Is Security the Price of Convenience in Supply Chain Payments?

As digital payment options diversify, it’s becoming more difficult for supply chain businesses to cover all the bases and provide secure and convenient facility for their customers.

Breaches of corporate payment data are on the rise. In 2018, a study from Ovum and ACI revealed that 1 in 5 organizations had experienced payments data theft in the previous year. In response, 70 percent of those affected are planning on increasing their investment in payments tech.

While upping investment will help, money alone doesn’t address the problem. Organizational change is needed if corporate treasuries are to keep up with the pace of digital transformation occurring in today’s payments market. B2C firms—e-commerce merchants, especially—are already in the groove, having felt the pressure from consumers the longest. Now, the same wave is sweeping through the B2B world and, while the security implications are significant, so, too, are the opportunities for those that are first to adapt.

The road to harnessing new payment systems that can both bolster security and create a better business is challenging operationally and strategically. For the firm in question, security may be the jumping off point, but a variety of other factors come into play very soon after.

Should our payments strategy focus on security alone? In a market changing as quickly as this, how can we be sure a strategy that works today will also work in the future? What payment types should we accept? Which digital platforms should we support? How can we secure them all, and how do we integrate them with our other systems for ordering, invoicing, fulfillment and so on?

In supply chain firms, whose businesses hinge on the smooth and timely flow of funds between buyer and supplier, the available options for payments are going through the roof. Digital payment solutions are rubbing shoulders with more conventional solutions such as SWIFT, Bacs and Faster Payments Service in the UK and SEPA in the EU, together with the various corporate purchasing card products from the major card schemes. On the one hand, more payments choice means greater facility for the business and its partners. On the other, it means more complexity in data security, integration and testing.

Historically, boosting security in the payments process has come at the price of end user convenience. The more safeguarding that’s required, the clunkier the system gets. It’s no surprise, therefore, to learn that 44 percent of organizations affected by payments data breaches still refuse to introduce fraud prevention solutions that add friction to the customer’s payment experience. Taking the hit on fraud, it seems, is still considered preferable to making life difficult for the customer.

This is not a choice that any firm should have to make.

A new breed of highly specialized cloud-based payments service providers are emerging to relieve the payments burden and give supply chain businesses access to a DevOps culture, without turning their own departments upside down. And let’s be clear: Only the DevOps approach of continuous development and delivery can keep a company at the bleeding edge of today’s market for payments.

Adjusting payments processes in line with regulations for corporate data protection (GDPR), payment services (PSD2) and PCI-DSS standards makes the job of compliance alone burdensome enough. Couple that with the integration, testing, certification and maintenance needed to enable a business to offer a range of different digital payment initiation and acceptance options, and a specialist starts to look less like a luxury and more like a pre-requisite for success.

And then there’s security. To the uninitiated, the range of security solutions designed to safeguard digital payments data is, at best, bewildering. Only a dedicated specialist can claim to maintain a working knowledge of point-to-point encryption, payment tokenization, API security, EMV chip, EMV 3-D Secure, code obfuscation and all the other tools and services available to protect payment credentials and data throughout the transaction flow.

Each business is different. The great joy of working digitally is that a cloud-based payments portal, managed and maintained by the partner, can be molded to suit the unique requirements of each organization and embedded seamlessly and imperceptibly into their website. From there, further development, testing and implementation can take place “live” in accordance with the DevOps model, enabling new services to be rolled out faster and more efficiently than ever before.

Finally, there are the costs. Ovum claims that more than 80 percent of organizations believe that enabling real-time digital payments will bring cost savings, while 77 percent believe that real-time will bring improvements in customer service. This suggests that only fears relating to security and complexity are holding the market back from fully embracing digital payments.

The combination of dedicated, specialist and cloud-based service provision, together with a collaborative DevOps approach to payments management has the power to allay these fears. In 2019, the supply chain firms with the vision to embrace this new model will not only present the most robust defense against security breaches, but will be the first in line to use payments to realize the flexibility and cost efficiencies that digital transformation has become synonymous with in other business functions.

Patrick Bermingham

Avatar photo

Patrick Bermingham

Patrick Bermingham is CEO at Adflex. He has over 20 years’ experience in the payments industry, overseeing the growth and development of Adflex as a premier B2B payments service provider. Prior to Adflex, Patrick was specialised in ERP system design and development primary targeting mail order and national distribution sectors.

patrick-bermingham has 1 posts and counting.See all posts by patrick-bermingham

Secure Coding Practices