In the past, if a merchant wanted to give its customers the ability to pay for goods or services with a debit or credit card instead of cash or a check, it would need to set up a merchant account with an acquiring bank. This would allow the merchant to accept card payments and the acquiring bank would process the payment as a registered member of a card network, for example, Visa or MasterCard. The payment would be deposited in the merchant’s bank account minus the applicable fees.
As eCommerce and digitalization has grown, especially since the pandemic when many smaller businesses and of course, government agencies were forced to accept payments electronically, the need for accepting card payments increased exponentially. A recent report from Grand View Research, projects that the Payments as a Service (PaaS) market is expected to reach $25.7 billion by 2027. This has accelerated a shift towards PaaS versus the traditional model of processing card transactions.
Here we will explain what Payments as a Service is and how the Payment Services Directive is paving the way to make payments easier and more secure, leveling the playing field by allowing non-banks to provide payment services, and enhancing protections for consumers.
Defining Payments as a Service
Just as Software as a Service (SaaS) revolutionized the way software was licensed and delivered, Payments as a Service is doing the same for payment systems. It uses the SaaS model to simplify payments for the merchant. PaaS is SaaS that is used to connect a group of international payment systems. Its architecture is used as an overlay that resides on top of the separate systems that allows two-way communications between the PaaS and the payment system. This communication is controlled by the APIs created by the PaaS provider.
PaaS is a modern alternative to traditional payment hubs. It is scalable to allow for higher volumes of transactions at a relatively lower cost. It allows banks to quickly expand and modernize their portfolio of payment products without incurring a huge upfront investment. PaaS providers can operate innovative cloud-based platforms that provide specialized services, like:
- Payments clearing
- Cross-border payments
- E-Commerce gateways
Some examples of PaaS are:
- International eWallets, such as PayPal and Moneybookers
- Local eWallets, including Alipay, Qiwi, WebMoney
- Prepaid debit cards, like those offered by Visa or MasterCard
- Global bank transfers
There are multiple benefits to adopting a Payments as a Service platform including:
- Lower total cost of ownership
- Faster go-to market approach that reduces setup costs thanks to the ability to integrate full service and compliant programs through a single integration
- Flexible pricing structures
- A modular platform that allows the fast upgrades to add the latest transfer methods
Payment Services Directive Paving the Way
PaaS has been a long time coming, as the European Union moves forward with its Payment Services Directive. The Payment Services Directive (PSD), Directive 2007/64/EC was enacted by the European Union to regulate payment services and payment service providers throughout the EU and the European Economic Area (EEA). Its intended purpose was to increase competition and participation in the payment industry, including allowing non-banks to participate. It helps provide a level playing field by protecting the rights of consumers and the obligations and rights of payment providers and users.
The Revised Payment Services Directive (PSD2, Directive (EU) 2015/2366) that replaced PSD works to create a more integrated payments market in Europe, made payments more secure, and to protect consumers. This updated directive went into full effect on 14 September 2019.
Utimaco’s Payment HSMs Provides the Required Root of Trust
As previously stated, the EU directive for Payment Services requires a secure environment for performing Payments as a Service transactions and operations. There must be a root of trust during such processes, which includes assurance for both physical and logical security measures. This can be provided by Utimaco’s Atalla AT1000.
To keep pace with changing developments in the payments industry, payment systems have been required to evolve and keep up with technology and meet the challenge of regulations and compliance standards. The Atalla AT1000is the ideal solution for meeting that challenge because it is a highly secure and flexible HSM, designed to:
- Process transactions
- Translate and verify PINs
- Card production and personalization
Blog Post by Dawn Turner