicated testing & certification processes: Merchants generally have a long onboarding and configuration process before starting the actual testing. In addition to lengthy set-up processes, unforeseen errors can occur further slowing down the testing process. With the payment players releasing new rules and updates, this can stall the testing and certifications process because sometimes it requires a change in the project scope. Merchants also experience short testing windows; some processors will give their clients a one to two-hour windows to do their pre-validation testing and that does not allow time for fixing any problems that occur. Thus, testing & certification becomes a lot more complicated and stressful especially for merchants who have large projects and smaller sized merchants who can't afford to go through another iteration of testing.
Limited/lack of external testing capability for Merchants and Acquirer terminal readiness
Prior to the complicated testing process, many merchants also can't do a proper pre-test of their systems before entering the formal testing period. This lack of acquirer protocol pre-testing limits the terminal readiness of the merchant’s devices. Not being able to properly pre-test your devices will prolong the testing and certification because there will be bugs and problems that will come up during testing. Since processors provide merchants with short testing windows, this does not allow enough time for unexpected issues to occur. Merchants having access to the acquirer protocols to do a pre-test would ensure terminal readiness and result in a more efficient process in the formal testing & certification window.
Lack of granular reporting and debugging
The payment industry also faces the issue of a lack of a centralized reporting or debugging system. During testing, unforeseen errors can occur which further slow down the testing process. Testers need a centralized and detailed reporting and debugging system where they can see where the problems are coming from. Some testers may not have extensive knowledge of all the payments standards, so they must rely on the experts to tell them what is wrong with their systems and that can take time to get a response. It leaves more dependence on outside players when it comes to testing and debugging. Whereas, if there were a granular reporting and debugging system, that would leave more control to the merchants.
UL’s SecureHorizon fills this unmet industry need by providing a game-changing new processor testing & certification experience; making it simple, fast and affordable for the payment ecosystem. The platform allows payment solutions developers to have access to a testing lab on-demand and therefore delivers faster time-to-market and time-to-revenue.
Payment solutions developers can configure tests of POS and terminal devices with multiple acquirer host front-end systems in one place. It is also compatible with UL’s Brand Test Tool, giving the ability to perform acquirer host validation on brand test cases. SecureHorizon‘s engagement platform gives users access to their projects in one centralized location 24/7 and a first-line of support from UL. For a limited time, users can register for a free 30-day trial and have instant access to the solution services available.
While the first module launch is custom-designed for the payments ecosystem, SecureHorizon has been engineered to serve the multiple ecosystems and industries UL supports with future modules covering the IoT cybersecurity landscape.
To learn more about SecureHorizon and how UL can help you, reach out to one of our experts here.