Remote Deposit Capture RSS Feed
Remote Deposit Capture Newsletter
Remote Deposit Capture Group on LinkedIn
Remote Deposit Capture Group onTwitter
The Green Sheet

Email Page 
Print Page 
 Add to LinkedIn Add to Twitter Add to Facebook Add to Reddit Add to StumbleUpon 
Add to Tumblr
Faster Payments Made Safer: Essential Elements for Payee Directories

Wednesday, August 21, 2019 (Lawrence F. Buettner / Lawrence F. Buettner) recently published a white paper: “The Hidden Risks of Faster Payments”. The following article is in response to the white paper. This topic is of great importance and we encourage the industry to continue the discussion, share ideas, and collaborate via the Remote Deposit Capture Discussion Boards.

In “The Hidden Risks of Faster Payments” by David Walker, many salient points on the use of directories with the advent of faster payments were explored, specifically credit push payments. The use of directories is not a new topic. There are numerous payments directories already in use. The article focuses on the expanded need and the liabilities in the use of directories. The use of directories will become essential with two faster payment platforms being offered by The Clearing House and the Federal Reserve.

The legal underpinnings of an industry wide payee directory will require full vetting by all stake holders: payers, payees, financial institutions, and directory providers. As pointed out in the article, the unintended consequences of misdirected payments due to the reliance on directory information will need to be fully understood by all participants.

There are four building-block constructs which might address the key concerns raised in the article:
  1. Data ownership: there needs to be a high degree of trust if payments are going to routed relying upon a directory. Both payer and payee have huge stakes in the underlying data: avoiding misdirected payments and the potential consequential damages associated with late payment.
The payee, however, is further motivated to insure the accuracy of the directory in order to maintain an orderly flow of their cash. As a result, the responsibility for the accuracy of the data must remain with the payee. The payee must own the directory data and bear the responsibility for its accuracy.
  1. Data Privacy and Access: Payees voiced their need to control the access to sensitive payment information. This was a consistent theme in Industry focus groups. The information contained in a directory might be both public (i.e.: entity name, address, email, etc.) and private (i.e.: bank routing number and payee account number). Payees should be able to permission a payer for access to the payee’s sensitive banking information. Control of access to payment information strengthens the responsibility of the payee and maintains the integrity of the payment process.
  1. Data veracity: If a directory is to be the “one-truth” for payee payment addresses, the process for inclusion of any data in the directory must engender trust for all users of the data. The accuracy of any data must rise to the level that it is unquestioned. Directories which accumulate a payee’s identity and payment details solely through the use of public records derived from artificial or neural search engines does not in of itself insure that the data is accurate enough for a payer to send a payment. Independent validation by an accredited trusted third party is essential. Financial institutions, credit unions and payment BPO providers are logical and known entities that can validate data for inclusion in the directory. A minimum validation criteria, similar to that used for AML, needs to be used by every credentialing authority.
  1. Directory of Directories: the construction of a single monolithic directory housing the data of millions of consumers and businesses is an invitation for a hacking attack by malicious individuals and state-actors motivated to disrupt U.S. commerce. Block-chain technology offers the opportunity to weave together disparate directories from existing providers or new entrants. Many of the largest financial institutions have accumulated payee data for their payments customers. These islands of data can be connected through smart contracts which would ensure only authorized access and yet avoid the creation of a single monolithic data breach target.
With two faster payment network alternatives, the issue of interoperability will be a paramount concern. Payers will not want to incur the hassle of determining which payment network to send a payment to a payee. Likewise, payers and payees will not want to subscribe to competing directory solutions. Directories will become a necessity, if the ubiquity of faster payments is to be achieved and interoperability challenges are masked from participants.

Click here to view the Remote Deposit Capture Discussion Boards and share your thoughts on this topic.
Lawrence F. Buettner is the past chairman of the B2B Payments Directory Association, a trade organization which accumulated industry input for the construction of an industry payee directory and developed both a business and technology model. The Association was merged into NACHA in late 2018.

Email Page 
Print Page 
 Add to LinkedIn Add to Twitter Add to Facebook Add to Reddit Add to StumbleUpon 
Add to Tumblr

Please register/login to post comments