-
Electronic payments products are boosting revenue for core providers Fiserv and Jack Henry & Associates.
May 2
Automated Clearing House (ACH) volume is on the rise. NACHA says ACH payments moved past 20 billion transactions totaling nearly $34 trillion in 2011. And as volume increases, securing ACH payments is becoming more difficult, particularly as mobile payment providers and businesses increase their use of ACH payments to achieve speedy processing.
"Fraud and attempts at fraud have become more of an issue for companies, especially as we see corporate account takeovers increasing, and fraud can happen to any company — a large company or a small business," says Nancy Atkinson, a senior analyst at Aite Group.
For tech firms that offer ACH related technology, this is good news — many of these companies have been beefing up security to include
Fiserv (FISV), for example, just released an expanded version of PEP+, a solution that turns check payments into ACH transactions. The enhanced version of PEP+ will include dual verification, which ensures proper controls to mitigate fraud and error in ACH transactions. The enhanced PEP+ will also enable automated tracking to report on how these controls are performing. "It's an automated way to require additional verifications for certain transactions," says Bert Harkins, an svp at Fiserv, who says dual verification helps combat a scenario in which fraudsters with access or who obtain access to account information attempt to create fake payments.
Using Fiserv's dual verification, financial institutions can write rules that can require additional verification to approve ACH transactions of a specific size, or involving a certain firm or party. The detection of ACH transactions or parties that require extra verification takes place electronically through Fiserv's engine, and the approvals or other action can take place electronically.
Harkins contends the security threat is not necessarily increasing, though there is an effort to allow additional assurance of digital transaction integrity as processing speed and volume of ACH transactions increase. "There are concerns about any sort of system where customer data is passed from bank to bank. Users of payment systems have access to information through an ACH file or transaction file. This new tech is targeted at making sure there are safeguards," he says.
He also says that while there's no specific regulation that requires dual verification, agencies such as the FFIEC have come down on the side of layered verification as a protective measure against digital payments fraud.
The increased security concerns for ACH payments come as more
That growth has other firms in addition to Fiserv targeting the security market with layered verification products.
"Part of what's driving this is the movement toward real-time or near-real-time ACH. If you are going to do that, the risks increase. So I think it's important to provide an extra level of control," Atkinson says.
Fundtech vp of development and operations James Hebert says that firm's OrigiNet and ACHplus products include what it calls secondary approval. "The trend for higher levels of security and risk mitigation is increasing," says Hebert, adding recent additions include payroll content validation and multiple risk exposure.
And ProfitStars, a unit of Jack Henry (JKHY), recently entered into a partnership with ACH Alert, a firm that sells ACH and wire risk management products. The partnership will sell two new products, ACH C.O.P.S. and ACH A.L.E.R.T. to financial institutions using ProfitStars' ACH Client and Enterprise Payments Solutions platform.
ACH C.O.P.S. provides fraud detection to outbound ACH credit and wire entries by requiring transaction level validation after transactions are received by the financial institution and prior to release to the payment network. In line with FFIEC's preference for layered authentication, ACH C.O.P.S. provides out-of-band authentication for ACH credit and wire transfers requiring customer approval of all suspect ACH and wire transactions prior to transmission, preventing money from going to an account that is not preapproved by the originator. ACH A.L.E.R.T. offers clients control over ACH debit approvals. Financial institutions can allow customers to determine their own debit notification process, notification methods and contact information, as well as automate the return and re-credit process.
"The reputational and financial risk associated with corporate account takeover and unauthorized debit activity is significant for financial institutions," say Bill Phillips, EPS group president at ProfitStars. "Adding the ACH C.O.P.S. and ACH A.L.E.R.T risk management solutions to our offerings provides more sophisticated safeguarding against such threats for our clients. These products add to our layered security platform and allow the financial institution to deputize their customers to act as the front line of defense."
