ULTIMATE FIELD GUIDE Everything Merchants Need to Know from Those in the Know YOUR ULTIMATE GUIDE

Today’s payments landscape is the stuff of dreams for merchants. New markets are in your grasp. New methods offer unlimited potential. And new customers knock at your doors. But those dreams can quickly become a nightmare without the right strategies and solutions to bring them all together.

In this guide, you’ll get expert insights into the hottest issues in retail payments. We’ll explore new frontiers in payments, examine investment trends and even help prevent . And that payments jargon? Consider it covered.

TABLE OF CONTENTS

1 INVESTMENT TRENDS IN RETAIL ...... 4

2 CROSS-BORDER eCOMMERCE EXPANSION: AN ACI FRAUD PERSPECTIVE ...... 5

3 FIVE SIMPLE STEPS TO PREVENTING MORE CHARGEBACKS ...... 8

4 NEW FRONTIERS IN MERCHANT PAYMENTS...... 10

5 DECIPHERING PAYMENTS JARGON: EIGHT KEY TERMS DEFINED ...... 12

2 3 RETAILERS ARE BATTLING RISING COSTS THROUGH INVESTMENT INVESTMENTS IN

48% of retailers have suffered from a rise in payment operating costs TRENDS IN over the last three years. To combat this, retailers are investing in their 1 payment platforms. 48% expect to increase their investment in payments over the RETAIL next 18-24 months

36% are investing in payment acceptance capabilities to support growth

In 2018, ACI® and Ovum 16% want to improve the integration between payments and partnered to produce the 2018 other systems to drive efficiencies Global Payments Insight Survey KEY TAKEAWAY for Merchants. In it, global Strategic investments in payments will deliver more integrated and merchants shared their opinions cost-effective platforms that can enable growth. on investment choices, real-time payments, and the challenge of protecting consumers while FRAUD PREVENTION CAN SIT AT ODDS WITH delivering a superior experience. DELIVERING A GREAT CUSTOMER EXPERIENCE

Conversion is still key for most retailers, with 64% claiming abandoned HERE ARE THE HIGHLIGHTS carts are a bigger concern than fraud losses or chargebacks. This is backed by 54% of retailers who want to avoid reducing the quality of the user experience to prevent fraud.

BUT…actions speak louder than words.

42% have decreased the number of areas in which they accept card payments to reduce the risk of data breaches

KEY TAKEAWAY When it comes to protecting or delighting their customers, retailers must balance fraud prevention against .

RETAILERS ARE BUYING INTO REAL-TIME PAYMENTS

Throughout the world, there’s one thing that seems to unite retailers: a love of real-time payments. 82% believe real-time payments can enhance the customer experience, while 80% expect to see cost savings from real-time payments.

With these numbers in mind, it’s easy to see why 77% of global merchants expect real-time payments to replace cards over time.

KEY TAKEAWAY Retailers overwhelmingly view real-time payments as a net positive, forcing them to with and intermediaries to evaluate real- time opportunities.

Download the full research report by visiting www.aciworldwide.com/merchantinsights.

4 CROSS-BORDER eCOMMERCE 2 EXPANSION: AN ACI® FRAUD PERSPECTIVE

For merchants expanding their online presence overseas, enabling the right locally- preferred alternative payment methods and connecting to local acquirers can be a critical determinant of success. But without considering a fraud strategy in tandem with a payments strategy, the to cross-border success could be a bumpy (not to mention costly) one.

In this section, through analysis of situational examples, we aim to uncover some of the essential fraud precautions that should be considered before expanding internationally. We will also identify differences in the cross-border eCommerce strategies for high-risk verticals, providing best practice examples. In this context, cross-border will refer to an eCommerce purchase where the IP country, card issuing country and shipping country differs from that of the merchant.

CASE 1: MOVING TO THE U.S. WITHIN A HIGH- So, what sort of precautions could be taken in this case? Let’s RISK VERTICAL start with analyzing the U.S. heat map. A high-end retail brand, which only accepts online orders The darker blue on the heat map represents where the highest with U.K. billing and shipping details, opens a new store in the rates (by state) occur. When operating in the U.K., U.S. and makes their online business available to the entirety the merchant had limits in place to only allow U.K. billing and of the U.S. market. Additionally, a huge campaign is rolled shipping details. Similar logic should be applied to the new out to generate awareness. The publicity is necessary for the U.S. channel. The recommendation is to initially only allow U.S. company to grow its footprint in the new region, however billing/shipping and U.S. issued cards through the new U.S. this kind of mainstream hype can also draw the attention of channel. These limits, while more restrictive, can always be localized fraud networks. lifted once your company has settled into the new market and better understands the fraud landscape.

# U.S. STATE CB RATE

1 Florida 0.40%

2 Nevada 0.36%

3 New York 0.35%

4 Georgia 0.35%

5 Louisiana 0.34%

6 California 0.34%

7 Arizona 0.31%

8 Delaware 0.30%

9 Alabama 0.30%

10 Illinois 0.30%

5 It is also possible to moderate higher-risk states by using a depending on localized fraud trends, country-specific laws variety of velocity and value-based rules. Florida was the U.S. and business requirements. Let’s look at some figures around state with the highest risk in 2017, with a 0.40% chargeback shipping to Spain in 2017 to understand how this could work (CB) rate. The CB rate is calculated by dividing genuine in practice. transactions by the reported chargebacks (CB/TXN = CB Rate). New York (0.35% CB rate) and California (0.34% CB When breaking down the customer base for shipped to rate) also featured high rates, so a tighter rule balance strategy Spain, Spanish-issued cards made up 83% of the transaction is best, at least initially, when trading in these states. volume with Italian-issued cards coming second with 4%. The most fraudulent card-issuing countries with Spanish shipping The exact strategy chosen will depend on the risk of a addresses in 2017 were Norway (2% CB rate), Austria (1.71% CB company’s vertical. Retailers selling high-value products are at rate), Netherlands (4.65% CB rate), Czech Republic (10.84% the most risk and typically fall into a higher risk vertical. This CB rate) and Taiwan (8.53% CB rate). is because targeted items will have a higher resale value and desirability once acquired fraudulently. When entering a new Completing the same analysis for France in 2017, French cards market, within a high-risk vertical, it’s recommended that you made up 89.15% of the transaction volume with Spain (0.38%) apply tighter limits in the ruleset. coming second. The most fraudulent card issuing countries with French shipping addresses were Taiwan (3.85% CB rate), The biggest consideration when implementing a tighter Croatia (3.27% % CB rate) and Mexico (1.73% CB rate). ruleset is how false positives (rejected genuine transactions) could increase, and in turn, how this could impact the overall Using this type of information, it would be possible to customer experience. Particularly for a business trying to incorporate rules around high-risk card issuing countries, optimize for sales in a cross-border context, false positives are adding limitations if fraud continued into 2018-19. never welcome. Therefore, this type of strategy is generally best when working with the high-risk verticals.

The advantage of implementing a tighter ruleset is that chargebacks will be minimized. Chargebacks can be very # SHIP COUNTRY CB RATE costly, and losses can be as much as double the initial recommended retail price of the product. This is due to 1 Estonia 0.20% products being unrecoverable, as well as the merchant’s liability to pay back the . Additionally, if the chargeback 2 Spain 0.18% rate reaches a certain percentage, additional penalty charges will be levied by the card schemes. 3 Serbia 0.09% 4 France 0.09% Considering all these factors, the recommendation when entering a new region with a high-risk vertical is to start with 5 U.K. 0.07% a focused ruleset, relaxing the criteria when the business has settled and the ruleset has matured. A ruleset can mature in 6 Latvia 0.07% several ways; the evolution of targeted rules, the development of negative lists, the maturity of “time on file”-based fields 7 Iceland 0.06% and the experience of how these new localized fraud networks operate, will all contribute to safe and secure trading. 8 Greece 0.06% 9 Slovenia 0.06% CASE 2: EUROPEAN EXPANSION 10 Belgium 0.06% In another example, a U.K.-based merchant has made the business decision to expand their CNP (card-not-present) business into several new European countries. Each country requires its own channel and ruleset — effectively its own rollout.

The highest risk European shipping countries (where the goods were sent) in 2017 were Estonia, Spain and Serbia. Note: Other countries were removed due to low transactional counts causing exaggerated chargeback rates (for example Andorra and Armenia).

When integrating with your fraud provider, ensure that each country is set up on a different channel. This will allow a new ruleset to be created per country without affecting any of your existing traffic. It will also enable you to vary the rules

6 COMMON CROSS-BORDER FRAUD TRENDS KEY TAKEAWAY As a merchant, you should be aware of common fraudulent FOR MERCHANTS trends and how configuration of the front-of-house can affect your fraud solution. Markets such as the U.S. and Ultimately, merchants should carefully consider Europe can be very lucrative, but also come with increased their fraud solution and strategy before pursuing localized threat of fraud. Understanding the heatmaps used cross-border eCommerce expansion. here will give you some of the ammunition needed to ask your fraud provider the right questions. This will ensure the • Ensure you send your fraud provider the correct rules/blocks and services have been applied before additional traffic in a separate channel a fraud attack occurs. Understanding these localized trends (configuration that separates traffic for analytical does come down to experience, but the following are a few purposes) to your existing traffic, or at least a common types of fraud and their resolutions: flag to identify it. Bot attacks: This type of attack can affect the merchant in a few different ways. First, bot attacks can be used to test a • Make sure the data provided is enriched and merchant’s fraud prevention solutions and website limitations. regularly send fraud providers your chargeback This is achieved by filling a merchant’s order system with information. This is so they can analyze the fraud thousands of fraudulent transactions, causing serious losses trend as it is happening, rather than afterwards. if the merchant has not split their traffic. Second, while this type of fraud attack is happening, well placed fraudulent • If your company sells high-value/risk items, start orders have a higher chance of going through. Finally, the off with a more stringent ruleset, slowly relaxing merchant can experience increased costs from chargebacks, thresholds over a period of time. This should as well as the increased traffic they will be paying for with no be enough time for your ruleset to mature and generated profit. negative lists to be effective.

It is recommended to incorporate a third-party into • Make sure your front-of-house website has limits your front-end system, which forces the customer to prove on gift cards or similar cash value goods. they are human. This is done by entering a sequence of identifiers that can be found in a supplied picture or audio message (e.g., CAPTCHA). This will prevent hackers using • Ensure that front-of-house services have been bots that can place thousands of orders in a very short period. integrated and can quickly be switched on to Making sure you do not have this service active all the time help combat bot attacks. is important, as it does stop the navigation flow for genuine customers.

Gift cards: There are vulnerabilities on the merchant’s Additionally, when moving to a larger market, it is , for example gift cards, which can be abused by recommended to only allow cards, billing and shipping fraudsters. It is very important that as a merchant you limit information that matches your new channel. Fraud providers, the amount of gift cards that can be purchased at one time on such as ACI, offer services such as global fraud databases, your online store. It is also not best practice to send the gift which give visibility to existing and ongoing fraudulent card via email as they are so high risk. patterns. Card testing: Usually occurs in lower risk verticals, with the aim of the fraudster not to purchase an item but to test that It is also important to consider a solution serviced by a global the card works to use later in another fraudulent transaction. risk team, which has the local experience needed to combat This method might also be used to identify limits and local threats. thresholds that have been set for the merchant by their fraud provider. Though there are myriad considerations, there is great opportunity when expanding your eCommerce business cross border, provided fraud prevention is part of the strategy every step of the way.

Source: ACI Expert View, Patrick Hengeveld, Risk Analyst - https://www.aciworldwide.com/insights/expert-view/2018/april/cross-border-ecommerce- expansion-fraud-perspective

7 FIVE SIMPLE STEPS TO 3 PREVENTING MORE CHARGEBACKS

How do you prevent more chargebacks? It’s the $31 billion question retailers everywhere are asking. Why $31 billion? That’s the number eCommerce chargeback losses are expected to reach by 20201. “Friendly fraud” causes more than 85% of these chargebacks2, and around 50% of cardholders who file an illegitimate chargeback become repeat offenders within 90 days3.

As if this weren’t bad enough, every $100 in chargebacks costs merchants an average of $240 in total4. And yet, only a small percentage of merchants dispute fraudulently filed chargebacks. Clearly, merchants have deemed reactive measures to be either too onerous or not worth the time. This makes proactive prevention all the more necessary.

Use these five simple steps, provided by ACI and Chargebacks911, to prevent more chargebacks.

STEP 1: USE ROBUST FRAUD Visa, Mastercard and Discover print a three-digit code on the PREVENTION TOOLS signature stripe (on the back of the card). prints a four-digit code on the front above the account number. ADDRESS VERIFICATION SERVICES Address verification service is an automated fraud prevention Always require customers to enter the card code program. Using address verification services helps card-not- during the checkout process. present merchants reduce risk. Address verification services check the billing address listed in the transaction against Substantiating a transaction through the use of a card security the address registered with the issuing bank. Always request code greatly increases the probability that the cardholder is shoppers provide both their billing and shipping addresses placing the order, which makes card security codes a great when purchasing. Conduct an address verification services chargeback prevention tool. check before processing the transaction. 3D SECURE CARD SECURITY CODES 3D Secure is another fraud prevention tool. While shopping Card security codes are part of an authentication system that with online merchants that use 3D Secure, the checkout helps merchants ensure the card is actually in the shopper’s process will prompt an additional security window. The possession. Card security codes cannot be stored by the cardholder will be asked to enter a pre-determined security merchant or processor; the cardholder must re-enter the digits code. In the case of fraud, the security code wouldn’t be every time a purchase is made. Since the information is only known. available on the card, hackers can’t access it anywhere else. Each card network has its own product: Each card network has its own card security code. • Verified by Visa • Visa’s Card Verification Value 2 (CVV2) • Mastercard SecureCode • Mastercard’s Card Validation Code 2 (CVC2) • JCB International’s J/Secure • Discover’s Card Member ID (CMID) • American Express’s SafeKey • American Express’s Card Identification Number (CID) Work with your processor to implement the use of 3D Secure. Incorporate this fraud detection tool into the checkout process.

8 STEP 2: ADHERE TO BUSINESS BEST MANY VICTIMS OF THE MOST PRACTICES AND MAINTAIN PCI COMPLIANCE NOTABLE BREACHES WERE Usually, all it takes to reduce merchant error chargebacks is extra vigilance on your part; these chargebacks are almost PCI-DSS COMPLIANT always preventable. One of the best ways to reduce risk is to adhere to general business best practices. Follow rules and regulations set forth by payment networks. STEP 4: ENROLL IN CHARGEBACK • When an issuer sends a copy request, submit the ALERT NETWORKS necessary paperwork in a timely Merchants who enroll in chargeback alert networks can • Grant and cancellations when the customer asks reduce their chargeback issuance rate by about 40%5. When a • Never accept an expired card cardholder disputes a transaction, the merchant will receive an alert. This enables the merchant to refund the customer before a chargeback is finalized. Alerts help prevent chargebacks, However, simply adhering to the card networks’ suggested keep chargeback ratios low and avoid chargeback fees. best practices isn’t always enough. In most situations, merchants must go above and beyond to provide an exemplary customer experience. To do that, merchants STEP 5: CONSIDER ADDITIONAL SECURITY must identify practices and policies that create friction, MEASURES SUCH AS END-TO-END which demands an objective and unbiased evaluation. This ENCRYPTION AND TOKENIZATION impartiality is often hard to achieve because merchants are so passionately connected to their business. Unfortunately, data breaches are becoming more common in the world of commerce. And as we’ve seen in many cases, To complicate matters even more, most merchants lack PCI-DSS doesn’t offer absolute protection. the detailed understanding necessary to identify potential chargeback triggers. Without an ability to identify the Many victims of the most notable breaches were PCI- true source of chargebacks, merchants will forever be DSS compliant, which has caused merchants to consider implementing ineffective prevention and re-presentment supplemental security. These options are meant to strategies. complement, not replace, PCI-DSS compliance. As new emerge, merchants have more security options Professional assistance from a chargeback expert will available to choose from. Right now, tokenization and end- expose merchant errors, outline necessary changes, reduce to-end encryption are two of the most popular forms of chargeback issuances, maintain a low chargeback-to- additional data security. transaction ratio and retain more revenue. Additionally, merchants can reallocate valuable resources to enhance their TOKENIZATION specialized skillset and grow the business. Tokenization is one of the supplemental security options available. A third-party service provider creates tokens to MAINTAIN PCI-DSS COMPLIANCE replace card information. The merchant isn’t responsible for The Data Security Standard (PCI-DSS) storing sensitive information as these tokens will replace all is a framework designed to safeguard cardholders’ personal the customer’s data. information and facilitate consistent data security measures globally. PCI-DSS helps protect sensitive information while it END-TO-END ENCRYPTION is being stored, processed and in transit. Merchants need to End-to-end encryption is a security technique that protects ensure their business is PCI-DSS compliant. While adhering to cardholder data while it is in transit or at rest. It provides the PCI-DSS standards is both time-consuming and expensive, uninterrupted data protection. the benefits of compliance far outweigh any drawbacks. By implementing these five simple recommendations, you STEP 3: MONITOR REPEAT CUSTOMERS FOR can help build a platform that ensures the $31 billion in losses BEHAVIORS OUTSIDE THE NORM won’t be coming from your pocket. Click here to read the rest of the guide, giving you 30 more insider tips to prevent more Monitoring repeat customers can help reveal potential chargebacks. issues or fraudulent chargebacks. Merchants should validate transactions with repeat customers when the current order deviates from the norm. Discrepancies can include anything from the products ordered to new shipping details.

1 https://nilsonreport.com/upload/content_promo/The_Nilson_Report_10-17-2016.pdf 2 https://www.cbsnews.com/news/friendly-fraud-an-enemy-to-everyone-in-the-e-commerce-chain/ 3 https://www.invespcro.com/blog/e-commerce-fraud-and-chargebacks-infographic/ 4 https://www.lexisnexis.com/risk/downloads/assets/true-cost-fraud-2016.pdf 5 https://chargebacks911.com/affiliate-fraud-shield/

9 NEW FRONTIERS IN 4 MERCHANT PAYMENTS

The idea of consumer convenience has shifted dramatically in recent years. Gone are the days when people were thrilled just to be able to shop from the comfort of their living rooms. Now, the experience must be secure, seamless and fast. This is the gauge by which convenience is measured.

Unfortunately, cards — a payments tool built for the physical world — present a challenge in delivering a completely smooth and seamless customer journey. Given consumers’ wandering eyes towards anything that will make their lives easier, it’s no surprise that demand for alternative payment methods is increasing, even in well established and card- dominated markets.

Merchants realize that change is in the air. A 2017 study by

Michael Rouse ACI and Ovum found 79% of merchants in EMEA are aware Chief Commercial Officer that customers want a broader choice of payment types Klarna and are investing in payments as a result.

ACI’s Michael Grillo sat with Michael Rouse, Klarna’s Chief Commercial Officer, for his perspective.

MG: Klarna’s recent growth has seen an increase not only MR: The initial business idea of Klarna – giving consumers in terms of the markets where it is available, but also in the the option to pay after receiving their goods – actually has variety of payment methods offered. Briefly, what are these some of its roots in the Swedish order catalog market. payment methods? Our offering was introduced to the market more than a decade ago, at a time when consumers were hesitant to shop MR: Consumers can choose to settle the payment after online, as it was widely regarded as unsafe, complicated and receiving the goods with a deferred payment, or simply divide frustrating. Ecommerce has come a long way since then, but it over time with installment plans. The checkout experience the possibility to separate purchase decision from payment is from the consumer perspective is very smooth, as they only still relevant and very attractive. If you allow consumers to pay enter top of mind information, and the assessment when and how they want, you remove a major obstacle from that is carried out in the background takes only a couple of successfully converting shoppers to buyers. We offer direct seconds. payments as well, for instance immediate bank transfers that are very popular in Germany, but we see an increased demand MG: It’s interesting that while these might be considered for smooth financing overall, especially in the U.S. “alternative payment methods” in certain card-dominated and U.K. markets, they are the incumbent and preferred way to pay in a growing number of European countries. Can you speak a bit about why these methods of payment have become well established in these markets?

10 MG: And in your view, what has held back adoption of this approach to payments in other markets, given the choice and convenience they offer shoppers?

MR: Offering point-of-sale financing in an online environment typically means risk for the merchant. Well, Klarna’s approach is to make it risk free for merchants as we take on both the credit and fraud risk for the purchase. However, it’s not an easy task to know when and when not to offer that credit. We have been fine-tuning the algorithms that decide approved credit limits for more than a decade now and are able to perform credit assessments in a couple of seconds without redirecting the consumer or asking detailed questions about their personal life. This enables us to offer consumers a safe, simple and smooth shopping experience, while delivering the highest acceptance rates in the business.

MG: Regarding this “smooth” shopping experience, among both payment providers and merchants, there’s been a lot of talk about the role of the seamless checkout experience in lifting conversion rates. Just how important is this from a business perspective? IT’S ALL ABOUT REMOVING MR: It’s all about removing obstacles for the consumer. Entering the online checkout to discover that it requires you OBSTACLES to fill out extensive forms and register a user account causes friction that makes it less likely that you continue with the FOR THE CONSUMER. purchase, and it becomes more likely that those shoppers pressed for time postpone their purchase. Adding to that, in a scenario where you are killing time shopping, while on public , for example, you are far less likely to complete a purchase if you need to pull out your wallet and find a . Separating purchases from payments simply removes that unnecessary friction and provides a hassle-free checkout experience.

MG: It seems that mobile is a key driver here, and somewhat related to this, “millennials” is another big buzzword — but do you think that merchants should be putting so much focus on this demographic? What are some other considerations on the demographic front?

MR: The preferences of millennials are definitely driving changes, with increasing demands and expectations around smooth shopping on mobile devices. Case studies, such as “Emotional eCommerce”, clearly show the importance of adapting to changing behaviors and habits as online shopping becomes an increasingly emotional experience. Removing friction for consumers and providing an intuitive customer journey will become even more important.

Source: ACI Expert View, Michael Grillo, Director, - https://www.aciworldwide.com/insights/expert-view/2018/ january/ripe-for-change-new-frontiers-in-merchant- payments

11 DECIPHERING PAYMENTS 5 JARGON: EIGHT KEY TERMS DEFINED

If it feels like the payments world speaks a language all its own, that’s because it does. With each new innovation or regulation comes a mountain of terms looking to add their own bit of confusion to this already complex landscape. The challenge of mastering these terms can inhibit merchants’ ability to ask proper questions of their partners, maintain compliance and otherwise meet the needs of customers.

That’s why ACI partnered with InternetRetailing to clarify and define eight key terms dominating the payments lexicon. See what they are and what they mean for your business.

1. PSD2 WHAT DOES IT MEAN FOR YOUR BUSINESS? The GDPR has been described as “the biggest change to data WHAT IS IT? protection law for a generation”. It has significant implications The European Payment Services Directive 2 (PSD2) came for retailers, including the requirement for rapid reporting into force in January 2018. The new regulation is designed of data breaches, for the appointment of a data protection to increase competition in payments. It requires banks to officer and the privacy-by- requirements that will support Open APIs, establishes strong new guidelines for impact retailer marketing departments. This represents an customer authentication and enables consumers to make opportunity for retailers to “clean house” and take a careful online payments directly from their bank accounts via newly look at how their customer data is collected, stored and used regulated payment services providers (PSPs). — using the standards set out in the legislation as a minimum starting point. WHAT DOES IT MEAN FOR YOUR BUSINESS? Under the regulation, providing evidence of risk mitigation As such, it offers significant opportunity to retailers who can counts as much as securing the data. Retailers will need to be now “ask” consumers for permission to use their bank details. able to demonstrate that they have implemented appropriate With permission given, the retailer will receive payment measures to mitigate privacy risks, whether or not they directly from the consumer’s bank, using APIs – with no have experienced a breach. Security teams must be able to intermediaries involved. This will cut the “middle man” costs show that they have deployed access controls and rights for merchants, as well as enable easier routes for recurring management, and security measures such as tokenization and billing and promoting customer loyalty. encryption will need to be documented. PSD2 requires stronger security for online payments, with two-factor authentication. To prevent an increase in cart 3. ALTERNATIVE PAYMENTS abandonment, retailers will need to pay careful attention to how they can strike the best balance between the needs for WHAT IS IT? customer convenience and security. Alternative payment methods are payment options that do not include a card. There are hundreds of different types of 2. GDPR eCommerce payments and understanding and supporting the payment methods your customers prefer is critical to WHAT IS IT? customer loyalty and expanding your business internationally. The EU General Data Protection Regulation (GDPR) came into force on May 25, 2018. Every that does business WHAT DOES IT MEAN FOR YOUR BUSINESS? with EU customers — regardless of where it is located — now Alternative payment methods are becoming increasingly needs to comply, and fines for non-compliance can go as popular with consumers who seek fast, convenient payment high as $20 million (£14,984,000), or 4% of global turnover methods that fit with their lifestyles. They offer a good (whichever is greater). opportunity for merchants to support improved choice, speed

12 and convenience for consumers as well as more consistency 5. OPEN APIs across channels — enhancing the customer experience to support better loyalty. They can also help to deepen WHAT IS IT? information about customers, drive higher transaction values An API (or application programming interface) is a set of and bring the purchasing decision forward. software tools and definitions that controls how developers can interact with or modify an application. An API exposes Alternative payment methods are now a “must have” for the functionality of an application to developers, to modify merchants with global aspirations, with the right payment or interface other software with it. An Open API provides methods able to open up specific customer segments and external developers with access to a company’s proprietary geographies — particularly in emerging markets or digitally software application. This enables the company evolved countries where specific alternative payment methods the Open API to leverage the skills and expertise of these have a stronghold. developers and, so, to access and expertise in the wider community. A retailer will typically consume APIs 4. IMMEDIATE PAYMENTS published by a to integrate payment capabilities within the checkout process. WHAT IS IT? Immediate or real-time payments are payments made from WHAT DOES IT MEAN FOR YOUR BUSINESS? one to another in a matter of seconds. Payments Payment gateways that combine Open APIs and rapid can be made 24x7x365 and funds are instantly available to activation of alternative payment methods via payment forms the recipient. This creates real opportunity for retailers to are those that are able to deliver agility and scalability. By reduce costs, improve cash flow and grow their eCommerce offering a way to quickly develop and deploy new payment businesses in markets with low payment card usage. methods or functionality (either internally or from external suppliers), merchants can take new innovations to market WHAT DOES IT MEAN FOR YOUR BUSINESS? more easily and without heavy costs or resource burdens. This As a form of alternative payment, immediate payments can can deliver real competitive advantage for retailers as they also encourage new customers who prefer to deal in “cash” seek to take advantage of new technologies and keep up with rather than use cards — and support new sales opportunities changing customer demand. where it would benefit the customer and/or the merchant for the funds to clear instantly.

13 6. MACHINE LEARNING 8. BLOCKCHAIN

WHAT IS IT? WHAT IS IT? Machine learning is an application of artificial intelligence Blockchain is a type of distributed ledger or decentralized (AI) that gives systems the ability to automatically learn database that keeps records of digital transactions. Rather and improve from experience, without being explicitly than having a central administrator like a traditional programmed. Machine learning focuses on the development database (think banks, governments, accountants), a of computer programs that can access data and use it to learn distributed ledger has a network of replicated databases, for themselves. It can be used in fraud detection to identify synchronized via the and visible to anyone within patterns and highlight trends too complex to be noticed by the network. Blockchain networks can be private with humans. restricted membership (like an intranet) or public, accessible to everyone. WHAT DOES IT MEAN FOR YOUR BUSINESS? Blockchain’s decentralized, open and cryptographic nature Machine learning is an important tool for merchants in a allows people to trust each other and transact peer to variety of ways. Its ability to power predictive analytics means peer, without the need for intermediaries. This can bring that merchants can use it to analyze and predict customer significant security benefits. buying patterns — helping them to make more informed plans about promotions and product launches, for example. WHAT DOES IT MEAN FOR YOUR BUSINESS? Machine learning can also play an important role as part of One of the biggest impacts of blockchain will be on supply a fraud management solution. While it is more difficult to chain management. Every time a product changes hands, predict fraudulent behavior than spending patterns, machine the transaction can be documented, creating a permanent learning models can be trained and configured by experts history of a product, from manufacture to sale. This will to help build more profiles and expose fraudulent activity dramatically reduce the time delays, administration costs without constant human interaction with the tools. The and human error that plague these transactions today. It model’s objective is to expose underlying fraud trends that will also help to build the transparency and integrity of are sometimes difficult to detect manually, while protecting data, by performing consensus checks and safely storing merchants from the cost of fraud losses and chargebacks. digital fingerprints of data on immutable blockchain ledgers. Full traceability of the lifecycle of a product is especially 7. TOKENIZATION important for grocery retailers and leaders in this field are already piloting the across their stores. WHAT IS IT? Interested in learning more? Click here to get ACI and Tokenization is a security technology designed to protect InternetRetailing’s A Payments Playbook for Multichannel sensitive or confidential information by replacing a consumer’s Executives. account number with a unique value or numeric sequence. This renders transaction data useless to thieves, because they are unable to reverse the process to uncover the original customer data. Tokens are increasingly used in mobile payments and eWallets, and to improve security in cross- channel transactions.

WHAT DOES IT MEAN FOR YOUR BUSINESS? Tokenization renders stored card data useless to hackers, helping to protect merchants from the costs and reputational damage caused by a data breach — as well as helping them meet their data security compliance burdens. The second key advantage is that tokenization can support improved customer insight by ensuring sensitive payments information is protected while still allowing merchants to analyze transaction patterns and behavioral data to build more comprehensive customer profiles.

14 Would you like to discuss how these insights can benefit your WWW WWW.ACIWORLDWIDE.COM organization? Contact us for a complimentary consultation at @ACI_WORLDWIDE [email protected]. [email protected] ACI Worldwide® is the leading provider of secure, omni-channel payment systems to merchants globally. Delivered in the cloud, our UP® (Universal Payments®) Merchant Payments™ solution supports a variety of in-store, Americas +1 402 390 7600 eCommerce and digital channels providing the framework for retailers Asia Pacific +65 6334 4843 to create and manage a customer-centric experience. ACI®’s advanced Europe, Middle East, Africa +44 (0) 1923 816393 merchant fraud prevention and payment data security tools reduce © Copyright ACI Worldwide, Inc. 2018 ACI, ACI Worldwide, ACI Payment Systems, the ACI logo, risk while protecting the bottom line. ACI powers electronic payments ACI Universal Payments, UP, the UP logo, ReD, PAY.ON for more than 5,100 around the world. More than 1,000 and all ACI product names are trademarks or registered trademarks of ACI Worldwide, Inc., or one of its of the largest financial institutions and intermediaries as well as tens of subsidiaries, in the United States, other countries or both. Other parties’ trademarks referenced are the property of thousands of merchants rely on ACI to execute $14 trillion each day in their respective owners. payments. Visit aciworldwide.com or find us on Twitter @ACI_Worldwide. ABR6713 08-18