Credit cards have revolutionised the process of paying for goods and services when they were introduced in the 1950s—and the cards’ attraction was convenience and enabling payments without the need for cash or cheques. Portable, cashless and with added security, credit cards also offered customers more time to pay their bills, prompting a whole new wave of purchase behaviour.
The Diners Club Card was the first credit card to enjoy widespread use, essentially acting as a charge card where the bill will be paid in full at the end of each month. American Express soon followed suit and achieved high adoption rates around the world, serving one million customers at over 85,000 merchants by the mid-1960s. Today, credit cards have become ubiquitous in the western world, with an estimated 364 million open credit card accounts in the US, and 59 million in the UK.
Each credit card contains a number of identifiers, the most obvious one of which is plastered across the front of every card: the 16-digit code. Ever wondered what those numbers actually mean? Each card begins with a single-digit major industry identifier. For example: Five indicates banking or financial company, like MasterCard; four indicates Visa card; one and two indicate airlines; and seven indicates petroleum business.
Then follows a six-digit issuer identifier number that helps confirm the specific issuing institution and whether it is a credit, debit or a premier card.
Next (typically digits 7-15) comes the individual account identifier number—unique to the person and allocated by the card issuer.
The final single digit is known as the checksum. This number is there to verify if the credit card number has been entered correctly. Using the Luhn algorithm, developed by German computer scientist Hans Peter Luhn in 1954, simple mathematics is used to confirm if all the card details match. In a nutshell, it is doubling the value of alternate digits in the credit card number. (So, for example, 4 becomes 8), beginning with the second digit from the right of the 16-digit number. For any number that contains double digits when doubled (i.e. 8 becomes 16) two individual digits should be added together (i.e. 16 becomes 1+6=7). Then by adding all of these single-digit numbers together and if the total from this ends in a zero (i.e. 40, 50, 60, etc.), the account number will be validated.
Still confused? Well, these numbers were never meant to be used by the consumer; they have been embossed on credit cards for decades so the networks can transfer the payments swiftly and correctly. The problem is that in the digital age, the numbers have to be transposed into form after form in order to enable issuers to identify the user online, enabling a fully secure payment.
eMarketer forecasts that in 2019 approximately 1.92 billion people or 63% of internet users will be digital buyers. E-commerce has become the first place that shoppers turn to, whether it is for gaming, travel, technology and much more. But one thing has remained the same: most people rely on numbers on the little plastic card carried in purses and wallets. In addition to the 16-digit card number, the user also requires to enter other details such as CVV and expiration date.
Surely the payments industry should have made life easier by now?
Papering over the cracks
The question is especially pertinent when we consider that Amazon implemented its 1-Click as far back as 1999. Until recently, it was patented (they did OK out of it); and there are other technologies that have been developed to help us manage this process a little easier. Auto-fill technologies, for example, have flooded the market, automatically entering card numbers into forms simply by clicking a photo of the card’s front.
It is also possible to use handy options available on web browsers to save passwords that entered previously: these might be convenient, but they are not completely trusted.
So perhaps, one might think biometrics is the answer. As fingerprint scanning technology becomes a standard feature on many smartphones, one can expect to see greater synchronicity between a shopping experience and a mobile handset, verifying payments via a pocket device.
Biometrics and other new processes will allow faster payments and even instant payments—provided the data is secure and assuming consumers have no issue storing payment details in digital wallets or other media such as mobile banking apps.
Then there is tokenisation. This is where a third party stores the sensitive card information and the cardholder uses a ‘token’ associated with their card to verify the transaction, rather than entering the full card number to make the payment.
But more often than not we find ourselves requiring all the details again when we use a site and this high-level of information required for online transactions could be a contributor to the conversion crisis some retailers are seeing. Research conducted by Experian has found that more than half of online transactions are abandoned prior to checkout. One of the main reasons cited for this high level of abandonment is that too much information is required for new account setup.
A question of fraud
By removing unnecessary steps in the process and making the interface faster and more user-friendly, merchants hope to put more revenue into their balance sheet. The hard part then is to retain the trust of the customer by providing more confidence in the payment process. Payment card fraud accounts for 58% of fraud losses in the UK, according to UK Finance, with 1.4 million of the country’s 1.9 million incidents coming via Card Not Present. (i.e. online) fraud.
Card issuers have had a stranglehold on the payments market for decades which has held back innovation. For example, when security issues arise, the card companies’ response is to patch these vulnerabilities rather than look at solutions that reduce customers’ exposure to fraud.
However, this has changed in recent years and there are now around 150 alternative payment methods in use across the world, with new solutions being introduced all the time; many of which are more user-friendly than card payments.
One solution to making payments more trustworthy is to use a direct bank transfer payment method that allows customers to quickly and easily transfer funds directly from their bank account to the merchant using their standard log-in details.
This solution can be built into the merchant’s website with transactions confirmed via the customer’s bank using their existing standard security protocols, facilitating real-time transactions and a better user experience.
Direct bank transfer virtually eliminates chargeback, repudiation claims and reduces the cost of accepting payments from customers outside the merchant’s home market. Pay-outs are available individually or as batch payments, reducing complexity and internal costs.
Many consumers perceive credit and debit cards to be a secure option for making payments, but the security protocols around cards cannot compare with receiving a one-time PIN on a mobile device.
Customers and merchants are also looking for services that can be used in different countries around the world, whereas cards are often limited to use in the country where they were issued. A consumer would not be able to use a Brazilian credit card to make certain payments in Spain, for instance.
In China, WeChat (owned by social media giant Tencent) and Alipay (ultimately owned by retail behemoth Alibaba), enable customers to make payments within chat apps, using P2P transfers, bank account, credit cards and other payment methods.
In the West, users are more accustomed to Apple Pay, Google’s Android Pay, and Samsung Pay, provided by the international technology titans. They power NFC-enabled payments from mobile devices for in-store purchases and can increasingly be used for in-app purchases. These alternative payments still depend on payment/loyalty cards being registered to the apps, but then, offer more convenient ways to pay for digital (and arguably physical) purchases.
The ubiquity of mobile phones could effectively render the 16-digit number obsolete by storing information securely and enabling the user to wipe sensitive data if the phone is lost or stolen.
So, while the cards are not going to become obsolete any time soon, and with more secure payment options for making payments entering into the market all the time, we predict the number will eventually be up from the 16-digit code.